Question

Locked

You stance on third party assistance/support tools?

By elliot.johnson ·
Tags: Security
Hi,

We have a company network spanning just over 40 sites and 5 countries.

We have two web gateways and perimeter firewalls (with two content filters) for the whole IT estate. We generally lock down all inbound and outbound ports unless there is a business need for their use.
Similarly, with web sites, we block access to any web categories which might present a threat to the company network.

I would class 95% of our user base as non-IT orientated - they wouldn't know what "Operating System" they we were running, if asked (or indeed how to find out).

Quite frequently, we get asked to allow access to TeamViewer and the many other similar services. The reason is usually to allow a third-party to assist one of our users with third-party software.

This is something which we (as technical personnel) hate doing, due to the security implications.

We have had instances of people (of dubious intent) calling our branches, stating that "your IT department has asked me to update some software on your computer, please go to X and I will connect.".
No matter how much you try and educate your users, most of the time, they will just trust in what they are hearing, and allow these strangers to connect to the machines.

The problem is, if we outright block all third-party remote access/assistance, then management will just overide our policy, stating "we need it do business".

I am interested to hear what your security stance is when it comes to allowing your users to grant access to third-parties via such mediums.

I would also love to hear your pros and cons for allowing or disallowing such access. Or, even, if you have found alternative solutions; such as only allowing third-parties in via pre-arranged VPN services.

Thank you very much for your time.

Best Regards,

EJ

This conversation is currently closed to new comments.

1 total post (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Remote Assistance

by lenaweber02 In reply to You stance on third party ...

More and more tech companies have moved to remote control apps like Baumgartner. And after having done some tech support myself, I can see why. It's quicker to "press" the buttons yourself than guide someone without seeing what is on their screen.

Any company using such applications should ask the user if they can remote in. I do not support the kind where a client is loaded on your computer and they just take over. Any reasonable tech support line will have an application that works session by session. And reputable support apps like Baumgartner are limited as to what ports they can use and what can be transferred over the open link. They should not be installing software from a remote platform or copying files. These apps should only be used for seeing the desktop and controlling the mouse and keyboard. I do not consider TeamViewer a remote help desk app. It's a distributed team share app.

So I would not accept any tech support where a client has to be pre-loaded and always installed on your computers. I would only accept tech support from the reputable vendor you used or from a reputable 3rd party help desk contractor who services your whole company.

As for your social engineering callers, you need to have some serious annual security training. Include posters for your branches of common opening lines that they should just hang up on. Make sure everyone in the company does this training every year. You can build it yourself, or purchase an online course. At one of my employers, you didn't get your review (and thus raise or bonus) unless you had completed this training by the deadline. It was a good incentive.

Back to Security Forum
1 total post (Page 1 of 1)  

Related Discussions

Related Forums