Is It Safe To Allow Remote Access?

I have been on many thousands of remote sessions over the last decade. For software support, remote desktop tools like TeamViewer are indespensible. But I also recognize the security risks customers accept when they allow vendors to access their systems remotely.

I have remoted into police department servers, but been denied access to shopping centers.

Do you consider it safe to allow attended remote access? Is there some qualification on whether you consider it safe? For example, I have been denied access specifically because the customer had customer billing information on the same network. While that presented a technical hurdle, I thought it was a responsible decision by the IT/network security team.

Some customers don't allow tools like TeamViewer but will provide VPN software and credentials. I think this is a good way to ensure you always know who could possibly remote into the network at any given time, but does not reduce the likelihood of infection or data exfiltration.

Login to read this IPVM discussion.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

**. ****** **'* *** * ***.

** *** ***** *** ***** ****** ****** *** ************ **** TeamViewer, *******, ***********, ***, ** ***** ********* ***** **** **** bothers *** ***** **** ***** *** ******* ************ *** ***** be ******** *********** **** *** ******* *** **** (***** ** a *** ****** ****** ** ****** ** ** ****)?

**** ******** **** ** **** **** * *** *** ****** about *** ** ****** "****" ****:

*****://****.***/******/*****-************/******/*******-***-*-*-******-******-*******-******-*******-****-*********-********

***** ****** ** ** * ****** ******* ********* ***** ***** have **** *** ****** ** ******** ******** ** ******* ******** or ******** *******/***** ******/******* **** *** ******* ***.

********** *** **** ****** ******* ***** **** **** **** ********** (google **).

******* ** *** **** ** *** ***** (**** **** ***** passwords *** ******** ****** ** ***** ******** ***********)

*** ******** ****** ** ********** * ******* *********** ** **** point. ******** *****-***** ***** *****'* ** ************ ********* *** ******* can ** ***********, *** ************ **** *** ***********. **'* *** policy **** *** *********** ** ***** ***** ******** ** *** worth *** **** ** *** ******* *** *** **********. *** I **** ***'* **** ** **** ** **** **** *** fallout *** *******. **'* ********* ************** ** *** ** ** the **** *** ****** ******* ** * *******, *** ** removes *** ***** ***** ****** ****. ** *****'* ********* *** risk ** ******, *** **** * ***** ******** * **** bit ** **.

**** * ******** ***********, * ****** *** *** **** ****** for ****** ******. *** *** ***** *** ***** **** ** LogMeIn **** * *** *** **** *** ******* ** ** added ***** ** ********.

** ***** ** ** *********, ******, *** *** ****** **** require **** *** ******* ***** ******** *** *** ***** **** access ** **** ** ******* ******* *** ***.

*** *** *** ***** *** **** ******* *** *** *** natural ****?

* *** ********* **** *** ****** **************. *** *** ****** layer, * *** ****** *************. ** ** **** **** ********* than *** *** ****** **** ** *** ******** ** *** Central ******* **** * **** ** ******** *** ** ***** the **** ** ** ********* ******** *******.

***** **** *'** ***** ** *********. ***** **** * **** option *** * ********** ****** ************* ***********. ***** ******* ** interesting - $***/**** *** ********* "** ****** *********" *** ********* technicians ***. *** *** ******* ***** ** ****** ** ***** SOS ******* ***** ** $***/**** *** ****. *** ** (* think) **** ***** **** ** ****** ****** **** ** *** for **********.

*'* ****** *********** ** ***** * **** *** $**/** *** Splashtop ********. * ********* **** **** ***** *********, ******** *******. I ***'* **** **** **** *** **-****** ********. * ** not ******* ****** ******* ***** *** ****** * ****'* ******. If * ** ****** ** **** ** ** ******** ******, I **** ******* ********* ****.

********* ** ****** ** ** *** *** ****/**/********** ************ *** deployment.

**** ** ******, * **** **** ** ******* ******* ***** where *** **** **** *** ***** ** ***** ******* ******* of *** ******** *** ** ******* ********. **** ** **** on ** *** *** **** **** * ******* ** *** FBI ** ******* ****** (*******?) ** *** ******** *** ****.

* *** **** ** * ******* ** *** ** *** worlds ******* ******** ***** ****** * *******, *** ********** ****** to ***** ** ***** ** * *.*** *****. **, **** login *** **** * ****. *** ********** *** ******** *** entire ******** **** ****** ***** *** ***** **** *** **** again. ** * ****, * ********* *****/****. **** ****** ** got **.

****** *******, ***** **** ***** *** ********* *****! *** **** people ******** **** ***** *********.

*****'* ***'* *** ***'*. *** *** ***'* *** ***** ** a ****** *** ***/** *** (******) **********.

******* **** ***'** ***** ***** **** * **** ******** ***** as ***'* **** *****

****** ****** ** **** * ********* **** ** *****'* ********** driven *****. * *** ****** ************ ******* ***** ***** ******* issue, **** ***, **** ********** ** *******, **'* ******* **** the ******** *******. ** *** ** "**** ****** ******" * don't **** ** **** ***** ******. ** **** ** *** plug **** ***** *** ** *** ****, *** *** *** someone ** ***** ** *** *** ******* **.

**** *** *** ** ****** ****** ************ ** ********* *****, what **** ** ********** ********* ** ****** ** *** *** user *** *** ** *** ********** **** ** *** ******** site **** ** ******** ** **** ****? **** *********, **** are *** ********** ** ****** *** ******** ** ***-**** (******/***********) that *** *** *********? ****'* ***** ****** ******** (*** ********** created ****) * **** ** ************ (******** *******), **** ********** under *** ***** (******** ******** ******* ******* ***) *** ***** federal/state ***********?

**** * ******** ******** ***, **** ******** ******, ****, *** access ** *** ******** *** ***** ** *** ******/*******, ** I ****** **** **** **** ****** *******. **** *** *** be *** **** ** *** *** ********* * ****** *********** or ****** ********* ** * **** ******* ** ***. **** a *****/*** (********** *******) ***** ********, ** ** ******** **** authorization **** **** ******* **** ** ********** ** **** **** decision (******** *******, ****** ******). ****, *** ******** **** *** have ***** **** ** ****** *** *** ******** (** *** member ** **** ************ ******* ******* ******** ******?).

* ** ******* ** ***** ******* ***** ***********/********* *** ** policy ** ********* ********* ***** ************.