Symantec issues new pcAnywhere security guide following flaw resolution

Organizations that have applied the latest patches should follow more stringent security best practices to guard against external attacks.

Symantec  is urging businesses that use its pcAnywhere software to gauge their risk tolerance before deciding whether to disable, uninstall or deploy additional security controls to mitigate external threats  to the remote access technology.

When using secure VPN tunnels, it is recommended that Client Management Suite and IT Management Suite customers modify policies relying on pcAnywhere Access Server.

Symantec

In a revised pcAnywhere security guide (.pdf), the security giant outlines best practices that enterprises can take, from upgrading to the latest version of pcAnywhere, to blocking the default ports on corporate networks and turning off the roaming feature on endpoint machines.

“Symantec is not recommending any one specific action will provide a solution for an environment but rather applying a combination of pcAnywhere security best practices along with … general security best practices,” the company said in its revised technical document.

Symantec issued the latest updates to pcAnywhere last week following a recommendation to disable the software until known security vulnerabilities were addressed. Symantec fears a 2006 breach of its network exposed the pcAnywhere source code and could have given attackers the ability to conduct man-in-the-middle attacks and penetrate corporate networks. The source code surfaced earlier this month in an Internet forum by a hacking group in India along with the source code of outdated Norton Antivirus Corporate Edition, Norton Internet Security and SystemWorks. The company says the2006-era software poses no risk to current Norton customers.

Take action quickly, Symantec says
In its technical guide, Symantec is urging users to take action quickly on all devices that contain pcAnywhere. Disconnected users should disable the pcAnywhere service or connect their systems to the network to apply the required changes, Symantec said.

The company is still urging users of its pcAnywhere Access Server to stop using it and instead host remote sessions via secure VPN tunnels. “When using secure VPN tunnels, it is recommended that Client Management Suite and IT Management Suite customers modify policies relying on pcAnywhere Access Server,” Symantec said.

In addition to listing general best practices like using antivirus, firewalls , email and Web gateways and intrusion detection systems, Symantec is urging its Alteris customers to review pcAnywhere log reports within the Symantec Management Console. The company is also recommending administrators limit access to pcAnywhere configuration files to protect against an attacker gaining access to configuration settings.

The company also listed a number of “how to” documents to help administrators apply configuration changes, uninstall the software or disable it.

Dig deeper on Identity Theft and Data Security Breaches

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close