Problem solve Get help with specific problems with your technologies, process and projects.

Is it safe to use remote access tools to grant system access?

In this SearchSecurity.com Q&A, security expert Joel Dubin discusses remote access tools and examines whether or not these products can have negative effects.

Will using a remote access control product have any effect on Windows file permissions or shares? Does remotely logging on to a server (via a remote access control tool) give users the same rights/permissions as having physical access to the server? Can files on that server be altered?
Remote access tools have no effect on Windows file permissions and shares. Users will have the same rights and permissions as if they were physically in front of the machine and, yes, files can be altered.

There are two types of tools for remote access -- software tools and hosted services. Software tools require the...

application to be installed on both the host and remote computers. These include Symantec Corp.'s pcAnywhere, the open-source RealVNC and Windows Remote Desktop.

Hosted services, on the other hand, are subscription-based. After registering the host computer, the user logs onto the service's Web site to access their host computer from any browser in any location. Since hosted services are Web-based, they don't require the installation of software on the remote computer. Hosted solutions include GoToMyPC and LogMeIn.

The whole point of these tools, whether they are software- or Web-based, is to provide complete system access from multiple locations. For security, hosted services use SSL, and software tools can use various authentication schemes to prevent unauthorized access.

Beyond that, the best advice is to use the same protection for your Windows files and shares as you would if you had physical access to the machine. Set rights and permissions locally on files to the levels you require, and permit access only to approved groups and individuals.

For more information:

  • Learn the best practices for securing remote access endpoints with this five-point strategy.
  • In this Q&A, find out how enterprise single sign can provide authentication for remote logons.
  • This was last published in July 2007

    Dig Deeper on Secure remote access