Remote Support Security - How Bomgar Secures Support

Traditional Remote Access Technology Is Failing

In 2011, the Verizon Business RISK team found that 88% of the data breaches they investigated involved some type of remote control or remote access. These findings are corroborated by Trustwave’s SpiderLabs team. They found that over 60% of the approximately 100 data breaches they investigated in 2011 involved remote access. Bomgar addresses these remote support security threats with the four A’s: 

Architecture: Appliances Are More Secure than SaaS or Point-to-Point

Bomgar does not require changes to your firewall because both the customer and the support rep connect to the appliance through outbound connections. It logs and records every session, passing no data through a 3rd party.

All session data is guarded by SSL encryption. And Bomgar resides in your network, under the security measures you already have in place. After most support sessions Bomgar uninstalls, leaving no footprint on the remote desktop.

Authentication: Leverage Your Existing Directories

Security Providers Include LDAP, AD, RADIUS and Kerberos
Security Providers Include LDAP, AD, RADIUS and Kerberos

Most remote support solutions require you to create support rep accounts manually, with passwords that only apply to remote support.

If you’re lucky, these products let you create the accounts centrally, but for many legacy solutions, the password is set at the rep’s system.

Bomgar’s authentication model is different. We integrate with your existing directory services (LDAP, Kerberos, Smart Card, RADIUS) so that if you change a support rep’s account in Active Directory, it is automatically reflected in Bomgar. You’ve worked hard to make your general authentication structure secure. Bomgar lets you leverage it.

Access Controls: Define more than 50 Permissions

Group Policies and Policy Templates
Bomgar Group Policies and Policy Templates

Many remote support products are all or nothing. Your reps either have full access or they have no access. Bomgar offers more than 50 separate permissions, so that you can fine tune the level of access.

For instance, you can limit a rep’s access to view only and limit the rep’s file transfers to one single direction into one single directory. Want to ensure that your users and customers grant explicit permission with every session? With Bomgar, it’s easy. Want to give certain reps access to unattended servers? That’s easy too.

Even better, Bomgar lets you associate group policies in Bomgar with groups in your directory, so that if you move a rep from one group to another in LDAP, their permissions in Bomgar are automatically updated to reflect their new role.

Audit: Report in Detail on Every Session

Help Desk Reports

Bomgar does a lot to ensure that unauthorized access doesn’t happen, but what about when an authorized rep does something that is unauthorized?

Most remote support products don’t have a good way to log activity. You can have hundreds or thousands of remote access sessions with these legacy tools without knowing anything that happened.

Still others log the session on the rep’s computer, calling the log’s validity as an audit trail into question.

With Bomgar, all session activity is logged at the appliance. You know who connected to whom when along with what happened during the session.

If a file was transferred, you will know about it. If you like, you can even view a full video recording of the entire remote support session.

Product Features that Help Make Bomgar Secure