In 2011, the Verizon Business RISK team found that 88% of the data breaches they investigated involved some type of remote control or remote access. These findings are corroborated by Trustwave’s SpiderLabs team. They found that over 60% of the approximately 100 data breaches they investigated in 2011 involved remote access. Bomgar addresses these remote support security threats with the four A’s:
Bomgar does not require changes to your firewall because both the customer and the support rep connect to the appliance through outbound connections. It logs and records every session, passing no data through a 3rd party.
All session data is guarded by SSL encryption. And Bomgar resides in your network, under the security measures you already have in place. After most support sessions Bomgar uninstalls, leaving no footprint on the remote desktop.
Most remote support solutions require you to create support rep accounts manually, with passwords that only apply to remote support.
If you’re lucky, these products let you create the accounts centrally, but for many legacy solutions, the password is set at the rep’s system.
Bomgar’s authentication model is different. We integrate with your existing directory services (LDAP, Kerberos, Smart Card, RADIUS) so that if you change a support rep’s account in Active Directory, it is automatically reflected in Bomgar. You’ve worked hard to make your general authentication structure secure. Bomgar lets you leverage it.
Many remote support products are all or nothing. Your reps either have full access or they have no access. Bomgar offers more than 50 separate permissions, so that you can fine tune the level of access.
For instance, you can limit a rep’s access to view only and limit the rep’s file transfers to one single direction into one single directory. Want to ensure that your users and customers grant explicit permission with every session? With Bomgar, it’s easy. Want to give certain reps access to unattended servers? That’s easy too.
Even better, Bomgar lets you associate group policies in Bomgar with groups in your directory, so that if you move a rep from one group to another in LDAP, their permissions in Bomgar are automatically updated to reflect their new role.
Bomgar does a lot to ensure that unauthorized access doesn’t happen, but what about when an authorized rep does something that is unauthorized?
Most remote support products don’t have a good way to log activity. You can have hundreds or thousands of remote access sessions with these legacy tools without knowing anything that happened.
Still others log the session on the rep’s computer, calling the log’s validity as an audit trail into question.
With Bomgar, all session activity is logged at the appliance. You know who connected to whom when along with what happened during the session.
If a file was transferred, you will know about it. If you like, you can even view a full video recording of the entire remote support session.
Annotated video recordings of each remote support session give you a detailed, secure audit trail.
Vendors need a passport, not keys to the kingdom. Control vendor remote access to the corporate network.
Use your existing LDAP or Active Directory to create Bomgar users. Connect RADIUS for multi-factor authentication and Kerberos for single sign-on.
Pass local smart card or common access card (CAC) credentials to a remote computer, enabling elevated remote assistance.