How Bomgar Enables Secure Remote Support

In 2012, the Verizon Business RISK team found that 88% of the data breaches they investigated involved some type of remote control or remote access application. 

These findings are corroborated by Trustwave’s SpiderLabs team. They found that over 60% of the approximately 100 data breaches they investigated in 2012 involved remote access software. Bomgar addresses these remote support security threats with the four A's: 

Architecture, Authentication, Access Controls, and Audit.

Architecture: Segment Your Data and Environment

Bomgar is designed to make remote support secure. We provide each customer a segmented, single-tenant environment via a physical, virtual, or cloud appliance.

Bomgar works through firewall without VPN tunneling, so your perimeter security can remain intact. All session traffic is encrypted, and Bomgar logs and records each remote session for a detailed audit trail.

Authentication: Leverage Your Existing Directories

Security Providers Include LDAPS, AD, RADIUS and Kerberos

Most remote support solutions require you to create support rep accounts manually, with passwords that only apply to remote support.

If you’re lucky, these products let you create the accounts centrally, but for many legacy solutions, the password is set at the rep’s system.

Bomgar’s authentication model is different. We integrate with your existing directory services (LDAPS, Kerberos, Smart Card, RADIUS) so that if you change a support rep’s account in Active Directory, it is automatically reflected in Bomgar. You’ve worked hard to make your general authentication structure secure. Bomgar lets you leverage it.

Access Controls: Define more than 50 Permissions

Bomgar Group Policies and Policy Templates
Bomgar Group Policies and Policy Templates

Many remote support products are all or nothing. Your reps either have full access or they have no access. Bomgar offers more than 50 separate permissions, so that you can fine tune the level of access.

For instance, you can limit a rep’s access to view only and limit the rep’s file transfers to one single direction into one single directory. Want to ensure that your users and customers grant explicit permission with every session? With Bomgar, it’s easy. Want to give certain reps access to unattended servers? That’s easy too.

Even better, Bomgar lets you associate group policies in Bomgar with groups in your directory, so that if you move a rep from one group to another in LDAPS, their permissions in Bomgar are automatically updated to reflect their new role.

Audit: Report in Detail on Every Session

Bomgar does a lot to ensure that unauthorized access doesn’t happen, but what about when an authorized rep does something that is unauthorized?

Most remote support products don’t have a good way to log activity. You can have hundreds or thousands of remote access sessions with these legacy tools without knowing anything that happened.

Still others log the session on the rep’s computer, calling the log’s validity as an audit trail into question.

With Bomgar, all session activity is logged at the appliance. You know who connected to whom when along with what happened during the session.

If a file was transferred, you will know about it. If you like, you can even view a full video recording of the entire remote support session.