Sophos Blocks Unauthorized Remote Connection Tools

Remote connection tools like RealVNC and Radmin represent an end-run around corporate usage policies, Sophos contends.

Sophos added remote connection tools to its list of blocked devices on its Sophos Endpoint Security and Control, shutting a new window on threats, company officials said Sept. 25.

Remote connection tools like RealVNC and Radmin that allow employees to access remote-based PCs or laptops from any other computer via the Internet, though often unendorsed by IT management, are common tools used by staff and represent an end-run around corporate computer usage policies, Sophos contends.

For example, office-based staff can theoretically access home computers from work and visit any Web site banned by the company. Also, workers connecting to corporate PCs remotely, raise security concerns for IT departments, which cannot verify whether it is an employee who has connected to the network or if a hacker has taken over the machine and is trying to access confidential corporate data.

In an August poll by Sophos, 80 percent of the 200 systems administrators who responded indicated that they considered remote connection tools a threat to corporate security.


To read more about Sophos claims that it is gaining on its rivals, click here.

"The balance of the power has been in the hands of the user sitting in front of the keyboard, rather than the IT team trying to support and secure thousands of PCs inside their organization," said Graham Cluley, senior technology consultant for Sophos. "Although many companies would frown upon employees accessing their home PCs from the office they havent necessarily got the ability to police the policy,"

The update uses Sophos existing anti-malware infrastructure and administration console to choose which employees are authorized to run remote connection tools without having to roll out software across your network, Cluley said.

"Were not forcing any companies to prevent their staff from using remote connection tools," Cluley said. "Firms can choose which, if any, of their staff can use these tools as they see fit. Our existing NAC, anti-virus and firewall solutions can help reduce the security risks for those workers who are allowed to use remote connection tools."

Sophoss application control is fully integrated into Sophos Endpoint Security and Control, which gives companies the power to selectively block remote connection tools, games, VOIP (voice over IP), peer-to-peer, Instant Messaging and distributed computing applications.

"Were giving companies the ability to control what is and what isnt acceptable on their network," Cluley said.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.