Solved

How to secure remote desktop from screen capture or other data retrieval

Posted on 2008-10-20
7
1,738 Views
Last Modified: 2013-11-21
I'm wondering if it's possible to secure a terminal server to keep the connected user from being able to take screenshots or use other methods of visually recording or printing data.  We are trying to keep strict control of the content viewed in a particular application and are researching different methods of securing that information.

One thought was to find a way to force the remote desktop connection to stay in full screen and disable any clipboard transfer and devices.  Is this possible with Windows Server 2003 or 2008?
0
Comment
Question by:techoutfit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 6

Accepted Solution

by:
dacselat earned 125 total points
ID: 22764238
At the client: You can create this register key:

HKLM\SOFTWARE\Microsoft\Terminal Server Client\DisableClipboardRedirection = 1
(Type: REG_DWORD)

It disable the clipboard copy between client and server.

0
 

Author Comment

by:techoutfit
ID: 22764252
I've noticed that you can disable this on the server side too.  That helps some but it seems just as easy for someone to restore the window (so it's not fullscreen anymore) and take a screen capture that way.  Any way we can avoid this?
0
 
LVL 6

Expert Comment

by:Gunter17
ID: 22764312
Do you have control of the remote workstations? Are they casual workstations running just this app when necessary, or dedicated PCs?
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:techoutfit
ID: 22764320
We are a third party providing the server, not necessarily the workstations.  We could provide/require third-party software to connect to our server if it would accomplish our goal.
0
 
LVL 6

Assisted Solution

by:Gunter17
Gunter17 earned 125 total points
ID: 22764353
This is interesting..

http://www.msterminalservices.org/articles/Customizing-Microsoft-RDP-Client-Part1.html

Maybe roll-out a customized RDP client with the top bar disabled?

I cant think of a way to allow only connections by your customized client though..
0
 

Author Comment

by:techoutfit
ID: 22970704
Go ahead and split the points.  What it came down to is it needed to be approached from a policy standpoint, not a technical standpoint.  Since we cannot control the physical aspects of end users, it would be an unwinnable battle to try to block every method of copying data.  No matter what we do, a user could (at worst) take a picture of the screen with a camera.  

Thanks for all of the feedback.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The question has been asked on multiple occasions as to how best to do printing in a remote desktop or terminal services environment.   It seems that this particular question has plagued several people and most especially as Terminal Services, as…
Know what services you can and cannot, should and should not combine on your server.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question