Solved

How to secure remote desktop from screen capture or other data retrieval

Posted on 2008-10-20
7
1,516 Views
Last Modified: 2013-11-21
I'm wondering if it's possible to secure a terminal server to keep the connected user from being able to take screenshots or use other methods of visually recording or printing data.  We are trying to keep strict control of the content viewed in a particular application and are researching different methods of securing that information.

One thought was to find a way to force the remote desktop connection to stay in full screen and disable any clipboard transfer and devices.  Is this possible with Windows Server 2003 or 2008?
0
Comment
Question by:techoutfit
  • 3
  • 2
7 Comments
 
LVL 6

Accepted Solution

by:
dacselat earned 125 total points
Comment Utility
At the client: You can create this register key:

HKLM\SOFTWARE\Microsoft\Terminal Server Client\DisableClipboardRedirection = 1
(Type: REG_DWORD)

It disable the clipboard copy between client and server.

0
 

Author Comment

by:techoutfit
Comment Utility
I've noticed that you can disable this on the server side too.  That helps some but it seems just as easy for someone to restore the window (so it's not fullscreen anymore) and take a screen capture that way.  Any way we can avoid this?
0
 
LVL 6

Expert Comment

by:Gunter17
Comment Utility
Do you have control of the remote workstations? Are they casual workstations running just this app when necessary, or dedicated PCs?
0
Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

 

Author Comment

by:techoutfit
Comment Utility
We are a third party providing the server, not necessarily the workstations.  We could provide/require third-party software to connect to our server if it would accomplish our goal.
0
 
LVL 6

Assisted Solution

by:Gunter17
Gunter17 earned 125 total points
Comment Utility
This is interesting..

http://www.msterminalservices.org/articles/Customizing-Microsoft-RDP-Client-Part1.html

Maybe roll-out a customized RDP client with the top bar disabled?

I cant think of a way to allow only connections by your customized client though..
0
 

Author Comment

by:techoutfit
Comment Utility
Go ahead and split the points.  What it came down to is it needed to be approached from a policy standpoint, not a technical standpoint.  Since we cannot control the physical aspects of end users, it would be an unwinnable battle to try to block every method of copying data.  No matter what we do, a user could (at worst) take a picture of the screen with a camera.  

Thanks for all of the feedback.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now