[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

AV risks from remote access

Posted on 2015-01-07
7
Medium Priority
?
285 Views
Last Modified: 2015-01-29
can anyone provide a realistic view on the risks to a corporate laptop computer when connecting to a remote access network/server via tools such as vmware view and/or citrix? we are coming from the angle the risk of the remote access network infecting our laptop with malware and vice/versa (our laptop infecting their network)? Unsure if the connection is locked down in such a way that transfer of viruses is practically non-existent.
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 98

Assisted Solution

by:John Hurst
John Hurst earned 668 total points
ID: 40535514
The company laptop should have top grade antivirus. In terms of the remote network infecting the corporate laptop, the risk is low if the user has good common sense. Users are not hapless victims of virus attacks.

If your computer is protected as above and the user has good common sense, the risk of transmitting a virus back is very low.

I am a business consultant with my own computer. It does not have any viruses, I do not pick up any viruses from any of my clients, and I do not transmit viruses back.
0
 
LVL 3

Author Comment

by:pma111
ID: 40535597
often these remote access services seem to prohibit any local drive mappings, so is it even practical for a malware to be transferred to the remote access server from the local laptop, and vice/versa?
0
 
LVL 98

Expert Comment

by:John Hurst
ID: 40535606
Mapping folders is a restriction and permission thing rather than virus related. If your user cannot map a drive and if your user is normally careful, there should not be any issues with viruses. As I note, I do this regularly and do not experience issues.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 56

Assisted Solution

by:McKnife
McKnife earned 668 total points
ID: 40535910
Vmware view and Citrix. So you have a connection established from your machine to a (virtualized) OS on a remote network.   To answer "what are the chances that I get infected" you would have to look at possible infection ways. Those are usually through code hosted on the remote machine but executed at your machine... - now how would that happen? Are you transferring code to your machine? If not, it is very unlikely to happen, with or without anti virus on your machine.
If you don't transfer files/code to execute on your machine, it could only happen in the rare case that the transmission protocol itself endangers your client, so if there's a security vulnerability in your citrix software's client component that would let your machine interpret datastreams in a malicious way. That's far from being realistic. So no, normally without data transfers, there's no danger.

The other way round, if you redirect your drives to the remote computer and willingly execute a virus on the remote system, of course you could be lucky and infect that machine, but that would be under your control.
0
 
LVL 10

Expert Comment

by:Korbus
ID: 40539723
Using remote control software is CERTAINLY more secure that using say... a VPN connection.  That being said, even if it were impossible for a virus to be transmitted across such a connection,  keyloggers and other forms of illicit monitoring software on your remote machines can still be potentially dangerous when using remote control software.
0
 
LVL 3

Author Comment

by:pma111
ID: 40539756
can you elaborate why?

>Using remote control software is CERTAINLY more secure that using say... a VPN connection.
0
 
LVL 10

Accepted Solution

by:
Korbus earned 664 total points
ID: 40540864
When you are using a VPN connection, you are, in effect, plugging the machine into your LAN.  This will allow it to bypass all external firewalls, and provides a potentially infected system with a FULLY open connection to your network.

With a remote control connection, you are NOT opening your network to that kind of attack.  Rather, the only link between your system and the network is the remote control connection.  The various types of communication over a remote control connection are FAR more limited, than over a VPN, in particular because communication is ONLY listened to by the remote control server.  More simply, a remote control server is just NOT going to respond to requests that say ... a windows file server would.  It is these types of networking requests, that allows data/files to be written to your network, (which remote control does not do) are the usual vector for computer virus transmission.

Of course, if your remote control software has file transfer capabilities enabled, you will be loosing much of the protection mentioned above.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question