Educause Security Discussion mailing list archives

Re: Vendor remote control for printer support

From: "Sarazen, Daniel" <dsarazen () UMASSP EDU>
Date: Thu, 15 Mar 2012 16:46:01 -0400

I couldn't imagine allowing this.
Question : what does the vendor say the control is? Are they aware of the risks this can pose your institution? My 
guess is you're not the first one to be alarmed.

Good luck,

Dan

Sent from my Android phone using TouchDown (www.nitrodesk.com)

-----Original Message-----
From: Ken Connelly [Ken.Connelly () UNI EDU]
Received: Thursday, 15 Mar 2012, 4:42pm
To: SECURITY () LISTSERV EDUCAUSE EDU [SECURITY () LISTSERV EDUCAUSE EDU]
Subject: Re: [SECURITY] Vendor remote control for printer support

Absolutely not allowed.

- ken

Dean Williams wrote:

Is anyone allowing vendors to remote control your employees' computers
with products such as LogMeIn?

A company from whom we lease printers has been getting departmental
staff to let them control their computers with LogMeIn, for the
purposes of installing printer drivers and configuring campus
printers.  Giving strangers access to institutional computers that are
likely to contain sensitive information makes me a little nervous.

Whether it's a printer vendor or an employee who wants to do it,
though, the demand for remote control or remote desktop doesn't seem
to be diminishing.  Has anyone found a secure and practical balance
between the advantages of remote control, and the risks that come with
it?   Any specific product experience, good or bad?

(We use SimpleHelp for IT staff to share clients' screens, but I see
that as quite different from letting a vendor do so.)

Thanks for any insights you can share.

Best regards,
Dean


----------------------------
Dean Williams
Information Security Officer
Enterprise Technology Services
University of Vermont
Dean.Williams () uvm edu <mailto:Dean.Williams () uvm edu>
http://www.uvm.edu/it/


--
- Ken
=================================================================
Ken Connelly             Associate Director, Security and Systems
ITS Network Services                  University of Northern Iowa
email: Ken.Connelly () uni edu   p: (319) 273-5850 f: (319) 273-7373

Any request to divulge your UNI password via e-mail is fraudulent!

Current thread:

Vendor remote control for printer support Dean Williams (Mar 15)
- Re: Vendor remote control for printer support Ken Connelly (Mar 15)
- Re: Vendor remote control for printer support Manjak, Martin (Mar 15)
- <Possible follow-ups>
- Re: Vendor remote control for printer support Sarazen, Daniel (Mar 15)