I thought nobody in the real world of enterprise IT was using Teamviewer and it was mostly for consumer use. Are you allowing its use and trusting its security on your Enterprise networks? I’m much happier just using RDP via our VPN. See a lot of historical hacks to teamviewer and general poor security, would you agree/
No-one should be using it to replace RDP. Two different use cases.
TeamViewer is continually popped by the Chinese and is a regular target of Chinese APT groups.
Depends on use case.
For end-user support, lots of companies use it.
For an actual RDP solution or remote access solution, nobody is using it for that outside of weird small mom and pop shops who don’t have the resources or knowledge to deploy an actual proper remote solution.
Just in case this post is not a troll for a TeamViewer equivalent (All of which every intelligence agency around the world is trying to exploit; non-state-actors will be happy to purchase exploits for…)
-
RDP is for machines you wish to interact with directly, and have a direct line of site to. (eg: your own user session; VPN)
-
TeamViewer can do that, but is usually used for client engagement without a direct line of site. (You share the user’s screen, and they happily live on any network I need know nothing about, including how to reach.)
With regard to security: How secure are your users regardless of TeamViewer? It’s not like Microsoft has the most wonderful security in the world. People do not want to pay more than a token amount for security. Team Viewer can be setup securely, with 2fa & such (As can the rest), but all attackable products are attackable, and will be attacked. ANY product that has a listing of users for interesting organizations will be attacked.
Their pricing alone is enough to run (if you have many concurrent users). But i do know of many big companies using them, and i have used it in the past too. And i liked it, simple for users. We never had any security incidients during that time. And in comparison with Kaseya and Ncentral the experience is night and day (in favour of Teamviewer). We used it only for end user remote (Quick) support. Rdp is not a good option for that.
Yes. TeamViewer is shit. Just use a VPN or ZTNA. TeamViewer is nothing but a security risk waiting to be exploited
Bonus story: Found out awhile back that one of the old admins here had setup TeamViewer for exclusive use on LAN because he couldn’t figure out proper RDP firewall rules. Still had a corporate license and email (and no MFA obviously) attached to it. In the event of an exploit it would’ve indirectly exposed one of our most privileged service accounts.
A lot of CPA clients use it as a quick means of providing accountants remote access into their environments. I don’t even like having the connecting agent on my network.
Case by case basis for remote users, only get a single use remote client.
Nope.
Once you’re compromised, you get a red flag. Once you’re compromised, delay announcing it, and then deny, you’re x’ed out completely
Same with anything under the Kaseya umbrella
Its like they never were told about terminal services or VPNs. TV in use all over the place on every device. No MFA/2FA. Bob the IT guy said to management that it is the safest way to get to 300+ desktops and certain remote or mobile staff Teamviewer back to their desktops in the office. Bob’s gone now.
EDIT I should add this is a company acquisition that happened with little planning. It sure looks nice to see all their devices in one place when it came to doing an inventory, but I had no seen it in use at a company that size before. Keen to get rid of it.
When was they last popped?
There is nothing wrong with their security, and if you only use it as Quick support there is nothing running after the session end.
We use it for end user remote support. We only need a couple agents so the pricing isn’t bad. Of course security is always a concern, but any remote access platform is going to be repeatedly targeted by threat actors. It is not installed on any infrastructure. I don’t think I could bring myself to trust it (or any remote access) solution for that.
The list of those without a red flag is dwindling quickly.
I would say for customer support teamviewer, and for internal need something like guacamole which only is accessible from vpn and additionall password…
If desktop is needed else ssh.
APT groups love teamveiwer in environments
https://www.mandiant.com/sites/default/files/2022-02/rt-apt41-dual-operation.pdf
https://cyware.com/research-and-analysis/apt10-a-chinese-threat-on-a-global-espionage-mission-56fe
Tons of exmaples.
Teamveiwer themselves were compromised in 2016, likely have been since as well.
Hard pass for me.
But you already have rdp access, albeit with vpn, that would be considered remote access?
General users have no VPN access, so no RDP to their machines