News | Insights

Security for Remote IT: How to Protect Against Phishing and Scamming

Chris Handley.

Chris Handley

July 23, 2020

insights-conference

In this COVID-19 world we’re in, unfortunately, there are scammers out there who will use remote tools maliciously. As IT departments transition to becoming virtual helpdesks, some of the biggest challenges they face is around security.

Rescue offers multiple layers of security that have become more important in today's unique world as companies look to close out any potential opportunities for scammers to take malicious action against their end-users.

Here are some important ways in which Rescue users are protecting their business and their end-users from malicious activity.

Branding that End Users Can Trust

Trust is an important aspect of security, which is why Rescue is designed so that you can make the product your own.

Instead of sending end users to an obscure page that may seem sketchy, adding your branding with your logo adds an extra layer of trust, so people know they’re in the right place to get help. To that end, you have full control over the applet. You can customize the name and add your logo to the one-time executable that’s downloaded after the employee enters the PIN code, so they can be confident they are getting support from the right people. End users see your branding and know that’s where they’re supposed to be.

Self-hosted PIN Page

If you don’t want to direct your employees or customers to the LogMeIn123 webpage, you have the option to embed that form on your website, with the ability to customize it with your company name and branding. Again, users know they’re in the right place.

Example of a public-facing, self-hosted PIN page.

Example of a public-facing, self-hosted PIN page.

 

On top of that, you can add a couple of extra security layers:

1. Company PIN Code Validation

This means only PINs generated from your own Rescue account will be accepted. If someone malicious tries to trick your employee or customer into a support session on your webpage, their PIN code won’t work.

You can take that one step further and lock your PIN codes to only being accepted on one site. If a user accidentally goes to the Logmein123 URL or another site, your PIN code won’t work. Users will be redirected to the correct page for valid support.

2. Domain Validation

This feature prevents HTML scraping. Let’s say a scammer wanted to try steal the HTML on your custom PIN page to set up a “dummy” page. With Domain Validation, the PIN entry/channel form HTML snippet will be validated against the domain(s) entered within the Admin Center. The company PIN codes and/or channel entry form will not be accepted or function on that malicious actor’s page. This provides a layer of protection against phishing attempts that try and obtain information about your users without interacting with them directly.

IP Restrictions

When your technicians are remote, as many are right now, you want to ensure they’re adhering to company policies and accessing your tools where they should be accessing them, whether that’s on your VPN or from other company-designated equipment.

Example of an IP Restriction error message.

 

Example of an IP Restriction error message.

 

As an admin, you can set IP Restrictions for your technicians so that they can only log into the technician console from within your network or from an approved list of IP ranges. If they try to log in from a different device or network, they’ll be locked out.

Restricted Access Package

This feature has been coming up more frequently in my customer conversations recently. The Restricted Access Package takes IP Restrictions a step further to restrict access to only users in your company.

If you provide Rescue with a list of your IP ranges, Rescue will check the IP when the session starts, and if the PIN code entered didn’t come from within the IP range in your Rescue account, the session will not start. Employees won’t be able to receive support from any other Rescue account than your own.

Example of a Restricted Access message when the user’s IP is outside the specified range.

Example of a Restricted Access message when the user’s IP is outside the specified range.

 

That, I would say, is the most restrictive layer, but, in the kind of world we're in, it is an important layer that a lot of companies are turning to in these unique times.

Thriving in a remote world requires taking a good hard look at your systems and processes. To help navigate the new normal, check out our step-by-step video series and resources on how to set up your remote internal IT help desk, which cover all the bases, including security.

At LogMeIn, we take security very seriously. For more information, check out our stance on security and privacy in this new era, more ways Rescue has you covered, and our Enterprise Security overview.

Billets recommandés

Jugez-en par vous-même dès aujourd'hui

Découvrez une assistance à distance rapide, sécurisée et de qualité professionnelle, partout et tout le temps.

Demander une démo