Sophos helps organizations block unauthorized remote connection tools

September 25, 2007 Sophos Press Release

IT security and control firm Sophos has announced that the application control feature of Sophos Endpoint Security and Control has been extended to give businesses the option to block remote connection tools, that enable employees to access remote-based PCs or laptops from any other computer via the internet.

Remote connection tools represent a loophole in many businesses' computer usage policies. Enabling office-based staff to remotely access home computers while at work, allows them to visit any website - including those that are banned by the company. Similarly, connecting to work PCs from remote locations raises security concerns for IT departments, which cannot verify whether it is an employee who has connected to the network or if a hacker has taken over the machine and is trying to access confidential corporate data.

They also present a security risk as they allow the easy transfer of data or files between corporate and non-corporate computers and provide a backdoor for hackers to gain access to company resources. In a recent Sophos poll, 80 percent of systems administrators indicated that they considered remote connection tools a threat to corporate security. With some users installing pirated software or games on home PCs, administrators need to avoid unwanted applications finding their way onto the business network.

Survey results

Do you think that workers remotely connecting to their home PCs from the office pose a security risk?

Yes
80%
No
20%

Sophos online survey, 200 respondents, August 2007.

"While remote connection tools can certainly make life easier for those employees who need to work from the office, from home and whilst on the road, their use can be a security nightmare for systems administrators," said John Stringer, product manager at Sophos. "If home PCs aren't properly protected, they can help malware and hackers break into the corporate network. We're also seeing more and more firms banning productivity-sapping sites like Facebook and eBay, but the use of these tools means that staff can easily circumnavigate corporate rules. With Sophos's latest application control features, employees no longer call the tune, and systems administrators can recapture control of the corporate network."

Sophos's application control functionality has proven very popular since its launch in September 2006, and is regularly updated in order to meet concerns resulting from uncontrolled and unauthorised use of applications in the enterprise. It is fully integrated into Sophos Endpoint Security and Control, requiring no further rollout of new software. It now gives companies the power to selectively block remote connection tools, games, VoIP, peer-to-peer (P2P), Instant Messaging (IM) and distributed computing applications. It is available free-of-charge to all customers.