Over the last few years, I've read quite a bit about TeamViewer security concerns. I am now seeking professional and objective opinions about the security of the following scenario:
- License TeamViewer Corporate
- using a complex password and two-factor authentication
- Admin can give remote assistance using TeamViewer client (random password disabled)
- Admin account account assignment (easy access/unattended access) is enabled in the TeamViewer host module so the deployment is done with the API token for the admin account
In addition, there's a policy attached to the custom host module deployment that specifies the following things for every host:
- Automated installation of all new updates
- based on a whitelist that allows access only from the admin account
- In host modules, prevent the unassignment of the assigned admin account
- account
- account; enforce local admin password assignment
- Random password disabled on host modules, enforced
Does this setup look like it's secure enough to let those host modules run on computers so that the admin can take unattended access whenever needed? If not, please include reasons for it and/or tips and tricks to make it more secure.
Thank you!
