SECURITY CONCERNS - DISABLE USERS SHARING OUTSIDE GROUP

Hi.  I have a corporate licence and have users established and using Teamviewer from home to their workstations at office.  I am concerned about the security risks, ie. how do I protect our system from users inviting other contacts outside our organisation to access and/or users making new contacts outside our organisation and sharing files etc.  Could you please direct me where to find security guidance to protect our access.  Also, if users have access to teamviewer on their workstation, how can I avoid them logging in as a different user and using a temporary ID/password.  Thanks in advance.

Comments

  • Esther
    Esther Posts: 4,051 Staff member 🤠

    Hi @TVKQ 

    Thanks for your post and your questions.

    Let me try to answer (I am adding links to some Knowledge Base articles, which will explain it in more detail): 


    @TVKQ wrote:

    how do I protect our system from users inviting other contacts outside our organisation to access and/or users making new contacts outside our organisation and sharing files etc.  




    For this, I recommend setting up a whitelist on the devices within your company for the company profile. With this only persons who are part of your company profile may access the workstations within your organization.

    On top of that, I would say that you should enforce the whitelist via a policy so that others can not change your setting.

    Regarding the file-sharing: *IF* an employee wants to harm your company and share your company files with someone outside your company, there is nothing you can really do about it. If someone really really wants to do that, he will find a way. Independently from Home Office or TeamViewer.

    Even if you disallow file sharing during TeamViewer sessions (which you can), people might steal them by sending those files via their email program to someone else. 

    Here is a quick guidance how to disable file transfer (settings for the remote devices): Go in your TeamViewer to Extras --> Options --> Advanced --> Advanced settings for connections to this computer --> Access Control --> Choose Custom settings --> Click Configure --> under file transfer choose Denied or enforce this vis your policies.

    access control details.png

     

    The following is not part of the Corporate license. You will need a Tensor license for that, but you can have a look at the Conditional Access and Auditability features as well. I am not trying to upsell you something, just sharing additional possibilities with you.


    @TVKQ wrote:

    Could you please direct me where to find security guidance to protect our access.  


    On top of what I mentioned above, you can have a look at our Trust Center and into the Security part of our Community. Here you will find some useful and helpful articles.


    @TVKQ wrote:

    Also, if users have access to teamviewer on their workstation, how can I avoid them logging in as a different user and using a temporary ID/password.  


    Unfortunately, I am 100% sure whether I understand this question. Would you mind explaining this to me?

    Thanks and I hope I was able to help you.

    Best,

    Esther

    Former Community Manager