Remote Access Software Update

​

In response to the TeamViewer Incident this past June, ITS Security Services has analyzed university network traffic for common consumer remote access software. Unmanaged or unauthorized remote access software can pose a significant risk to university information systems, data, and user privacy. Without appropriate management and security, remote access software can bypass front-line security to enable unauthorized access to information systems, collect sensitive data, or spread malware within the university.

The university network now blocks over 100 unused remote access software tools. On Thursday, August 15th, three remaining remote access tools, Chrome Remote Desktop, GoTo Resolve (Assist), and LogMeIn, will be blocked by default on internal managed university networks.

• ITS Security Services has identified a small group of users that may be impacted by this change and is working with their IT Support team on the next steps.
• Most remote access software, including TeamViewer, will be permitted for personal devices authenticated to Untrusted (Level 1) and Low-Risk (Level 2) university networks.
• This change will not impact information systems with an approved IT Policy Exception for third-party remote access software.

ITS provides a range of secure and supported remote access services for connecting to university information systems. If there is a defined university business or research need to support a third-party remote access service, please work with your IT Support team to request an IT Policy Exception.

ITS Supported Remote Access Services

• RDP & SSH with GlobalProtect VPN and aligned security posture.
• Delinea Privileged Remote Access for RDP & SSH.
• BeyondTrust Remote Support for IT or Lab staff facilitating support.

 If there is an immediate business need for a third-party remote access tool following this change, please reach out to the ITS Security on-call phone at 402-875-0284. When requesting a temporary exception, please be prepared with the following information:

• A defined university business or research need for not using an ITS Supported method.
• A university endpoint meeting baseline security.
• A registered Static IP and Hostname for the university endpoint, provided by ITS.
• Approved support contract with an external entity, requiring the use of Chrome Remote Desktop, GoTo Resolve (Assist), or LogMeIn.

If you have any questions, please contact ITS Security at security@nebraska.edu. 

Please share this information with any supported users you believe will be impacted by this change.