-1

My company has been applying really strict information security policies with firewalls and good quality network equipment this is to prevent from someone to connect to the company network.

Many of you know that Team Viewer is blocked for obvious security reasons as well as other remote desktop protocols.

Recently I installed Google Chrome Remote Desktop on a company PC and I can access it from an outside connection.

But the question is, why is this not detected?

I know this maybe because it's not really using a protocol maybe just using a web protocol.

limeeattack
  • 62
  • 5
NathanWay
  • 559
  • 7
  • 14
  • 1
    We cannot tell you why your team is not detecting it. If, instead, you are asking ***how*** to detect it, it's just a google search away: https://support.google.com/chrome/a/answer/2799701?hl=en and https://community.sophos.com/products/unified-threat-management/f/network-protection-firewall-nat-qos-ips/77959/how-to-block-google-chrome-remote-desktop and https://support.google.com/chrome/answer/1649523?hl=en&co=GENIE.Platform=Desktop – schroeder Dec 19 '19 at 13:02

1 Answers1

1

Short answer: because the security team is not aware of it.

Long answer: Security is hard and securing accesses has to be constantly improved to fix new features. In the beginning of security times, firewalls only blocked unwanted protocols and unwanted addresses. Then came the time when most remote access tools just used HTTP/HTTPS in order not to be filtered by firewalls. Security teams and firewall vendors then managed to identify them and forbid them again.

But each and every new tool has now to be identified and dedicated rules have to be added to the firewall configuration. What you describe is a hint that the dedicated rules for Google Chrome Remote Desktop are still not implemented in your corporate firewall.

You now have 2 options:

  • report the fact to the security team, so that they can soon close what they will see as a security breach
  • use it until someone else notice it

The choice depends on you position and job in the organization. The more concerned by security, the more you should use option 1. Only if using a remote desktop protocol highly helps you for your tasks and you are not on an exposed job, the second choice should be considered.

Remember: as an intelligent human being you are allowed to think that your organization security rules are stupid too high and advocate on this to your manager, but as en employee you are nevertheless supposed to observe them.

Serge Ballesta
  • 25,636
  • 4
  • 42
  • 84