Recommended remote access for single person to access his office computer occasionally?

[Sky-Knight]

The problem with any remote access scenario is the risks for the small business are actually higher than a larger one.

Fewer financial resources, work flows concentrated on fewer machines and into fewer people means heavier impacts of single points of failure.

Then there's the fact that any business owner is at a higher risk of identify theft due to the public nature of their legal personas and the last nail in the proverbial coffin is struck.

Splashtop is inexpensive and ticks all these boxes.
GotomyPC is substantially more expensive and ticks all these boxes.

I've used both, I tend to lean toward the latter because the product while costly has built in support I don't have to mess with.

 

[britechguy]

The problem with any remote access scenario is the risks for the small business are actually higher than a larger one.

Again, we are going to have to agree to disagree.

There is just no juice from the squeeze for nefarious actors from the vast majority of small businesses.

Most attacks are to get something of value, and there's just too little of value in most really small business scenarios. There are many juicier pieces of fruit to squeeze. I certainly don't, and won't ever, believe that anyone wants to target me and my one-man business like they would something like Anthem, Equifax, or any one of a number of the companies one can rattle off that have been the victims of high-profile breaches over the last several decades.

The days of amateur hackers doing this stuff "just for kicks" are pretty much gone. And a target needs to have real value and most small businesses don't.

 

[Diggs]

Social engineering is the issue with SOHO and that is a matter of education not apps and hardware. Hardware/network attacks are very rare and I don't personally know of any.

 

[britechguy]

Social engineering is the issue with SOHO and that is a matter of education not apps and hardware. Hardware/network attacks are very rare and I don't personally know of any.

It's the primary issue everywhere. There are blessed few compromises that occur these days without someone doing something that invites them in. And those that do act in that way are not targeted at SOHO.

I've grown tired of the idea that technology is or should be the primary defense mechanism. As all it takes is one stupid action on the human end of the equation to allow virtually all of that to be "jumped over."

And the less we make people think about the fact that they need to think before acting, the more we encourage panic reactions to social engineering ploys that have been around since dirt to have their desired effect.

 

[nlinecomputers]

Most attacks are to get something of value, and there's just too little of value in most really small business scenarios. There are many juicier pieces of fruit to squeeze. I certainly don't, and won't ever, believe that anyone wants to target me and my one-man business like they would something like Anthem, Equifax, or any one of a number of the companies one can rattle off that have been the victims of high-profile breaches over the last several decades

Plenty of small business deal in millions of dollars in cash and capital. A used car dealer is a small business. A payroll company is a small business. A locally owned pharmacy. An independent insurance agent. A down hole service and supply company. These are all examples of my clients. They all employe less than 10 people and all have bank accounts with 6 or 7 figure numbers.

 

[nlinecomputers]

Social engineering is the issue with SOHO and that is a matter of education not apps and hardware. Hardware/network attacks are very rare and I don't personally know of any.

Most of my clients firewalls are frequently port scanned.

 

[Sky-Knight]

Yep, the assaults are all automated, as is much of the extraction. Since far too many subscribe to @britechguy's way of thinking, SMBs are left catastrophically exposed and as such are among the most at risk of fraud. And... often lack the insurance to properly address it when it happens.

So the attack hits, and that customer is no more. That's literally 50% of the people I've worked for over the last 10 years. I'm done with bankruptcies and lost dreams. @britechguy OK Boomer... please continue telling us about your anti-vax ways. Attack vectors do not always require user mistakes or interaction. Though yes, there are MORE attack vectors there, and a little training does indeed go a very long way. But it alone, just isn't enough.

 

[britechguy]

Most of my clients firewalls are frequently port scanned.

And that's where the technological deterrents come into play, among others.

There are plenty of points along the cyber trail where technological armoring is absolutely, positively necessary. Things would be much worse if it weren't, and that's mainly because no human can keep up with those sorts of techniques, but other dedicated hardware and software can.

 

[britechguy]

That's literally 50% of the people I've worked for over the last 10 years.

Well, it certainly isn't occurring at anything near that percentage in my experience. So yours, of course, must win.

 

[britechguy]

Plenty of small business deal in millions of dollars in cash and capital. A used car dealer is a small business. A payroll company is a small business. A locally owned pharmacy. An independent insurance agent. A down hole service and supply company. These are all examples of my clients.

And do any of these seem, based upon the information available in the initial request an subsequent follow-up from the OP, appear to be the situation here?

I don't think so, and I've never thought so.

Context, context, context! And if information emerges to change it, then so should the answers provided.

 

[Markverhyden]

Don't know about others here but I don't have a single customer serving anything out of any office they have. Anything they have is via a third party. Port scanning customer offices won't get any risks, but it'll keep on happening. Now trying to ID the router to see if there's some exploit is a different matter.

That being said almost every legitimate hacking call from a customer that I've received has been some kind of spear fishing event. Only one got hit hard. A small 2 person design outfit lost $25k. Apparently someone somehow got their hands on a check payment that had been mailed to a vendor. The thieves altered the check and cashed it. They do think that their insurance will cover it.

 

[britechguy]

Apparently someone somehow got their hands on a check payment that had been mailed to a vendor. The thieves altered the check and cashed it.

And, again, we're right back to an incident that computer technology of the sort we're discussing here would have never been able to stop.

And somewhere along the line, unless the folks who altered that check were willing to face prosecution for tampering with the US mail (and they might have been), it's almost certain that check was handed to them by someone.

Unless it was at gunpoint, the way out of this is still education. You really can fix ignorance. Sadly, the most frequent fix comes in this, "once burned, twice shy," form. It need not, though.

 

[Sky-Knight]

Yeah, but again remote access tech to the owner's primary workstation amplifies all of that. That machine often has Quickbooks or something similar if not on it, then saved logins in the browser to get at them. Not to mention email, and phone access. So anyone that has remote control of the machine can do all of the things they could do if they're sitting in front of it. Which is plenty to own the show, and take whatever they want.

The problem? Well... now the list of people that could potentially do this is the global internet population, as opposed to those that have physical access to the machine. The odds of breach don't actually change, but because the population has amplified the risk has as well. These attacks are being perpetuated by people with our skill sets that live in places like India, and Eastern Africa. They pile up into apartments and spend all day every day figuring out how to steal whatever they can. They aren't successful often, but when they are they take everything. They're also well versed in extradition law so they frankly avoid prosecution. India's government helps us when things get really big, like the call centers that were pretending to be the IRS, but the little places fly under the radar all day every day. And they make good livings doing it!

They run every scam you can imagine, along with bots that brute force access into everything you can imagine. Focused efforts begin automatically when a certain amount of information is obtained. Remote access tech is directly targeted, because it's a low hanging fruit.

My clients use my RMM's remote access tools to access their machines in some cases. I mandate 2FA on the system. Even with the 2FA, I'm processing hundreds of invalid logins an hour! And that's after geoip and reputation based blocking happening on my firewall. The only thing that's really slowing them down is the relatively slow connection between that authentication server and the world. Swap over to something that has real connectivity, like GOTOMYPC, or Splashtop and things get out of hand VERY quickly.

 

[nlinecomputers]

And do any of these seem, based upon the information available in the initial request an subsequent follow-up from the OP, appear to be the situation here?

I don't think so, and I've never thought so.

Context, context, context! And if information emerges to change it, then so should the answers provided.

We have zero information on that. In my experience most people who have the luxury of working from home but MUST remote into a work computer are accessing a network. I'm a one man band and all my stuff lives in the cloud. I don't need to access my work PC. Most small business owners have assets in 6 or 7 figures. Even an employee of a small business is a valuable target simply because they have access to internal resources like company directories.

 

[britechguy]

We have zero information on that.

Precisely, so I'm going to go with the most limited scope unless it's expanded. I'm not going to jump to any of the businesses you mentioned based on available information. I know plenty of one or two person businesses where, when a "lightbulb idea" hits at home, is felt to need immediate attention "at work." The concept of making notes and dealing with the actualities at work just don't occur. And, these days, we've encouraged people to believe that "all access, all the time" should be the norm. In actuality, it shouldn't.

I've known a few people who wanted remote access who could, when questioned about why and what the risks are, changed their minds.

The title of this topic suggests to me a one man show. If the machine to be remotely accessed were centrally managed, he would not be seeking assistance from a private tech, but going through his company's IT department.

 

[nlinecomputers]

The title of this topic suggests to me a one man show.

Only to you. Every person that has ever requested remote access is doing so to a network at work. One man bands have laptops and take it home. Everything they need is on that device.

 

[britechguy]

Only to you.

OK. But that makes clear why my response is what it is. I have never had someone come to me when a network (unless it was another "home grade" one) was on the other end.

If anyone tells me they're trying to remote in to a computer that they don't own and control, then the response is: Consult with the owner and/or their IT folks. They set the rules. And most have policies and procedures in place if it's a common need.

 

[nlinecomputers]

If anyone tells me they're trying to remote in to a computer that they don't own and control, then the response is: Consult with the owner and/or their IT folks. They set the rules. And most have policies and procedures in place if it's a common need.

Usually, until covid made it a semi norm, it’s the owner of the business making the request. See @Sky-Knight comments about QB. Usually they are wanting to access that. Of course so are the bad guys.

 

[Sky-Knight]

Here is a report of the last 7 days worth of login failures for just one mailbox in a 365 tenant I control.

You'll notice the typical smattering of foreign logins, but also a collection from Bulverde, TX.

Why do I point out the TX items specifically? Well, because this mailbox belongs to a small seamstress, who lives outside San Antonio. These are logins using a VPN to attempt to look legit. The passwords on these logins MATCHED. The only reason they failed? MFA...

But she's too small to be a target right? A single woman operation, she does clothing alterations and teaches kids how to sew. She's mostly a cash business, and yet... they're still trying... all day... every day. This is a very short list, only the last 7 days. But I can see at least this number of attempts for any given 7 days. And you know what's worse? There are documented ways to hit M365 in such a way that it doesn't even bother to LOG THE ATTEMPTS! So this isn't even the full picture!

Before this client found me, she was up to her eyeballs in this nightmare. Visiting the bank to contest fraud at least once a quarter, resetting passwords every week, and documenting things in a little book she carried around. I got her on phone signin on just this one mailbox and POOF, like magic... everything stopped.

But, there are some people around here that seem to think email "just isn't important." Yeah well... it is. This woman is only one of many, and if anyone has experience other than this I submit they are the ones that live the charmed existence. Because any business that has any sort of online presence at all deals with this reality from day 1.

Her business isn't even worth 100k a year! She pays me $200 / month to keep an eye on things... and just doing that I've done what Life Lock failed to do... stopped the bleeding.

I can duplicate this reality on every signin I have access to where I can read the logs, doesn't matter if it's email, my rmm, anything... if it's on the Internet to be used these rules apply. The only way someone thinks the above isn't universally true, are those that have glued themselves to garbage services that hide reality from them. Google and Microsoft's free services both have similar reports available. One just has to go look.

P.S. The image is only the interactive login attempts... the non-interactive attempts list is a spreadsheet worth of insanity... not easily pasted anywhere.

 

[frase]

OP

Is there a reasonably priced solution for a single user and access to a single PC?

yes though many variables lol....