As remote working has become the new normal thing to do, remote desktop solutions are getting widely adopted around the world. However, it also means that the number of potential targets increase for hackers. So we decided to strengthen the security of the DWService client.
Previously, one only had to install the DWAgent on a machine to access it from any computer. The agent was running in the background, ready to listen for an event, ready to be triggered. This is perfectly fine when you try to access your own computer. You can instantly control it with a single click.
Unattended access settings
However, there are many use cases for DWService. One of them is customer support. And this means that there is actually someone sitting behind the remote desktop that you try to access. That person may be an employee of a company working on sensitive, private data. And of course, that person will not want someone to randomly access his or her computer at any time to run some maintenance scripts or proceed to some software updates.
In the latest version of the DWAgent, we have introduced a new optional feature called Unattended access. If you choose to allow unattended access, then nothing changes on both sides. However, When the setting is set to No, any incoming connection will trigger a pop-up message on the remote screen. The user will have to manually accept that connection.
An extra DWAgent password
In order to ensure an even more secured connection, we have added an option to set up a specific password to communicate with an agent. If that settings is on, anyone who wants to connect to a remote Mac or PC will need to know that password before accessing the remote desktop or the remote files for instance.
We believe this method can be very comforting for a company that works hand in hand with a support service provider. In theory, only a specific consultant in charge of providing support for that company will be able to access those remote machines.
Let’s add that this extra password is stored on the DWAgent side and NOT on our server. This means that even if your DWService account has been compromised, there is still an extra password to protect your machines.