Any IT professionals weigh in on whether Teamviewer is safe to use in an office deployment or not?

Forums › IT Pro and developers › Any IT professionals weigh in on whether Teamviewer is safe to use in an office deployment or not?

Hatch

816 posts

Ultimate Geek
+1 received by user: 57

#198890 27-Jul-2016 11:06

I use Teamviewer (TV) at my office to manage and control family PCs and my personal homeserver. I'm not an IT professional just a hack.

At my work, a couple days ago our email went down. This happens probably every 2 months. Sometimes we fail to receive/send emails overnight or for the duration of a full work day we can't send or received email. Internet was still working so the server was still issuing IP addresses etc etc.

I should preface this by saying I don't think our IT guy is very on to it, he's a friend of the business owner.

The IT guy, logged into our server remotely and said there were no problems with the server, but there appeared problems with the network which he couldn't fix or diagnose.

Last night he did a server restore from a backup taken the night before the email problem. As a result we lost 24 hours of emails.

Apparently blame is being directed towards my Teamviewer app. I was told that my PC was open to the world prior to the email outage.

Office PCs don't have any direct access to the server. There is a data storage of office files that are locally networked, but not the actually server files (or email files).

I'm fine to not have teamviewer access from my PC if it is an at risk app. I can just do anything from my phone or start bringing in my own laptop to work.

I've advocated that we get independent professional support for over a year, so I am very biased but I just think that this Teamviewer exploit thing is full of BS.

Your thoughts and experience?

1 | 2

4015 posts

Uber Geek
+1 received by user: 1851

ID Verified

Trusted

Lifetime subscriber

#1599426 27-Jul-2016 11:14

Wow. You are absolutely right... the company needs a new IT Guy. (Disclaimer - I am one) Frequent email outages plus ditching 24 hours email history would make any of our clients throw their toys out of the cot, and rightly so. The email sending issue should have been easily resolvable for anyone with reasonable business email troubleshooting experience.

Personally I think TeamViewer is not ideal, however there are no security flaws that I am aware of other than it being an easy target for someone to TRY and gain access to. The most common issues are computer passwords being re-used... for example LinkedIn was hacked and passwords were swiped. There are criminal gangs trying the linkedin logins on all sorts of web sites to take advantage of our human nature reusing passwords on different web sites.

Good luck.

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams

Dynamic

4015 posts

Uber Geek
+1 received by user: 1851

ID Verified

Trusted

Lifetime subscriber

#1599428 27-Jul-2016 11:18

Turn on 2FA for Teamviewer. Immediately.

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams

Lias

5655 posts

Uber Geek
+1 received by user: 3978

ID Verified

Trusted

Lifetime subscriber

#1599479 27-Jul-2016 13:06

Teamviewer is not inherently insecure, but you should be using a strong password and 2FA.

I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup. Opinions are my own and not the views of my employer.

kama

30 posts

Geek
+1 received by user: 1

#1599480 27-Jul-2016 13:07

Just last month some did not have full confidence in Teamviewer.

https://yro.slashdot.org/story/16/06/04/1325221/teamviewer-denies-being-hacked-blames-users-introduces-new-security-measures

https://news.slashdot.org/story/16/06/01/2130259/teamviewer-servers-go-down-users-believe-they-are-hacked

ajobbins

5053 posts

Uber Geek
+1 received by user: 1279

Trusted

#1599501 27-Jul-2016 13:54

Team Viewer aside - the email problems you describe should just not be acceptable when there are many good, cheap, secure, reliable and easy(ish) to implement solutions that would solve your problems.

I can not think of any technical reason why Team Viewer would be able to have any effect on your email connectivity or deliverability outside of a) some seriously weird network or firewall configurations (or mis-configurations) or b) Unauthorised access into your internal network via an insecure Team Viewer instance that has compromised something.

If a) You need a new IT guy and fast (I'm going say you need this anyway on the basis of your email setup regardless of what is causing the problem)

If b) This is a bigger (security) issue and you need to fix it immediately and assess for any further impacts (what else have they managed to access in the mean time). If you are going to continue to use Team Viewer, your need at minimum a unique password and 2 factor auth turned off. This goes for anything these days really.

Twitter: ajobbins

networkn

Networkn
32862 posts

Uber Geek
+1 received by user: 15453

ID Verified

Trusted

Lifetime subscriber

#1599510 27-Jul-2016 14:11

I entirely agree with everything everyone else has said. In this forum alone I've read two entirely cringeworthy but eerily similar stories in the past 3 minutes.

You need to get someone CONSIDERABLY better. If I behaved this way with my clients, I would expect to be sued from existence posthaste.

In 20 years of providing support, I've never yet had to restore a system in a way that lost a days worth of emails.

Obviously, details are pretty scarce, but I'd be worried.

Mighty Ape

Shop now at Mighty Ape (affiliate link).

Lias

5655 posts

Uber Geek
+1 received by user: 3978

ID Verified

Trusted

Lifetime subscriber

#1599513 27-Jul-2016 14:14

And noone managed to produce any evidence of an actual Teamviewer hack or a 2FA failure, so I'm inclined to believe Teamviewer. Certainly my credentials wern't compromised and I wasn't even using 2FA (unique login email and password per site folks.. always...)

mattwnz

20515 posts

Uber Geek
+1 received by user: 4795

#1599523 27-Jul-2016 14:31

Aren't your emails backed up in the cloud or via another system in real time? If you are only doing daily backups, then you always have the risk of losing a days worth of emails.

tchart

2396 posts

Uber Geek
+1 received by user: 577

ID Verified

Trusted

#1599614 27-Jul-2016 16:26

kama: Just last month some did not have full confidence in Teamviewer. https://yro.slashdot.org/story/16/06/04/1325221/teamviewer-denies-being-hacked-blames-users-introduces-new-security-measures https://news.slashdot.org/story/16/06/01/2130259/teamviewer-servers-go-down-users-believe-they-are-hacked

Wasn't this proven to not be a problem with Teamviewer itself? That was the last I read of it.

clinty

1201 posts

Uber Geek
+1 received by user: 402

Lifetime subscriber

#1599646 27-Jul-2016 18:10

I use Team viewed on a professional IT basis, I don't have any concerns but have a very strong, unique password for each site, and two factor on my account

I agree with everyone else that you should secure your account with a strong password, and also agree that if i lost a days worth of emails I would probably be lynched by my clients.

It fsound like you may use exchange and it is hitting what is called the back pressure limit where the free space on your server falls below a predetermined amount. But hard to say without more details

Clint

clinty

1201 posts

Uber Geek
+1 received by user: 402

Lifetime subscriber

#1599647 27-Jul-2016 18:13

tchart:
kama: Just last month some did not have full confidence in Teamviewer. https://yro.slashdot.org/story/16/06/04/1325221/teamviewer-denies-being-hacked-blames-users-introduces-new-security-measures https://news.slashdot.org/story/16/06/01/2130259/teamviewer-servers-go-down-users-believe-they-are-hacked

Wasn't this proven to not be a problem with Teamviewer itself? That was the last I read of it.

Not proven, but I believe most think that it is more likely that weak and reused passwords were to blame rather than a total fail of teamviewer

HP

Shop now for HP laptops and other devices (affiliate link).

Hatch

816 posts

Ultimate Geek
+1 received by user: 57

#1599763 27-Jul-2016 22:12

Thanks for all the input, if I had any influence we would be using a professional, dedicated IT professional ages ago.

The office lost a day of productivity yesterday as not only were emails down, but for some reason our networked printers/scanner were also down. Internet was still up however. I can't recall if the network shared documents were accessible. Several staff went home as at a certain point no more work could be done.

We had an issue a few months ago when our emails went down again because our server spam folder was too full so the server stopped being able to receive emails (this is what we were told at the time).

I asked the IT guy last week when he came into the office after hours whether or not he was planning to upgrade our PCs to windows 10 before the 29th, he just said we would be sticking with Windows 7.

Again I am no IT expert, but I feel as if the office is seriously suffering from a lack of professional and timely support. I'd really like for an independent IT expert to come and do an IT audit, but don't see my boss is at all interested. I have more horror stories to tell regarding our server setup, but I'll just end this thread here as I don't think anything will ever change unfortunately.

blakamin

4431 posts

Uber Geek
+1 received by user: 1306
Inactive user

#1599781 27-Jul-2016 22:32

Sounds like my Mrs' workplace. Their outsourced "IT experts", who were a friend of the old boss, left a server with a root password that was basically "admin/admin" and they got crypto'd. So the guy was going to HN, or something of that equivalent, to get a new NAS to "solve the problem".

I didn't bother asking if he was buying a NAS or a WD MyBook.

I did LMFAO though.

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1599785 27-Jul-2016 22:43

TeamViewer is as good as it gets. There are suspicions that the whole TeamViewer hack a few months back were actually reused passwords on a lot of 160 million leaked LinkedIn passwords. If those users didn't reuse password or had 2FA enable then things would be a lot safer.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

dickytim

2514 posts

Uber Geek
+1 received by user: 537
Inactive user

#1599960 28-Jul-2016 06:57

clinty: I use Team viewed on a professional IT basis, I don't have any concerns but have a very strong, unique password for each site, and two factor on my account

I agree with everyone else that you should secure your account with a strong password, and also agree that if i lost a days worth of emails I would probably be lynched by my clients.

It fsound like you may use exchange and it is hitting what is called the back pressure limit where the free space on your server falls below a predetermined amount. But hard to say without more details

Clint

I also use Team Viewer in a professional environment and have never heard of or had any clients show concern over it, in fact a few of the tighter clients only allow connection via Team Viewer.

1 | 2