Security Flaw? Can't disable multiple accounts on a single machine.

Follow

Simon Ashby

December 11, 2022 00:15

OK - this is what I would like to / need to do:

Log in a machine at the workplace to our company "Teams" account. Once logged into our company "team", be able to disable any sharing or logging in to any account that is not in our team.

 

The reason for this is that the remote clients that are used to access our machines are required to have endpoint protection, that disables USB mass storage etc. However, we have no way of enforcing this policy, if people can keep randomly adding their own individual jump desktop accounts, as well as our team account, or even simply sharing the share link.

 

Is there a way to do this that I have missed, or is this a security hole that we can't get fix?  

0

• Official comment

  

  Jump Desktop Support December 11, 2022 00:22 (Edited December 11, 2022 00:22)

  Hello,

  Yes, you can do this by applying ‘Connect Settings’ to your Team’s computers: https://support.jumpdesktop.com/hc/en-us/articles/360052860631-Manage-Connect-Settings.

  Specifically - there are two connect settings that need to be turned off:

  1. ‘Add remote access users’ - this prevents local users from adding users (this is OFF by default)

  2. ‘Screen sharing’ <- prevents screen sharing urls from being used (ON by default).

  Once you apply these to all the computers in your team, it will prevent local users from adding users to the computer and disable the screen sharing feature.

  Comment actions Permalink
• 

  Simon Ashby December 11, 2022 00:59

  PERFECT !!!

  This is exactly what I needed.

  THANK YOU!!!

  0

  Comment actions Permalink

Please sign in to leave a comment.