|
SCOPE AND AUDIENCE
This guide is for Citrix® GoToAssist® customers and other stakeholders that need to understand how GoToAssist impacts information security risk and compliance in their environment.
INTRODUCTION
GoToAssist is a hosted service that provides a way to deliver remote support to Windows-based computers. GoToAssist allows a user to request support from a support representative and then allows that representative to view and optionally control the end user’s PC remotely.
This document focuses on the information security features of GoToAssist. The reader is assumed to have a basic understanding of the product and it features. Additional materials on GoToAssist may be found online at http://www.gotoassist.com or by contacting a Citrix Online representative.
GOTOASSIST SERVICE DELIVERY ARCHITECTURE
The diagram below provides a schematic overview of all major GoToAssist service delivery components and communication paths.
DEFINITIONS
HELPALERT
Win32 executable that resides on the service representative’s computer and enables the representative to receive and reply to incoming customer queries.
CHATLINK
Endpoint application that facilitates text-based communication between a customer and a service representative.
BROWSER
Standard Internet Web browser, such as Firefox, Internet Explorer, etc.
REPLAY VIEWER
Endpoint application that allows company managers, team managers and representative managers to replay recorded GoToAssist sessions. Replay viewer can replay remote screen sharing, local screen sharing, chat and remote diagnostics.
PASSPHRASE CHANGER
Endpoint application that facilitates the changing of the passphrase used to protect cryptographically-enforced access to session recordings.
GOTOASSIST WEB SITE
Web application that provides access to the GoToAssist Web site and Web-based internal and external administration portals.
GOTOASSIST SERVICE BROKER
Web application that realizes GoToAssist account and service management, persistent storage and reporting functions.
MULTICAST COMMUNICATION SERVER
One of a fleet of globally distributed servers used to realize a variety of high-availability unicast and multicast communication services.
ENDPOINT GATEWAY
A special-purpose gateway used by various endpoint applications to securely access the GoToAssist Service Broker for a variety of purposes using remote procedure calls.
APPLICATION SECURITY
GoToAssist provides access to a variety of resources and services using a role-based access control system that is enforced by the various service delivery components.
AUTHENTICATION
GoToAssist administrators, managers and representatives are authenticated using an account name and a strong password. Passwords are governed by the following policies:
Strong passwords: A strong password is 8-32 characters in length and must contain at least three of the following four: upper-case alphabet [A-Z], lower-case alphabet [a-z], numbers [0-9], and special symbols [~`!@#$%^&*()_-+={}[]|\:;”’<>,.?/]. Strong passwords must not be the same as the login name or the actual first name or last name on the account. Passwords are checked for strength when initialized or changed.
Password expiration period: Expiration period of the password is configurable (min: 10 days, max: 120 days, default: 90 days). If the account holder logs in and the password has expired, the account holder is forced to change his or her password. Password history: A history of passwords is maintained. A password cannot be changed to a password that exists in the password history. Password history depth is configurable (min: 1, max: 5, default: 3).
Account lockout: After 3 consecutive failed login attempts, the account is put into a mandatory soft-lockout state. This means that the account holder will not be able to log in for a configurable amount of time (min: 5 minutes, max: 30 minutes, default: 5 minutes). After the lockout period expires, the account holder will be able to attempt to log in to his or her account again. Hard-lockout enforcement is an additional configurable option. After a configurable amount of failed login attempts, the account is put in the hard-lockout state. This means that the account holder cannot log in until his or her account password is reset by another privileged account holder. A hard lockout is enabled after a configurable number of attempts (min: 10, max: 50, default: 10).
PROTECTION OF CUSTOMER PC AND DATA
An essential part of GoToAssist’s security is its permission-based access control model for protecting access to the customer’s PC and the data contained therein.
First, all GoToAssist sessions must be initiated by the remote customer. GoToAssist is not designed for unattended support scenarios. Second, the customer is always prompted for permission before any screen sharing, remote control, or transfer of diagnostic data, files or other information is initiated.
|
