PCAnywhere – More Like PCAnyone

As in, that could be anyone in your computer now.

The zingers are flying left and right, but in all seriousness, the threat is very real. It was recently announced that one of the leaders in Antivirus and security software, Symantec, was compromised back in 2006 resulting in the theft of their application source code. We’ve been hearing about countless corporate security breaches within the last year, but what makes this one different is the fact that Symantec owns PCAnywhere, one of the best-selling remote desktop applications on the planet. Symantec is now advising that users disable their software as soon as possible.

Instead, if you have it, just remove it. Now.

Information security is based on trust. When working with closed-source applications, that trust is only as good as the word of the party that certifies it. PCAnywhere, until now, has been more than certifiable based on the credibility of its owner. Symantec’s one of the largest security research firms in America – how could anybody doubt them? The minute there is a reasonable doubt associated with that credibility; however, the security of your information ceases to exist.

When working on critical high-availability secure servers, the only way to truly recover a trust relationship with a compromised system is to format it and import mission-critical data after it has passed security requirements. The same idea applies here. Symantec’s code has been out in the jungle of the web since 2006. I’m still studying to take my CISSP exam, but I’d say there’s a reasonable doubt.

Without a complete incident response, especially for a breach that occurred so long ago, it’s nearly impossible to tell what the complete ramifications of the theft of their codebase could be.

PCAnywhere has lost its trust and it shan’t be getting it back anytime soon. Information security experts are now recommending that users just plain get rid of it and so do we. As for Symantec as a whole, we’ll just have to see how this plays out. For now, though, feel free to let us know if you need help removing the software from your systems and finding a suitable replacement. VPN connections will always be a staple for secure connection methods and if your business incorporates on-premise or any type of decent networking equipment, you should be able to configure an alternate security method quickly and easily.

Hey, you guys use remote desktop software, too!

For those wondering, the system we use, Bomgar, is an in-house, closed-source system that incorporates FIPS-140 grade security standards. None of the connections we use for any client communications is at risk. In the event that our vendor is compromised, each of our clients will be notified immediately and all Bomgar software will be removed from client computer. Luckily, though, nobody’s really got their eye on us.