GoTo Customer Support Embark: GoTo Admin Training Embark: GoTo User Training Provide Feedback

Mitigating with Rescue

There are a few different ways you can mitigate this risk with Rescue.  

1. First off, you can block all other remote support tools with your firewall. Many malicious actors use free or very low-cost remote support tools for their scams, so this would already greatly minimize the risk of them being able to access your corporate device. This also encourages employees to follow company policies and go directly to your IT team when they need support.  

2. As mentioned previously, you can also block the logmein123.com website and restrict support to your self-hosted support page, with Company pin code validation.  

What if the malicious actor is using a Rescue Trial? 

3. Rescue has built-in functionality that flags when someone is using a trial account for remote support. You can train your employees to keep an eye out for this flag as part of your security awareness training.  

For even stricter controls, you can implement the following features. Note that these may not be available to all customers. Check with your CSM or with a support agent if you are interested in learning more. 

1. Restricted Access Package 

What is it? 

This feature restricts Rescue access to and from a specified range of IP addresses. Not only can this restrict the range of IP addresses a Rescue user can receive support from, it also restricts the range of IP addresses a Rescue user can provide to. 

How does it help? 

In the scenario from before, if the end user tried to start a Rescue session with the scammer, Rescue would block the session since the scammer’s IP address is not one of the approved addresses. Note that this is a stringent control as it would also block legitimate support from other vendors using Rescue. It also only works in internal IT support use cases.  

2. Enterprise Domain 

What is it? 

The enterprise domain is less limiting than the Restricted Access Package, but still a good way to ensure end users are only receiving support from legitimate providers. With the enterprise domain, admins and techs log in, and end user request support through a specific domain reserved for enterprise customers. This also only works in an internal IT setting because in order for it to work, you need to block the standard Rescue domain in your firewall.  

How does it help? 

To qualify for the enterprise domain, Rescue accounts need to meet certain criteria to verify that they are a legitimate enterprise. This means that while other vendors could still provide support to your end users via Rescue, they would only be vendors that Rescue has previously vetted. 

If you are interested in implementing either of these features, talk to your Customer Success Manager to learn more.