PolicyPak for Teamviewer

TeamViewer is a great application for sharing your desktop with remote users.  For that same reason, it makes your computer vulnerable to remote users as well.  It’s imperative that your application settings remain locked down as you, the administrator, configured them –  “or else.”

PolicyPak takes the uncertainty out of the equation when it comes to users modifying your application configuration settings.

PolicyPak delivers, enforces, remediates and locks down your users’ applications, so that they get the same experience, every time they launch it.

Ensure your TeamViewer settings are dictated and ensured using PolicyPak.  Get those settings out there using Group Policy, SCCM or your own management tool.  Check out this video to see how it’s done:

Our PolicyPak software snaps-in to the Group Policy Editor and gives you the same user interface of TeamViewer itself.  You can make sure that only Administrators have the ability to logon through TeamViewer by configuring the “Rules for connections to this computer.”
manage-teamviewer-using-group-policy-policypak-0
Like many applications, PolicyPak gives you the ability to disable particular settings within Shockwave, preventing your users from interfering with your configuration.
manage-teamviewer-using-group-policy-policypak-1
Another way to lock down your settings is through PolicyPak’s unique “ACL Lockdown”.  Here you can enforce the “Password Length” setting and then lock it down so that users can’t modify it, even if they attempt to do so through the registry.
manage-teamviewer-using-group-policy-policypak-2

With PolicyPak, you’re the one in control.

Besides, once you’re using PolicyPak to manage TeamViewer, you’ll also get to manage all your other enterprise desktop applications the same way: Flash, Java, Firefox, Lync and any custom applications you have. They’re 100% included – absolutely free.

It’s all included when you’re a PolicyPak Professional customer.

PolicyPak was designed by Group Policy MVP Jeremy Moskowitz – who “wrote the book” on Group Policy, runs GPanswers.com, and lives and breathes Group Policy and enterprise software deployments and desktop lockdown.

When you’re ready to get serious about managing TeamViewer, PolicyPak is ready for you.

Lockdown TeamViewer with Group Policy video transcript

Hi, this is Jeremy Moskowitz, Group Policy MVP and Founder of PolicyPak Software.  In this video, we’re going to learn how to manage and lockdown TeamViewer using PolicyPak.

I’ve already got TeamViewer installed on my computer, and I’m just a regular user here.  As you can see, I’m logged on as a guy called “eastsalesuser4.”  If we open up this application from the start menu and go to “Options” we see a number of settings here for us to configure.  I’ll go to “General” where there are some key settings that govern my proxy settings as well as whether my computer will accept local LAN connections.  “Security” has a setting that manages the length of passwords and whether remote users can logon with their Windows logon.  Finally, “Meetings” includes settings such as “Auto start screen sharing”  and “Auto record meeting.”

TeamViewer is a registry based application which means that registry savvy users can modify settings within the registry itself.  Here I’ve saved the location of the TeamViewer registry settings and I will modify the “AutoRecordPresentation” and as you can see I am able to do that just fine.

Let’s see how we can ensure compliance and perform desktop management of settings quickly using PolicyPak.  I’ll go ahead and switch over to my Management Station computer.

We’ll go ahead and right click over our “East Sales Users”, “Create a GPO” and we’re going to call it “Lockdown TeamViewer.”  So this GPO is now associated with the “East Sales Users.” I’ll right click over it.  I’ll click “Edit…” I’ll dive down under “User Configuration,” “PolicyPak/Applications/New/Application.” There it is, “PolicyPak for TeamViewer” along with other applications like “Java,” “Flash” “Firefox,” “Skype” and lots of other important desktop applications that your users utilize every day (and you want to make more secure).

Let’s start with General and I will use PolicyPak to ensure the proxy settings for this computer (which would normally have to be done on each computer, manually).  Then to make sure my end users don’t access these settings at all, I will right click on Proxy Settings and select “Disable corresponding control in target application.”

Next let’s go to “Security” and let’s configure “Password Strength” to “Very Secure (10 characters).”  Then to make sure that my user never compromise this setting I’ll right click on this setting and choose “Hide corresponding control in target application” which will hide this setting from my users completely.

Finally I’ll go to “Meeting” where I will make sure that “Auto Record Meeting” is always checked.  Now to really lock this application down I will use PolicyPak’s signature feature, ACL Lockdown, which will lock this setting within the registry itself and keep from directly modifying registry settings.

Now I will go back to my client machine, we’ll get a command prompt and run “gpupdate.”  Now you could envision the user logging on for the very first time, using a Terminal Services or Citrix machine, using a VDI session, changing job roles, or getting a new computer.   I just happen to be using gpupdate.  Yes, PolicyPak performs the magic. To get the magic delivered, you can use Group Policy, SCCM, LanDesk, KACE or your own systems management software.  Even if the user is offline, your settings are always preserved because PolicyPak is always working for you in the background, making the job of you the administrator, easier.

Now that that’s done, let’s go ahead and reopen the application.  Notice that I can’t click on Proxy Settings at all and on “Security” we can’t see the “Password Strength” setting at all now. But under the hidden setting, PolicyPak has quietly set “Password Strength” to “Very Secure (10 characters).”

Notice too that in “Meeting” my required setting for recording meetings has been delivered as well.

Now its not just enough that PolicyPak can deliver these settings. Remember: Standard users can work around your settings. So, with PolicyPak on the case, now let’s see what happens if our registry savvy user tries to modify the AutoRecordPresenation setting again in the registry.  As you can see, his attempt has been stopped by PolicyPak and ACL Lockdown

And we are done.  That is how incredibly easy it is for you to use PolicyPak to manage and lockdown TeamViewer as tons of other desktop applications.

If you’re looking for a trial of PolicyPak, just click on the “Webinar / Download” button on the right.

Thanks so much for watching, and get in touch with us if you’re looking to get started. Talk to you soon.