Menu
Desktop search engines threaten SSL VPN security

Desktop search engines threaten SSL VPN security

New PC indexing tools such as Google Desktop Search pose security risks to businesses that use SSL remote access because the tools copy material accessed during SSL sessions and make it available to unauthorised people who later use the same PC.

Caches created by PC search tools get around security many SSL vendors have put in place to purge cached data from remote machines as secure sessions shut down. These so-called cache-cleaning agents wipe out temporary files created during SSL sessions, but they don't wipe out the copies made by the search tools.

One touted benefit of SSL remote-access technology is that any machine with a Web browser can be used to access a corporate network securely. The downside is that the PCs might not be owned by the corporation, so any number of unauthorised users could have access to them.

Besides Google's product, such search engines are made by Blinkx, Copernic, Isys Search Software and X1. Yahoo and Microsoft are said to be on the verge of having them too.

SSL VPN vendor Aventail said its Secure Desktop, a virtual desktop for SSL sessions that was destroyed when the session closes, prevented files downloaded during the session from being viewed by Google Desktop Search.

Google Desktop Search made it easier to find data on PC hard drives and did not address these security concerns, a Google spokesperson said. Customers coulf manually turn off Desktop Search or put it on pause during SSL remote-access sessions to avoid having the sessions cached by the search engine, he said.


Follow Us

Join the newsletter!

Error: Please check your email address.
Show Comments