Parallels Access Security Concerns

Discussion in 'Installation and Configuration' started by KevinW3, Oct 26, 2015.

  1. KevinW3

    KevinW3 Bit poster

    Messages:
    8
    I wanted to express some security concerns I have using Parallels Access, in the hope that they will be addressed in future releases.

    1. Screen is still visible after a session timeout.
    Using Internet Explorer 11 to access a remote machine, if I leave my desk and return, when the session has timed out, I can still see everything that was visible on the screen of the remote computer without having to log in again. As long as one doesn't click "retry" or click on the screen at all, anyone could read a full email, document, or whatever was on the screen. I find this to be a security flaw. It would be great if when the overlays that shows the fact that the time out is displayed, it could completely obscure the image of what was on the remote computer.

    2. Reauthentication to access.parallels.com not required.
    In Internet Explorer 11, I already have Internet Options... General... Browsing history... Delete on Exit selected. Now, there seems to be a problem with Internet Explorer such that:
    A. If I manually close all Internet Explorer windows before shutting down my computer, the next day when I turn on my computer, I am required to log in to access.parallels.com to gain access to my account.
    B. However, if I choose to Shut Down Windows 7 without manually closing every Internet Explorer window, then the Delete on Exit functionality doesn't work. When I go to access.parallels.com after booting my computer the next morning, I am not required to log in.
    Now, this inconsistency with Internet Explorer is not Parallels' problem. However, I feel like the cookie that (or whatever mechanism) maintains the session with access.parallels.com should expire based on time passing, so that my access.parallels.com account cannot be accessed without login credentials.

    It would be great if you could address these concerns to provide greater security to those using Parallels Access using web browsers.
    Thanks, Kevin
     
  2. ManojK@Parallels

    ManojK@Parallels Parallels Support

    Messages:
    367
    Please email us at cs(at)parallels(.)com, so we can check it for you.
     

Share This Page