Symptoms:
AimBetter tracks incidence of users accessing the database by means of a remote desktop connection, such as AnyDisk, RemotePC, TeamViewer etc.
Impact: Informational
Expected behavior :
There is no standard setting. Every instance of access via a remote desktop is reported, including the component, along with start and end time of the session.
Recommended action :
Access is a matter of security control and this alert serves to advise of these instances.
Background
Normal security access control may be compromised by external access via any remote desktop access program onto a terminal that has been logged in to the SQL Server. In this case, another computer has taken control of the original desktop which was logged in and authenticated, and thereby has the same level of access and control.
There may be instances where such external control is authorized and proper, and this alert does not distinguish between normal and unusual instances.
