Consumers look at remote access as a convenient way to share screens with one another or access their desktop PCs from the road. Remote access technology is getting faster, it's generally easy, and it's usually fairly cheap. But one thing it's not is secure.
IT professionals look at remote access primarily from a help desk perspective, which is why it's included in some help desk platforms, like Zendesk Support . Screen sharing is one of the most cost-effective ways for help desk operators and IT pros to quickly experience a user problem and solve it, without ever leaving their desks. While that sounds great, most IT administrators probably haven't thought about the fact that these one-on-one screen sharing sessions are also a huge security problem. In fact, exploits using the Windows Remote Desktop are a popular way for hackers to compromise systems while leaving few traces. Your best move in regards to the built-in remote desktop feature in Windows is to turn it off and leave it that way.
But if you do that, then you also make it hard for your support team to take a look at problems your users might be having and fix them without requiring that they go visit the user at their location. The obvious answer is to use a remote access solution that emphasizes security.
Securing Remote Access
Many dedicated remote access products will provide additional security mechanisms as will some of the remote access-capable help desk solutions. But some of those products have downsides. Many require a remote access client on the user's machine, and this requires that they install some software before you can deliver the support they need. This also means that the remote access client is probably going to remain on their computer after you're done, which means you've left behind a vulnerability that could later be exploited.
A better solution is to use a cloud-based remote support solution that's designed for the enterprise, is easy for your support technicians to use, and places enough emphasis on security to satisfy modern IT standards. While you might expect that to be a standard feature of any competitive help desk application these days, you'd be wrong. It's actually rare enough that some vendors, like the folks at remote desktop software provider ISL Online, are using it as a competitive differentiator.
Luke Walling, North American General Manager of ISL Online, said the company worked hard to build a competitive help desk solution. "Our product sets up the connection quickly and easily," he said. But security was of equal importance to ISL's overal product design. For ISL, Walling said, "security is built in, not bolted on."
Walling said that ISL Online remote access is available as a Software-as-a-Service (SaaS) product as well as through managed service providers (MSPs) and on-premises. This cloud-based or server-based remote access supports levels of security beyond what's available with the consumer-level products by encrypted streams with RSA-2048 and 4096 public key exchange. These capabilities represent an enterprise-grade remote access service, which provides security protections that consumer-grade products simply can't.11% of Security Pros Said Strengthening Remote Access Is Most Pressing Task
"Remote access gives the IT support teams the speed and efficiency of resolving issues remotely," explained Giridhara Raam, Product Evangelist for Zoho Corporation's ManageEngine, in an email. "With their ability to take care of the attended and unattended computers, remote access tools are improving response time and productivity."
Zoho has two remote access products for the enterprise, Zoho Assist and Remote Access Plus, which is part of ManageEngine. "Remote access for the IT support team is a collaborative approach towards a productive workforce," Giridhara said. He added that a critical difference is the level of security that an IT-focused product can provide.
"[Some] remote access software does come [with] security measures to keep the data transmission and network communication safe," Giridhara said. "Users should evaluate the offerings, and understand the extent of security that's being offered by different vendors. [They should understand the different] security features, like multifactor authentication, action log viewers, firewall configurations to enable friendly exchange between the server and the clients without altering the ports or proxy configurations, Secure Socket Layer (SSL), Advanced Encryption Standard (AES), inactive timeout for sessions, compatibility with antivirus solutions, data anonymization, and content-based access and session confirmation."
All of these are available in remote access and help desk solutions, though typically, few vendors offer all of them at once, and none of them enable all of these protections by default. Giridhara said that, by choosing the features the IT staff needs, an organization can select and customize a true enterprise-grade remote access solution. "IT support professionals are given the ability to resolve issues with both attended and unattended computers from a single console, irrespective of the physical location of those computers," he said, "thus their efficiency and productivity will increase enormously. With remote support tools, 90 percent of the IT issues can be resolved efficiently. But when this tool is chosen after proper evaluation based on the network demand, the resolution rate could be closer to 99 percent."
Enterprise-Grade Only Comes With Added Effort
Giridhara noted that, once buyers start looking, they'll find a large number of enterprise-oriented remote access solutions available. The first step, he noted, must be to narrow all of those options down to a short list of tools that meet an organization's specific needs. "With the number of options available in the market, IT professionals can identify the right tool by looking into the security, management, usability, and integrations being offered in the software," he said.
But Giridhara maintained that protective capabilities need to be given top-tier attention. "With evolving cyberthreats, security should be the prime concern followed by others and finally pricing," he said.
Considering the potential for misuse in remote access products, paying attention to security must be as important a part of implementing these solutions as integrating them into your help desk workflow. You are, after all, inviting someone into your computers and giving them the same privileges an admin would have, all while operating remotely. The level of risk associated with such an operation is always significant and therefore needs to be handled by the best access security you can provide. But the tool also needs to remain an effective way of finding and fixing a wide variety of problems, and its security protections can't get in the way of that.
Keeping these solutions effective while protecting your environment from a fast-changing IT threat landscape is like walking a tightrope. It's not a setup-and-forget proposition but one that will require regular testing. As new protections need to be implemented to defend against new threats, the system will need to be regularly tested and retested from a problem-solving perspective, too. It's a lot of effort, but then again, it's also both a critical IT function and a primary security target for hackers, so that effort is certainly justified.