How to Strategically Secure IT Remote Support
Without a strategic vision for remote control security, organizations will continue to fall prey to hackers who take advantage of IT support departments' growing use of remote access tools. Here, Knowledge Center contributor Nathan McNeill outlines five ways to maintain security and corporate governance policies while relying on remote access technology to support off-site computing devices.Worker mobility and technological complexity in today's enterprise are driving the increased demand for IT support departments. Even though IT has used remote control tools to troubleshoot PC issues for some time, there is a renewed interest in the technology to provide anytime, anywhere support to both disparate users and backend systems-regardless of firewalls. However, a significant concern has emerged around whether traditional remote access software (such as pcAnywhere and RDP) can be locked down to ensure optimal levels of security. Consider this: the Verizon Business RISK team issued a report in 2008 detailing its forensic investigation into over 500 actual data breaches between 2003 and 2007. A key area examined was the attack pathways hackers used to gain access to confidential data. The report discovered several areas of concern that IT security administrators typically expect to see (such as Website vulnerabilities and unsecured wireless hot spots).
And in 2009, the Verizon Business RISK team told a similar story with its updated report that examined 90 data breaches that occurred in 2008. The report found that in "approximately four of 10 hacking-related breaches, an attacker gained unauthorized access to the victim via one of the many types of remote access and management software."
Despite the IT security concerns surrounding remote access tools, today's technology users are quickly becoming less tolerant of the "you can't see my screen" tech support conundrum. As a result, it's not an option for IT departments to avoid using remote control technologies, as they seek to keep customers and employees as satisfied and productive as possible by providing 24/7 remote support. It's important to maintain security and corporate governance policies while relying on remote access technology to support off-site computing devices. To do this, here are five key considerations: