IT Security & Network Security News & Reviews - eWeek



IT Security & Network Security News

How to Strategically Secure IT Remote Support


By: Nathan McNeill
2010-01-13
Article Rating:starstarstarstarstar / 4


There are  user comments on this IT Security & Network Security News & Reviews story.



  Table of Contents:
  1. How to Strategically Secure IT Remote Support
  2. Develop a Remote Control Strategy
  3. Review Third-Party Validations

Without a strategic vision for remote control security, organizations will continue to fall prey to hackers who take advantage of IT support departments' growing use of remote access tools. Here, Knowledge Center contributor Nathan McNeill outlines five ways to maintain security and corporate governance policies while relying on remote access technology to support off-site computing devices.

How to Strategically Secure IT Remote Support - Review Third-Party Validations
( Page 3 of 3 )

Consideration No. 3: Review third-party validations

While researching the security of a clientless remote support solution, you will also want to weigh third-party validation. Some providers have submitted their software to security-auditing organizations. Results of these assessments can usually be found on the provider's Website. If you cannot find a third-party security audit of the solution, ask the company to send you one. Due diligence regarding the security of your solution cannot be taken lightly.

Consideration No. 4: Ensure audit-ability

Be sure that every detail of every remote support session is automatically logged and recorded for compliance auditing purposes. Having a record of chat transcripts and file transfer details will simplify the audit procedure tremendously.

In addition, keep an ongoing record of all specific system and IP information, as this will indicate which device was accessed and when. Ideally, the remote control solution can also record videos of each session’s activity to give a visual representation of each transaction.

This level of visibility, combined with granular, centralized logs of all session details will create a strong measure of accountability for what happens during each and every session. This is especially important in the event of an allegation, given that the audit trail and session recording will decide the matter conclusively.

Consideration No. 5: Tier access privileges

When the number of technicians scales into the hundreds, keeping track of who has remote control privileges and who doesn't becomes difficult to manage. In addition, the combination of the relatively high turnover rate of support technicians, the security demands of particular customers and the growing list of regulatory requirements around sensitive data complicates the challenge of strategically securing remote support even further.

Giving every support technician the same log-in info and privileges is not the answer. Instead, tiering the access privileges will ensure that only the most qualified and trusted technicians can access the most confidential information, altogether reducing exposure to risk and keeping security under control.

Nathan McNeill co-founded Bomgar Corporation in 2003. Nathan leads technology and product strategy. He monitors market trends to align the company's solutions with critical needs, contributing regularly to Bomgar's blog on the issues. Nathan has spoken at industry events including SSPA 2007 and Demo Conference 2006. Nathan is ITIL v3 Foundation Certified. He may be reached at nmcneill@bomgar.com.








 
 
>>> More IT Security & Network Security News & Reviews Articles          >>> More By Nathan McNeill
 


FEATURED SPONSOR VIDEOS

Benefits of Workload Optimization

What Smart Companies MUST Learn from Gaming

Advances in Authentication

Vertical Markets Benefit from Workload Optimization

View More Videos

Brought to you by
Advertisement

FEATURED SPONSOR MESSAGE

Microsoft Sponsored Resource Center

Increase Your Microsoft Office 365 Knowledge! Dig inside this suite of cloud-based collaboration tools.

Watch the video >>

Brought to you by

Suggested Related Content:

Articles Labs/How-To Multimedia


Advertisement
Contact Us | About | Advertise | Site Map
eWEEK Quick LInks

Security:
Enterprise Networking
Network Security
Infrastructure Security
How To: Data
Security Watch Blog
Storage:
Data Storage
Cloud Storage
Storage Virtualization
Network Access Storage
How To: Storage
Storage Station Blog
Computing:
Apple OSX
Linux Systems
Windows 7
Managed Print Services
Computer Reviews
Microsoft Watch Blog
Google Watch Blog
Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Apps & Development:
Application Development
Enterprise Apps
Search Engines
Database Software
Web 2.0
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel and VARs
Careers Blog
More eWeek Links:
Green Computing Center
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Videos
Magazine Subscriptions
Enterprise Websites:
ZDE Home
eWeek
Baseline Magazine
Channel Insider
CIO Insight
eSeminars and Events
Web Buyers Guide
Developer Websites:
DevSource C# and .Net
Dev Shed
DeveloperShed
ASP Free
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware
Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
PDF Zone
Linux Watch
TechDirect
Windows Migration
Smarter Technology

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
ZDE Cluster 6
 
Close this advertisement