Today´s IT departments continue to be asked to do more with less, and to act more quickly and with greater impact on business success. Often this means supporting a growing number of users, many working remotely, who are using increasingly complex hardware and software. Remote control software, which allows a help-desk technician to assume control of a user´s PC or an unattended server over a network, has proven to be a cost-effective way of providing support.
Even so, some organizations worry that remote control software could expose their data to unauthorized use. This article looks at the continuing importance of remote control software in today´s computing environment, as well as some of the security requirements this software must address in order to overcome concerns about its deployment.
How formidable are the challenges facing today´s help desks and call centers? Consider: these groups must support a growing number of users across multiple remote locations (in many cases, involving multiple organizations and/or customers), which typically employ varied security policies, heterogeneous software and device platforms, no consistency or standardization across locations/environments, and varying degrees of access to the network. All of these complex environments and infrastructures impose new barriers to connectivity.
To continue to play an integral part in any IT infrastructure, a remote control solution must provide secure connectivity consistently across all of these environments. By addressing security requirements in the areas of authentication, authorization and access control, perimeter and data-transfer security, and administration, a remote control solution can provide IT departments with a secure and cost-effective help-desk tool. With such a solution, organizations have a powerful tool for helping to keep their environments up and running, no matter what. Key considerations include:
Authentication. While no authentication technique is foolproof, requiring the use of passwords or other form of authentication before a remote session commences discourages unauthorized access. When evaluating a remote control solution, make sure it supports authentication methods that your organization is already using. Support of multiple, standard authentication methods allows IT staff to leverage existing user/password lists. RSA SecurID is a popular two-factor authentication process that presents the legitimate user with a security code that changes every 60 seconds. RSA SecurID support is of particular interest to the federal government and the financial services industry.
Authorization and access control. Remote control software should be able to limit access to computers within a specific subnet or to specific TCP/IP addresses. Another effective way to block unauthorized access is by embedding a “serialization” code into the host and remote portions of the remote control product. A host that has been serialized will accept connections only from a remote computer with the same serialization number. If the serialization number does not exist, the connection cannot be established. In support situations, the host user should be able to confirm or deny access. Callback capabilities, in which the host disconnects the call and then calls the remote back at a specified number, also help prevent unauthorized access.
Perimeter and data-transfer security. Remote control software should support Virtual Private Network (VPN) technology to permit secure Internet connections through a firewall as well as over a corporate intranet. Securing the data stream in transit is just as important as preventing unauthorized access. The software should support encryption services and public key encryption to prevent eavesdroppers from intercepting data during transmission.