Enhancing data security: Exploring permissions and controls in remote support software

Brian Thompson.

Brian Thompson

August 31, 2023

In the intricate dance of remote IT support, there's a fine line between ensuring seamless accessibility and maintaining iron-clad security. As IT professionals, we're constantly juggling the need for tools that empower us to address issues promptly while also ensuring that sensitive data remains under lock and key. This is where the nuanced world of permissions and controls in remote support software comes into sharp focus.

Why now is the time to take control

The digital revolution has been a double-edged sword. On one side, we've been handed incredible tools and conveniences. On the other hand, we're now navigating a minefield of cyber threats. With remote work becoming the norm and our increasing dependence on digital platforms, the avenues for potential data breaches have multiplied. 

Consider this: Damage caused by cybercrime reported to the United States' Internet Crime Complaint Center (IC3) totaled a staggering $10.3 billion in 2022, up from $6.9 billion the year before. It's not just about numbers; it's about the trust we've built with our stakeholders. A single misstep can cast a long shadow on an organization's reputation.

Where traditional tools fall short

While collaboration tools like Microsoft Teams or traditional remote access tools like remote desktop protocol (RDP) have their merits, they often don't quite hit the mark when it comes to providing the granular control needed for secure remote support. Take RDP, for instance. It's a handy tool, but it disconnects the end user during a support session, making collaborative troubleshooting challenging. And while Teams offers screen sharing, it doesn't come equipped with the advanced permissions and controls that a dedicated remote support environment demands.

What permissions and controls to look for in a secure remote support solution

Several levels of permissions and controls can help secure your remote support sessions and the data collected from them. Let's unpack these features with some real-world scenarios:

Optional remote control

Picture this: you need to access a server that's running a mission-critical application, such as a lab machine that needs to operate uninterrupted. Any hiccup could spell disaster. By turning off remote control, you can ensure that a technician can view system info remotely to help troubleshoot issues without deeper access that could compromise the system availability during a critical time. 

Optional toggle of reboot

Ever had that sinking feeling after accidentally rebooting a device? Especially a sensitive one? With this feature, you can ensure that technicians are restricted from rebooting certain pivotal devices, like essential servers in the example above, or even an important device.

For example, let’s say a technician has connected to an executive’s machine and while helping to troubleshoot something, they accidentally reboot the device, which inadvertently wipes out a file the exec was working on. With this feature, you can ensure that select machines are only accessible in certain conditions, for instance, off-hours when the machine is unattended, to protect against these types of scenarios.

Turn off file manager

In sectors like Financial Services and Healthcare, data confidentiality isn't just important; it's sacrosanct. With the option to disable the file manager feature, inadvertent data transfers have become a thing of the past.

For example, if a tech connects to machine that contains a bank statement, financial data, or health record, they could easily copy that file over and steal that information. But if file manager is turned off, they are prevented from taking this action, keeping your business in compliance.

Optional Unattended Access

While it's beneficial for agents to remotely support all devices, that doesn't mean they should have carte blanche. Granular permissions ensure the right personnel have the right access.

For example, you may want to give your internal technicians access a lab computer, however support agents helping clinicians with medical billing should not have this type of access.

With this feature, you can set unattended access permissions at the group level (not globally), so only the technicians that you determine need unattended access will see it as an option in their console.

Optional screen recording and screenshot

There is some information that is so sensitive, you don’t want to keep any record of it. For example, a technician may see a customer’s financial account information, a patient’s medical file, or credit card information on the screen during a remote support session. If your support use cases deal with these type of scenarios, you can turn off the ability for the technician to record or take screenshots during sessions.

Then again, there are scenarios in which you want to ensure that sessions are recorded. For example, for compliance reasons, you may need to prove exactly what actions the technician performed on a machine. You can choose to have every session be automatically recorded, so you’ll have these records on hand.

Turn off copy/pasting

Similar to the recording and screenshot scenarios above, you may not want agents to be able to copy and paste sensitive information that is shared during a session. Let’s say a customer types in their back account information in the chat. You don’t want the support agent to be able to copy and paste that information in the ticket notes or anywhere else, for that matter. That would mean that Personal Identifiable Information (PII) is now stored somewhere it shouldn't be within your system, which jeopardizes any compliance regulations you need to uphold, like GDPR (general data protection regulation).

By turning off clipboard sync, you can ensure agents cannot copy PII or other sensitive information, helping you stay compliant and protect your end user’s data.

In the dynamic world of remote support, security isn't just a buzzword; it's a commitment. Rescue by GoTo, with its intricate permissions and controls, ensures that organizations can offer top-tier support without any data integrity compromises. As we steer through an era of sophisticated cyber threats, tools like Rescue, which strike the perfect balance between functionality and security, will be the compass guiding organizations safely through.

Learn more about Rescue’s security measures

One Billion Support Sessions sticker.

Recommended Posts

See for yourself today

Experience fast, secure, enterprise-grade remote support – anytime, anywhere.

Get a Demo