Insights

What Techs Can (or Cannot) Do in a Remote Support Session Can Make or Break Your Compliance

Katie Steward

September 23, 2022

insights-question

While every industry needs to keep an eye on security, when your business is in a sensitive and highly regulated industry like healthcare or finance, compliance is always a top concern.

How can you ensure your support operations don’t jeopardize your efforts to stay compliant with HIPAA (Health Insurance Portability and Accountability Act) and GDPR (General Data Protection Regulation) and other regulations around PII (personally identifiable info) and PHI (personal health info) – especially when providing support is all about accessing and controlling end user devices?

Rescue is here to help.

It starts with permission-based remote support. You want (and need) to ensure that your remote support solution provides full permission-based functionality, meaning your end user is in control. In a (highly secure) session, your end user should provide explicit permission for any action the agent takes on their device.

You also want to ensure that your techs have access to what’s needed to get the job done – and nothing more. Rescue gives you in-depth settings that you can control behind the scenes that take some agent actions completely off the table. Here are just a few.

Top technician settings that keep remote support sessions extra secure:

Control these tech settings (and more) for the strictest security and compliance precautions. These controls can be set for select technicians, a group of technicians, or all technicians.

Turn off remote control.

One way to ensure that techs don’t take any actions that end users don’t want them to take is to turn off remote control. You can do this for desktop or mobile, depending on your needs. This means that a tech won’t be able to control a remote device. Instead, the end user completes any action needed to resolve an issue using the technician’s guidance through a desktop viewing session (using remote view not remote control).

Turn off screen recording and screenshots.

On one hand, session recordings can help businesses with auditing. But if capturing any personal data is a big no-no for you, Rescue allows you to turn this capability off. Once you do, your techs will not be able to record the end user’s screen during a remote support session or take screenshots at any point.

Turn off reboot.

Rebooting is a power that, when used in error, can wreak havoc. For example, when a technician reboots a server, they need to know everything running on that server and what services may go down during the reboot. This is not necessarily an action you want every level of technician to perform.

Turn off copying and pasting.

Using clipboard synchronization can help techs save time and avoid errors by directly copying and pasting information between devices during remote control. But in industries like healthcare, the ability to do this with potentially sensitive data can put your business and end users at risk. To take this capability off the table, turn off clipboard sync so techs aren’t able to copy paste between their machine and a remote device.

Turn off file manager.

Similarly, file manager allows techs to easily and securely transfer files between their computer and the customer's device. If you do not want to grant your techs this level of access, you can either turn off the ability to transfer files out or turn off file manager completely, preventing techs from looking at the files to begin with.

Turn off collaboration.

Agent collaboration is great in the right context. During a remote support session, if the technician needs another set of eyes and expertise on an issue, they can bring a senior solver into the live session. But if the ability to add an internal or external agent to a session – and expose your end user’s data – trips any compliance alarm bells for you, simply turn off this setting. Your techs will not be able to invite anyone else to a session.

Turn off unattended access.

Unattended access allows technicians to solve issues when the time is right, such as when an end user is away from their machine for the day. As a permission-based solution, the end user would give permission for the tech to do this. But you also have the option of suppressing unattended access completely from your account, which will hide any reference to it. Your techs won’t even know the capability exists.

When compliance counts, count on Rescue.

Rescue puts the power to stay compliant in your hands. Our admin center gives you thousands of settings to control for technicians, admins, and master admins, ensuring everyone has the level of access they need, and nothing they don’t.

Try Rescue free and see for yourself all the technician settings you can control.

Recommended Posts

See for yourself today

Experience fast, secure, enterprise-grade remote support – anytime, anywhere.

Get a Demo