No end-user? No Problem.
Unattended remote support is when an IT support technician, or a help desk professional, remote controls an endpoint in the absence of any end user on the endpoint. Unattended access solutions are primarily used to perform routine maintenance, troubleshoot, and conduct health checks for devices, including laptops, desktops, servers, smartphones, IoT, operation technology (OT), and more.
In contrast to attended remote support, which refers to support cases where an end user in need of assistance is present and active on the endpoint, unattended remote support can be used to perform diagnostics, install updates, and troubleshoot various issues for IT servers, network devices, and other infrastructure.
This blog will explain how unattended access / unattended support works, the top use cases for unattended remote support, security considerations, and more.
Benefits of Unattended Remote Support
Attended and unattended support each have their pros and cons. For instance, with attended support, you can converse with an end user in real-time via built-in chat functionality. Having the end user present can bring added context to the support session that aids resolution of any issues. However, unattended support provides the ability to support any device 24/7, unbound by work hours, time zones, or other human-related constraints. Additionally, if a resolution cannot be achieved on the first call with the end user, an unattended session can be performed later to complete the fix without further inconveniencing the end user.
Unattended support can also be used to remote control and update multiple computers at once, enabling IT to apply updates at scale. As many businesses around the world have recently transitioned to higher levels of remote working, the need for efficient remote support tools increased, and so has the need for scalability and fast, unattended support.
During the coronavirus pandemic, unattended access played a key role in adhering to social distancing initiatives. For instance, by leveraging unattended access functionality, IT reps could install systems or provide support without having to go into an office, facility (i.e. server room), or the end-user’s home.
Common Uses Cases for Unattended Remote Sessions
With the increase in work-from-home (WFH), and an ever-expanding number and variety of devices, platforms, and applications to support, unattended access is being leaned on for more use cases, and more often. Here are some of the most common unattended support use cases:
- Accessing employee workstations at any time for maintenance
- Managing remote access to groups of computers for IT teams or MSPs
- Conducting any system administration task, including rebooting
- Supporting kiosks and IoT devices where no user is present
- Taking control of unattended PCs, servers, and enabled devices
- Accessing systems with only Command Line Interface
- Performing repetitive tasks at scale (“I need to do the same thing, but on multiple systems”)
How Does Unattended Remote Support Work?
Unattended support is typically used by at least a few distinct types of user groups, such as MSPs/MSSPs, other IT service providers, and internal IT teams and service desks.
Unattended remote support can be deployed multiple ways. Once installed, the solution should allow the endpoint to be grouped, sorted, or organized based on the granular actions the support technician wants to occur and who can access these systems. The technician should be able to securely remote any endpoint or device remotely for which they have been granted access to at any time, from anywhere, with an internet connection.
Different remote access and remote support solutions vary greatly in their abilities. When unattended support functionality is present, it should provide support for a wide range of endpoints, including Windows. macOS, Unix, Linux, iOS, Raspberry PI, Chrome OS, operational technology, Zebra devices, Samsung devices, and more. The technicians should be able to leverage unattended access capabilities to reboot, restart, and initiate change controls.
What Features & Capabilities to Look for in Unattended Access Solutions?
Many organizations use several or more tools for remote support use cases. This usually happens for a couple main reasons:
- Each tool only covers a narrow range of use cases, such as only supporting certain devices or OS’s, or only providing attended support or unattended support capabilities
- Various teams provisioned different tools over time for different use cases, creating a patchwork of remote access tools across the enterprise
This tool sprawl may not only create cost inefficiencies, but security and oversight issues. Consumer-grade remote access and remote support tools are increasingly exploited for backdoor access into organizations. In some of the most egregious breaches, these tools have been leveraged to spy on or compromise an organization’s customers.
In an era of increasingly brazen cyberattacks and runaway ransomware, organizations absolutely need highly secure remote support solutions that can cover an expansive list of use cases, while making your entire service desk experience better.
With added pressure to support a bigger remote workforce than in prior years, service desks are challenged to scale to meet their growing demands, and without adding security vulnerabilities into the mix. Security and auditability are arguably even more critical when concerning unattended access. After all, there is not an end user present to provide an extra set of eyes, and unattended support cases are more likely to involve highly sensitive systems (i.e. database servers, Tier-1 application access, etc.).
In addition to robust encryption, privileged access security controls should be applied to unattended access sessions. This includes applying granular least-privilege control over access, injecting managed credentials to initiate a session, and performing robust session monitoring and management, including screen recordings, keystroke logging, etc. Tools that lack these controls leave an organization open to account hijacking attacks and vulnerable to undesired lateral movement, which can lead to largescale breaches.
Additionally, the remote support solution should integrate seamlessly with other ITSM platforms and tools to enable frictionless workflows, including initiating tickets, adding content to a ticket, escalating response, auditing, and more.
Industry-leading Security, Integrations, & Features: BeyondTrust Remote Support
BeyondTrust Remote Support is the most secure solution for both unattended access and attended access. The solution supports a broad swathe of devices and platforms and has all the features and capabilities you would expect of a Remote Support leader. In addition, it is the only FIPS 140 Level 2-validated Remote Support product
With BeyondTrust Remote Support, you can manage every device, regardless of where it’s located, and provide instant solutions for maintenance and troubleshooting. BeyondTrust enables Remote Support customers to start an unattended session through pre-built integrations. Customers can leverage our open API that allows them to integrate to their existing solutions, like ServiceNow or other ITSM applications.
BeyondTrust Remote Support protects data, provides oversight over all sessions, and prevents and mitigates account hijacking and lateral movement threats. The solution segments each remote support customer via single-tenant environments, so your data is never co-mingled with other customer data. By using outbound-only session traffic on TCP Port 443, the product minimizes port exposure, drastically reducing the potential exposed attack surface of your support site.
BeyondTrust’s Remote Support product also extends robust privileged access controls to remote support use cases, both attended and unattended. The product provides over 90 permissions that allow for granularity of access controls for endpoints and systems based on pre-stated policies around teams, users, time of day and more. The solution also provides native multi-factor authentication and includes a vault to manage credentials.
To start a session, BeyondTrust Remote Support retrieves a credential from the vault and automatically injects it into the session, without ever revealing it to end users. Every session is monitored (i.e. screen and audio recording, logging, etc.) and managed, allowing for the complete auditing and review of all customer and support technician interactions, including permissions granted by the customer, chat transcripts, system information, and any other actions taken by the technician.
BeyondTrust’s proprietary Jump Technology enables a Remote Support user to access and control remote, unattended computers in any network. Because our product is licensed per active representative and not per remote system, Jump Technology is a cost-effective, easy-to-set-up way to reach every device in your enterprise, and scale to your unattended access needs.
A Jumpoint acts as a conduit for unattended access to any type of endpoint on a known remote network. A single Jumpoint installed on a computer within a local area network is used to access multiple systems, eliminating the need to pre-install software on every computer you may need to access. The remote computer does not need to reside on a known network. Jump Clients are persistently connected to the appliance, thus helping you reach systems on remote networks anywhere in the world. By pre-installing Jump Clients on remote systems, a user can establish sessions with unattended Windows, Mac, Linux, and Unix computers.
To learn more about BeyondTrust Remote Support, contact us today.
Julissa Caraballo, Product Marketing Manager
Julissa Caraballo is a Product Marketing Manager at BeyondTrust. She has over 10 years of experience in software product marketing and lead generation. Previously, Julissa worked as a Marketing Director for a medical management software company. She holds a BA in Business Administration/Marketing and a MBA in Healthcare Management. Her certifications include, Certified Digital Marketing Manager, Pragmatic Marketing Certified and Certified Medical Practice Executive. She can be found on LinkedIn and all social media platforms.