Consumer-grade remote support tools continue to make the news for the wrong reasons. Recently, it’s been reported that some financial institutions are preventing their applications from being run if they detect common free and/or consumer-grade remote access tools installed on the device. This is intended to protect their customers from being victimized by these tools. While this approach could be considered severe, it reflects the risk these institutions have experienced with these tools, and their fears of further damage.
Consumer-grade and free remote support tools may be okay for supporting your family members or remotely accessing a PC at home, but the risk is probably unjustifiable for any organization with a customer base and any potential for access to sensitive data.
The Risks of Low-Security Remote Support Software
Some consumer-grade tools share some of the same cool technological features as the more robust enterprise-class tools. For instance, you can remotely support someone from anywhere in the world and perform a screenshare to see what’s happening on their device. Sure, that experience may have a somewhat similar feel across many different solutions, though bells and whistles will vary considerably. However, the difference in robustness of security architectures between free/consumer-grade tools and enterprise-class tools like BeyondTrust Remote Support is gaping. That’s why, when considering a remote support tool, it’s essential that your security team (or person) properly vets the tool.
Recent cybercriminal exploits leveraging consumer-grade tools have involved connecting to their devices to transfer money from their bank accounts or to purchase items, such as gift cards. With remote access, the threat actors can easily gain logins to the users’ banks or retailers. They could even access one-time passwords that are needed for multi-factor authentication. If someone can access that device, they essentially get the keys to your kingdom. Last year, a rash of supply chain attacks also leveraged consumer-grade remote support software on the user devices of IT service providers, which was then used to illicitly access data of the providers’ customers, resulting in third-party breaches.
These types of cybercrimes should raise awareness of the riskiness of using free or consumer-grade tools to provide remote support. Additionally, as security and compliance requirements get more stringent, and businesses also demand higher security standards of their partners, using low-security tools may create suspicion by an organization’s customers and partners and may make them second guess that business relationship.
What True Remote Access Security Looks Like
With BeyondTrust Remote Support, you not only get all the great collaboration and integration features you expect of a tool built for the modern service desk, your enterprise risk posture also benefits from having the most robust remote access security of any tool in its class. You and your customer can have confidence that you are using the most secure platform for remote support.
When you are providing support using BeyondTrust, your customers will only be able to connect to your Remote Support instance, and your support technicians will only be able to provide support from your Remote Support instance. Additionally, you can ensure your customers are able to grant permissions to the service desk technician when access and control is needed. Also, because the tool is so comprehensive in capabilities, you can consolidate to one tool and blacklist other remote access tool instances to ensure rogue remote access software isn’t planted across your organization.
Here’s a shortlist of some key features of BeyondTrust Remote Support:
- Enables collaboration on support incidents to speed up resolution times
- Integrates with your existing ITSM solutions to maximize your investment, and unlock powerful synergies
- Supports Windows, Linux, macOS, iOS, Android, ChromeOS, and more.
- Accesses devices using RDP, SSH, Telnet, and VNC, while improving security
- Deploys multiple ways - on-premises, SaaS, or your private Cloud in AWS or Azure
- Embeds Remote Support directly in your iOS and Android apps via mobile SDK
- Enforces least privilege, allowing you to define granular roles for your users
- Generates a rich audit log, and helps you meet compliance initiatives like FIPS, CJIS, PCI, HIPAA, and GDPR.
If you’re interested in learning more, check out our new, comprehensive Remote Support Buyer’s Guide & Checklist. It even includes a free template you can use to compare vendors.
