In the previous entry to this blog, I wrote about the benefits of the SaaS deployment model for remote support. Specifically how SaaS shifts the burden of deployment, maintenance and support to the service provider, which of course allows users to get up and running much more quickly. I also noted that I'd be dedicating this blog to the topic of SaaS and why it is the optimal model for remote software. So, here we go...
One of the most common questions that we hear is, "how secure is the Cloud", which I'd like to dig into here. Security has always been one of the primary considerations of a new application deployment, so it's not unreasonable to ask the same question when looking at SaaS. And remote support is no exception when it comes to evaluating the stability and security of a new solution, especially when you consider the fact that end-users are handing over control of their devices. If you're looking at new tools for your helpdesk, here are some key Security considerations that I think should be explored:
• Data confidentiality: Ensure that no one can intercept data transmissions to and from end user machines communicating with the remote support system. To accomplish, you need to be using Secure Socket Layer (SSL); and your remote support vendor should be using (and keeping up to date on) one of the standard SSL protocols.
• Authentication and authorization: This means verifying that the technician using the support solution is allowed to do so, and that the technician can identify himself/herself to the end user as such. Any solution you're considering must provide multiple means by which the admin can guarantee that the tech using the system is the real deal, and is only performing tasks they're authorized for.
• Auditing technology: Ensures that any activity technicians perform can be reviewed by administrators for compliance and governance purposes. • Permission based: Technician access to end user computers should follow a process that requires the end user to grant permission to the technician to perform any troubleshooting on the PC. This acts as a handshake between the technician and the end user prior to accessing end user devices.
• Data Center: And, of course, since we're talking "Cloud," the solution itself must be located in a solidly secure data center.
What's on your Security checklist? How do you evaluate new helpdesk tools from a Security perspective? We'd love to know your thoughts.
Join our Facebook group
Follow us on Twitter
Check out the LogMeIn Rescue Community
This story, "How Secure is Your Helpdesk?" was originally published by BrandPost.