Is Your Remote Support Secure from Hackers?
As many of you know, October is National Cyber Security Awareness Month (NCSAM) and while security is top of mind each and every day, NCSAM gives us a great excuse to explore the topic of security within remote support systems. As remote support gains popularity among customer service teams, ensuring the security of the technology you are using is paramount. Consumers, in general, can be uneasy with the idea of someone accessing their computer from afar, but are quickly won over when they see how quickly a support issue can be fixed. It’s our job to keep customers safe and consumer confidence in the technology high. So, how can you keep your customers and business safe from the prying eyes of hackers? The first step is to make sure the software you are using meets the highest level of security criteria. Here are 3 critical elements to make sure your remote support software includes:
Organizational data, customer data — it’s as good as gold for hackers. It’s what every cyber-criminal is ultimately after. When it comes to remote support software, you might not have ultimate control of how the data is being transmitted or stored. Look for a remote support solution that includes data encryption, ability to detect data manipulation, database backup, and know in which countries your data is stored (if you prefer US or EU storage sites).
Another important factor that is often overlooked is “key agreement encryption” which ensures that when a technician starts a remote support session with a client, their computers must agree on an encryption algorithm and key to be used during the session. Make sure your software uses SSL certificates and verification systems to keep data safe.
Strong Authentication & Authorization
According to Verizon’s 2017 Data Breach Report, 81% of successful hacking-related data breaches used weak or stolen passwords. With that in mind, strong authentication is essential. But just having a strong password is not enough. Two-factor authentication helps add another level of security by requiring something you know (a password) and something you have (a one-time code, for example). The helps ensure that the person logging into the systems is who they say they are.
Another part of this is around authorization. This needs to occur at least once every remote support session, for technicians to login into and fix, user problems. Sophisticated remote support software uses such tools as IP restriction and various, selective Administration permissions, and security certificates.
Session Reporting and Recording
Sadly enough, many data breaches are not done by external hackers. The Verizon 2017 Data Breach Report found that 25% of data breaches are committed by internal players. Make sure you can record and report on all remote sessions including chat logging and session recording.
Having a complete record of each and every session not only helps with accountability, but also becomes key for liability purposes.
To learn more about the security capabilities of LogMeIn Rescue, view our Architecture and Security Overview.