Skip to main content

Remote user support

The proliferation of remote work and the increasing number of mobile devices (tablets, smartphones, data collectors) used in everyday tasks have made user support systems crucial tools that not only impact the efficiency of support teams but also the overall IT security of organizations. Effective user support systems enable helpdesk teams to have quick, seamless, and immediate access to various types of devices used by users. They also provide security mechanisms that ensure the protection of supported environments.

  • When selecting user support systems, it is worth checking the types of supported devices (Windows, MacOS, Linux, Android, Zebra, iOS, etc.) to minimize the number of remote connection tools used.
  • To ensure the protection of IT infrastructure, user support systems should also allow for the implementation of security mechanisms (session recording, password storage, privilege elevation).
  • It is important to remember that from the user’s perspective, simplicity of use and interface friendliness are key elements of the support process.
  • From the technician’s perspective, the ability to utilize a range of features that accelerate the provision of support services (built-in scripts, background actions, limiting the number of displayed colors, etc.) is significant.

Enterprise user support

Easy remote access to devices used by end users brings many benefits, but it also increases the risk of security incidents. Such incidents can arise from various causes. It could be due to software vulnerabilities that can be exploited for unauthorized access to machines, intentional actions by employees aiming to misuse remote support systems in an improper and unsafe manner, or simply resulting from carelessness or lack of knowledge by the users themselves. Therefore, the key task is to utilize a remote support system that addresses all aspects impacting its security. This includes considerations of architecture, permissions, as well as subsequent auditing.

Safety ingredients:

  • To ensure a high level of security in the user support process, several aspects need to be considered. These include system architecture, credential security, privilege management, as well as accountability and session auditing.
  • Proper system architecture minimizes the attack surface, for example, by utilizing a smaller number of communication ports or ensuring encrypted communication during sessions. The system should provide access security, such as implementing multi-factor authentication (2FA) and network restrictions for the administrative interface. It is also important to be able to deliver the system in a customized manner to meet the user’s needs. For example, some entities, for formal reasons, exclude cloud services and require the entire system to operate within their own infrastructure.
  • The security of privileged credentials is another crucial aspect in the IT domain and is not limited to remote support systems. On one hand, helpdesk technicians may require the use of credentials with administrative privileges, and on the other hand, this grants them administrative access to critical devices from an organizational perspective, such as computers used by executives or finance department employees. In such cases, the best solution is to separate technicians from knowledge of service account passwords and provide the capability to “inject” appropriate credentials during sessions without disclosing them. This is especially important for first-line support where there is high employee turnover.
  • Precisely regulated privileges allow for the creation of roles necessary to ensure the security of organizational processes. By defining detailed permissions, technicians, such as those in first-line support, can only connect to defined resources, and during the session, they are provided with approved tools by the security department. This is achieved by creating user groups with limited privileges and defining the actions they can perform. Typical roles include first-line support, second-line support, helpdesk managers, and security auditors.
  • Auditing and session recording allow for historical verification of sessions and the use of privileged accounts. From a security department perspective, session recording should be centrally performed and subject to global security policies, without the ability to locally disable it during sessions.

High efficiency of the HelpDesk department

Improving the efficiency of technicians is one of the most significant criteria when selecting a remote assistance tool. User support systems should greatly streamline the work of both individual technicians and the entire helpdesk team. A good tool can simplify and expedite a variety of tasks typically performed during remote support sessions. This is especially true for repetitive tasks that can be largely automated.

  • Collaboration is especially important when it comes to larger helpdesk teams. Built-in multi-user chat, the ability to dynamically transfer sessions and invite additional participants, enhance productivity and often facilitate problem resolution. From a management perspective, this enables continuous monitoring of session loads for individual technicians, balancing the workload, or joining selected sessions to provide assistance in issue resolution.
  • Integrations with ITSM systems help reduce session initiation time and minimize manual entries in the ITSM system. Integrated ITSM systems with remote support tools provide benefits from both solutions. Ticket management and communication with end-users take place in the ITSM system, while the actual session execution occurs in dedicated remote support software. After the session is completed, log contents, chat logs, session recordings, etc., can be automatically sent to the ITSM system and attached to the corresponding ticket for contextual reference.
  • Multi-platform support, which includes handling different platforms used by end-users – typically Windows, macOS, Linux, Android, iOS – from a single unified interface, significantly increases the efficiency of helpdesk teams. With a tool that supports all platforms, technicians can perform all typical tasks in the same manner, such as initiating sessions, taking control, file transfers, or communicating with users, without the need for different tools for different platforms.
  • Advanced remote session tools available to technicians help streamline the execution of their tasks, especially when those tasks are repetitive and automatable. For example, the ability to launch applications and scripts on the end-user’s machine, with both applications and scripts hosted in the remote support system, eliminates the unnecessary steps of copying applications to the user’s machine and removing them after the session. Background session tools are also helpful, allowing technicians to perform advanced diagnostic actions without interrupting the user session, such as file transfers or running a command-line console in the background. Additionally, features like dynamically adjusting color depth in the session help maintain smooth session performance, even with a weak internet connection.

End-user perceptions

From the end user’s perspective, the simpler the process of initiating a remote support session, the better. Ideally, starting a support service should not require any additional actions from the user, apart from reporting the problem in a typical manner, such as through a ticketing system, email, or phone call.

  • Initiating a remote session should be initiated by the support agent and should not require any actions from the end user, except for opening a ticket in the ITSM system.
  • Communication from the support team and the interface used by the end user should be in their native language.
  • The support system interface should be personalized and include logos and colors specific to the organization where the end user is employed.
  • Before initiating screen sharing with the support agent, there should be an option to implement additional security measures, such as granting permission to share the screen, allowing the end user time to close windows containing sensitive information that the support agent should not see.