Remote support software offers an easy way of obtaining third party help on your own computer. There is an increasing number of various software manufacturers and financial institutions using this type of technology for their support/helpdesk facilities, too. Read on to find out what to remember to ensure you use remote support facilities safely.
- Only establish connections with trustworthy persons. You
should be particularly cautious if it is not you initiating the connection (e. g. if you receive an unexpected phone call).
- Make sure an encrypted connection is used.
- For the purposes of secure authentication, use a password or meeting ID.
- If possible, don’t grant full access to your system.
- Please remember that everything appearing on your screen during any support session can also be captured.
Remote support software enables remote access to a third party system via a local network (LAN) or the Internet. This way, the remote machine’s desktop will be displayed on a local machine and also allows for remote control of the remote machine. Many companies use remote support software to enable their support staff to have a quick look at a user’s machine without the need of someone having to go and visit them on site in the first instance. There are a variety of different tools in this respect to be found on the Internet. This article serves to advise you what you should look out for when using such software.
Only establish connections with trustworthy persons. You should be particularly cautious if it is not you initiating the connection (e. g. if you receive an unexpected phone call). It is now common for attackers to contact you by phone, for instance purporting to be a Microsoft employee, to obtain access to your computer this way. They should only be able to establish any connection to your machine after receiving your explicit invitation to do so. Before you accept any connection via their software, you should expressly have to agree to do so.
When choosing a product, you should ensure that there is sufficient encryption to guarantee data cannot be transferred in plain text. The key should be at least 128 bit in size.
The person establishing a connection to your computer should authenticate him- or herself via a meeting ID and/or password. Depending on the software used, there are different ways to do so. To make sure that this sensitive information is only received by the right person, it is best for the password or meeting ID to be advised beforehand, by telephone.
Don’t grant full access to your system. The person assisting you should basically only ever be a spectator and provide you with instructions on what to do. This will ensure you are still the one in control of your system and no undesirable changes can be made.
While the connection is being established, a remote support information screen should permanently display on your screen, which cannot be hidden. This allows you to see whether the connection is still active and someone else is able to view your screen, or whether the connection was terminated.
Please note that support sessions can be recorded. Anything appearing on your screen during this session can be viewed and captured by the other party.
Enter as few passwords as possible during your session, and don’t surf to any Internet sites which have nothing to do with your session. If for instance it is a financial institution providing you with support, make sure you only ever remain on the website of the financial institution involved.
Please ensure that after obtaining assistance you disconnect the Remote Support connection to prevent any further access to your computer. To do so, please follow the instructions in the software documentation.