Remote support: Addressing privacy concerns

Ben Taylor

Computer users typically place a lot of trust in their IT support providers. Traditionally, it’s always been the case that network admins, if minded to do so, could get to any kind of company / client data they chose to, due to their access to the “nuts and bolts” of the servers.

Remote-SupportAs an MSP, you may have some clients who have considered these implications. After all, when you and your staff are remoting into computers and servers, you may see privileged information that must be kept confidential.

Whether or not your average client seems concerned about the privacy implications of your support relationship, you should consider it, and put systems and procedures in place to allay any fears your clients may have. Here are three steps to help you do so in the case of providing remote support:

1. Start with your internal team - All of your staff must be fully aware of their responsibilities when it comes to client privacy and confidentiality. These responsibilities can (and should) be written into your employees’ contracts.

Privacy-Policy2. Create a privacy policy - Create a privacy policy relating to remote support and make it available to your clients. Emphasize the fact that you and your team will keep confidential any information you may come into contact with as part of your support duties.

Assuming you have educated your team on privacy, and contractually bound them to their obligations, you can highlight this fact as part of your privacy policy.

3. Think carefully about unattended support - Many remote support solutions provide you with the option of giving “unattended support.” Essentially, this allows you to remote into PCs without anyone having to give authorization to begin the session.

Obviously, this can be very useful if you or your team need to carry out work out-of-hours, and it also makes things a lot easier due to the eliminated need for user intervention.

Permission-GrantedIn terms of privacy, however, it can make matters much more complicated. If every remote session requires user permission to begin, you remove any potential for doubt or mistrust. If you are working with clients in business sectors where privacy is particularly paramount, it may be best to refrain from using unattended support on these sites.

While many of your clients may have a very blasé attitude towards matters such as these, it doesn’t mean they won’t respect the fact that you take your privacy role seriously. And if, one day, your business is accused of impropriety, you’ll be pleased you took these simple steps.

Do you have policies and procedures in place to address privacy concerns? Tell us how you help alleviate your clients fears with a comment below!