In a typical workday — which, alas, often extends into a work evening or work weekend— sysadmins connect to remote systems using Remote Desktop Protocol (RDP), PuTTY, SSH, FTP, Telnet, browser-based apps, virtual private networks (VPNs), proprietary software, and many other solutions. To suggest that these tools are important is an understatement. They are essential, and organizations that attempt to turn back the clock and force their sysadmins to support colleagues and customers exclusively through phone calls should prepare for massive push-back, if not an all-out revolt.
Productivity and Security Challenges
Despite the value and importance of remote connection tools, they can also reduce productivity at times. Indeed, each tool has its own workflows, rules, limitations, and user interface. In addition, sysadmins typically have hundreds or even thousands of credentials that must be stored and protected. In theory, these should be suitably safeguarded. Yet in reality, because they are so busy and pulled in multiple directions — helping end users one moment, installing a mail server the next, troubleshooting an intermittent problem with a network switch after that, and so on — many sysadmins resort to vulnerable and insecure methods of password management, such as spreadsheets and plain text in script files.
Furthermore, managing user access through Active Directory (AD) is not always a viable step. While this is more secure, it often triggers productivity challenges as users must enter their credentials many times a day — an obligation they loathe, complain about loudly, and seek to circumvent whenever possible; not because they have “gone rogue,” but because they want to get more done in less time.
The Remote Desktop Management Solution
The good news is that there is a practical answer: implement a robust remote desktop management solution. This significantly improves security hygiene, but without undermining efficiency and productivity. Here are the five core features to look for when evaluating various remote desktop management solutions:
- Manage a Wide Range of Remote Connection Technologies and Protocols
As noted in the introduction, sysadmins typically connect to remote systems through a variety of tools, such as RDP, VPNs, SSH, FTP, PuTTY, proprietary software (e.g., TeamViewer, LogMeIn), and the list goes on. A remote desktop management solution should support all of these technologies through a single pane of glass. As such, instead of switching between dozens of windows and running out of real estate on their taskbar — which is not only tedious and time-consuming, but also confusing and stressful — sysadmins consistently and rapidly get the information they need, when they need it, and always from where they expect it to be.
- Vault and Store Credentials and Sensitive Data
In addition to managing numerous sets of credentials, sysadmins also need to safely store and easily retrieve other sensitive data, such as software license codes, account numbers, and corporate credit card information. A remote desktop management solution should capture and organize this data in a secure vault located in a centralized database that is protected by AES-level encryption. This prevents sensitive and private data from being stored in disparate and vulnerable locations such as saved RDP sessions, password management apps, and spreadsheets.
- Securely Disclose Session Settings
The best sysadmins are not necessarily those with the most knowledge and experience. Rather, they are those who know when it is beneficial and efficient to reach out to a colleague when facing difficult (and frustrating) remote desktop issues. A remote desktop management solution should enable sysadmins to securely disclose session settings and/or credentials with other authorized users, while also revealing or hiding specific information based on user rights (more on this below). This prevents sharing data in ways that are both time-consuming and insecure such as through email, instant messages, or writing them down.
- Manage Roles, Permissions and User Security Rights
Role-based access control ensures that authorized users get the information and access they need — no more and no less. A remote desktop management solution should make it fast and easy for sysadmins to manage (and as necessary change) roles, permissions and user rights at individual and group levels. Furthermore, management should be possible both globally and granularly. For example, the solution should integrate and sync with existing user access control tools (e.g., AD), and it should also support comprehensive tracking and logging for performance management, compliance, quality assurance, security, and training purposes.
- Easily Organize and Retrieve Sessions
Since they are usually dealing with dozens of tasks and hundreds of connections, the last thing sysadmins want — or deserve for that matter — is yet another tool that makes their experience more confusing. A remote desktop management solution should feature an intuitive user interface that enables sysadmins to easily organize and retrieve remote sessions through a variety of built-in tools and features. An effective solution should therefore include multiple viewing options that use a familiar tree list structure; the ability to flag frequently accessed sessions; search functionality; and templates that save time and reduce error when creating new connections.
The Bottom Line
A remote desktop management solution that meets all five of these core requirements is what today’s sysadmins need to control the IT chaos, and keep their organization efficient, safe and compliant. It also makes life easier and less stressful for hard working sysadmins — and that is a welcome benefit as well.