SlideShare a Scribd company logo
1 of 11
Download to read offline
For They Do Not
Know What They Do

How IT Departments
Can Retain Control
over External IT
Service Providers




              with support from
For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers




                        Whenever external IT service providers require access to enterprise systems,
                        IT managers often get stomachaches. However, IT managers can use the
                        latest generation of remote support tools to ensure their company’s security
                                                         even as they speed issue resolution.

                                                                   Most IT departments encounter the following
                                                                   situation. They often rely on external service
                                                                   providers to maintain company IT. However,
                                                                   external remote support services often
                                                                   don’t conform to the necessary security
                                                                   standards. To save time, IT staff often grant
                                                                   those external service providers permanent
                                                                   remote access or they grant access without
                                                                   performing the required security checks.
                                                                   More diligent and security-conscious
                                                                   IT departments may requires the onsite
                                                                   presence of an internal IT employee to
                                                                   monitor the external provider’s support steps.

                        In order for external service providers to access enterprise systems in an
                        emergency or just to maintain external solutions, companies often utilise the
                        following approaches to ensure the integrity of their IT systems:

                        Legal solution:

                        •	   Introduction of standard written agreements for all external IT service providers
                        •	   Creation of customer-specific contractual agreements that address the external IT service
                             provider’s specific procedures


                        Staffing solution:

                        •	   Training their own employees on the IT service provider’s systems.
                        •	   Principle of dual control: company employees must be present and control all work performed
                             by external service providers.
                        •	   Forgoing of external IT service providers and development of costly in-house solutions
                        •	   Trust without the use of control mechanisms or supplemental agreements to service contracts


                        Technical solution:

                        •	   Utilisation of a remote technical support solution that allows for complete documentation and
                             protects against unauthorised access.




                                                                                                                             2
For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers




Important                    The legal solution builds on general or service-specific contracts. The principle
benefits of                  of deterrence applies. The disadvantages: Contracts don’t ensure genuine
GoToAssist                   security. The more complex a contract is formulated, the more inflexible the
Corporate:                   support. This can go so far that external service providers are prevented from
                             performing much needed support services if they’re not governed by contract.
•	   Easy to use
•	   Enables
     immediate tech
                             Companies that choose to train their own employees on the systems of external
     support to resolve      IT service providers relativise the outsourcing advantage and ultimately restrict
     issues fast             themselves so much that an economically feasible operation is no longer possible.
•	   Absolutely secure
     data transfer
•	   Permission-based        Only the technical solution can offer real security and cost effectiveness. With
     usage                   the right technical solution, only authorised IT service provider staff are allowed
•	   Ensures that            access—and only when authorised by internal staff. The physical location of
     support from
                             employees and service provider staff is irrelevant. The right technical solution
     third-party provi-
     ders is supervised      also documents when external access to sensitive systems occurs and what
     and/or authorised       tech support steps are taken.
•	   IT staff can initiate
     remote support
     from anywhere at
                             Flexible IT departments rather than rigid on-call times
     anytime
                             Saturday, three o’clock in the morning: a company employee receives an
                             emergency call on their mobile phone. Rather than travelling to the company,
                             the employee simply opens their notebook, launches a secure remote support
                             solution and invites the responsible external IT service provider to join the
                             session. Quickly and easily from home—without breaking the security chain.

                             This innovative use of remote support software is by no means a future scenario,
                             but instead is a current and highly developed practise. The benefits of using such
                             software, like GoToAssist Corporate, can be summarised in seven points:

                             1.	 Increased staff flexibility and availabilty:
                                 IT staff who monitor the external delivery of
                                 support can do so from any location and aren’t
                                 required to be physically present on-site.
                                 Employees can work more flexibly and are
                                 always available when needed.




                                                                                                                   3
For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers




                        2.	 Extensive control of IT service providers
                            Employees in busy IT departments can simultaneously manage multiple
                            support sessions, even if they’re hosted at different locations. By recording
                            support sessions, external IT service providers’ service steps can later
                            be reproduced.

                        3.	 Very quick support response times:
                            IT staff are extremely flexible, and during an emergency, e.g. a critical
                            system failure, they can grant external service providers access to internal
                            systems and supervise support sessions from home, even during
                            unusual hours.

                        4.	 Reduction of outage and follow-up costs
                            System failures disrupt smooth operations and are responsible for high costs.
                            Not only do the repairs inflict costs on the company, but also employees may
                            not be able to complete their tasks because of the technical failures. Indeed,
                            if lengthy delays occur, contractual penalties could be invoked for late
                            projects. With a flexible IT department, however, external IT service providers
                            are no longer dependent on the physical presence of company employees
                            and fixed office hours. Interruptions can be remedied immediately.

                        5.	 Better overview of utilised resources
                            Modern remote support tools such as GoToAssist Corporate offer tracking
                            and management functions as standard features. The IT department has a
                            continuous overview of who is logged on and performing maintenance work.
                            Solution steps and their duration can be identified at any time.

                        6.	 Learning effect as a result of best practises for future service cases
                            Recorded support cases can be used as best practise cases for similar
                            events in the future. Follow-up cases can therefore be dealt with more
                            efficiently. At the same time, a knowledge base is developed.

                        7.	 Logging for documentation
                            Thanks to the integrated recording and logging features, actions can be
                            ascribed at any time to the responsible persons. Remote support solutions
                            such as GoToAssist Corporate record exactly which support participant has
                            performed which steps. Such records can be reviewed later if questions arise.




                                                                                                               4
For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers




                        Retaining Control With GoToAssist Corporate

                        The following describes a typical support
                        scenario and the steps taken to resovle an IT
                        issue with the help of the GoToAssist Corporate
                        remote support solution. It illustrates how
                        technology solutions can help ensure IT security.

                        Highest-level security

                        Using GoToAssist Corporate, it’s easy for IT managers and support staff to
                        observe compliance policies without having to relinquish the services of service
                        partners. The GoToAssist Corporate solution keeps track of who accesses
                        corporate systems via which IP address and who performs actions. This
                        supervision can also be performed retroactively: a video recording of the remote
                        support session as well as all logged data are available.

                        Session recording occurs on the server side and is thus protected from
                        subsequent modifications and totally tamperproof. The recording cannot be
                        interrupted and continues until the end of the session, even if a participant
                        leaves the meeting and returns at a later time.

                        Management features help corporate IT managers and employees keep track
                        of things at all times and thus reduce the administrative burden. Authorised
                        persons can log in to ongoing support sessions at any time and intervene if
                        necessary. Since all functions are remotely available, locations are irrelevant,
                        which ensures the desired flexibility.




                                                                                                               5
For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers




                        Typical execution of a secure remote support session

                        The typical execution of a controlled maintenance support session with
                        GoToAssist Corporate follows these five steps:




                                                                       Telephone
                             Internal IT employee                                                             External service partner



                        1	   The IT employee receives an emergency call, contacts the external service partner and
                             explains that urgent maintenance work needs to be performed.




                                                                   Secure VPN connection,
                                                                     e.g. via GoToMyPC




                                                GoToAssist Corporate                   GoToAssist Corporate
                                                    connection                             connection




                             Internal IT employee                                                                 Server in Branch A




                        2 	 The internal IT employee sets up a VPN connection to the affected server and launches a
                            support session with GoToAssist Corporate. The location of the affected device is irrelevant. IT
                            employees can remain at home when they are on call.




                                                                                                                                    6
For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers




                                              GoToAssist Corporate                    GoToAssist Corporate
                                                  connection                              connection




                                                                                                             Server in Branch A




                             Internal IT employee




                                                                External service partner



                        3	   The IT department employee invites the external service provider to participate in the
                             support session. When sending the invitation, a GoToAssist Corporate list of authorised
                             accounts is used. The external employee needs to authenticate his or herself with
                             username and password in order to participate in the session.




                                               GoToAssist Corporate
                                                   connection
                                                                                      GoToAssist Corporate
                                                                                          connection




                                                                                                                 Server in Branch A
                                                                                 GoToAssist Corporate
                                                                                     connection



                             Internal IT employee




                                                                External service partner


                        4	   The internal IT employee provides the external service provider with all the necessary
                             authorisation that they require for the maintenance work. GoToAssist Corporate begins by
                             recording and logging all support steps. The internal IT employee can withdraw from the meeting
                             and perform other duties. Or they can remain in the session to follow the work of the external
                             service provider, to learn something or possibly to intervene.




                                                                                                                                      7
For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers




                                                                                                           Server in Branch A




                                                                                                           Server in Branch B




                             Internal IT employee                                                          Server in Branch C




                             External service partner	    A              B             C



                        5	   The internal IT employee can view the GoToAssist Corporate overview to see which other
                             internal or external service staff currently have support sessions open. Since the corporate
                             employee’s constant presence at a session is not required, they can simultaneously control
                             multiple sessions. IT staff can access an ongoing session at any time. In case of doubt,
                             staff can also review the automatically recorded session.




                                                                                                                                8
For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers




                          Monitoring options with GoToAssist Corporate:



                                                   Time-delayed view




                                                  GoToAssist dashboard:
              Option 3                                Live overview of                                      Recording
                                                   all external activities                                 and logging




                                 Option 2

                                 Option 1


                                                                                                             Server in Branch A


          Internal IT employee




                          Management Centre:
                           Administration of
                            user privileges

                                                                  External service partner




                          Option 1: 	       The internal employee is in the live GoToAssist Corporate session at the same
                                            time as the service partner.

                          Option 2: 	       On the GoToAssist Corporate dashboard, the internal employee has an
                                            overview of several external service providers who provide support in the IT
                                            environment. If required, the IT employee can join one of the ongoing sessions
                                            at any time.

                          Option 3: 	       The internal employee subsequently reviews the records and logs for each step
                                            taken by the external service partner.

                          For all three options, it is the case that external service partners cannot obtain access unless
                          they are invited to a support session by an internal IT employee, when they must and can prove
                          verify their identity. The company’s IT department can specify which actions each external
                          service partner is allowed to carry out (such as a file transfer) in the user privileges management
                          section of the Admin BackendManagement Centre in GoToAssist Corporate.

                          GoToAssist records each support case automatically, also protectsing it from tampering, and
                          creates a log of all the support actions automatically.




                                                                                                                                  9
For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers




                        Conclusion

                        Complex IT environments and outsourcing of IT services to third parties make it
                        difficult for IT departments to ensure compliance. New technical remote support
                        solutions remedy the situation and simultaneously offer employees in the IT
                        department more flexibility. In order to retain control over their own IT systems,
                        companies must focus on technical solutions. In many IT departments, complex
                        “homemade” solutions are often used, but they are inadequate with regard to
                        technical security.

                        Professional remote support solutions of the latest generation, such as
                        GoToAssist Corporate, offer a more flexible workflow for IT support staff in
                        emergencies, and they guarantee secure and replicable maintenance on remote
                        computers and servers. Employees can simultaneously supervise several support
                        sessions with external service providers rather than having to work with them one
                        at a time. Sophisticated control functions ensure the security of mission critical
                        data as well as the up-time of distributed computing environments. This increases
                        efficiency and ensures control of external service providers.




                                                                                                               10
For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers




                                                                                           GoToAssist Corporate,
                                                                                           our cloud services for
                                                                                           remote and customer support

                                                                                           Get your free trial version:
                                                                                           United Kingdom: 0800 011 2120
                                                                                           http://www.gotoassist.co.uk




                        North America                               Citrix Online Europe                             Citrix Online Asia Pacific
                        7414 Hollister Avenue                       Middle East & Africa                             Level 3, 1 Julius Ave
                        Goleta, CA 93117                            Citrix Online UK Ltd                             Riverside Corporate Park
                        U.S.A.                                      Chalfont Park House                              North Ryde NSW 2113
                        T +1 805 690 6400                           Chalfont Park, Gerrards Cross                    Australia
                        info@citrixonline.com                       Bucks SL9 0DZ                                    T +61 2 8870 0870
                                                                    United Kingdom                                   asiapac@citrixonline.com
                        Media inquiries:                            T +44 (0) 800 011 2120
                        pr@citrixonline.com                         europe@citrixonline.com
                        T +1 805 690 2969
                        About Citrix
                        Citrix Systems, Inc. is transforming how people, businesses and IT work and collaborate in the cloud era. Its portfolio of
                        GoTo cloud services enable people to work from anywhere with anyone by providing simple-to-use-cloud-based collaboration,
                        remote access and IT support solutions for every type of business. Learn more at www.citrix.com and www.citrixonline.com

                        ©2012 Citrix Online, UK Ltd. All rights reserved. Citrix, GoToAssist, GoToMeeting, GoToMyPC, GoToTraining, GoToWebinar,
                        HiDef Corporate, Podio and Sharefile are trademarks of Citrix Systems, Inc., or a subsidiary thereof, and are or may be registered
                        in the U.S. Patent and Trademark Office and other countries. All other trademarks are the property of their respective owners.
                        Mac and iPad are trademarks of Apple Inc., registered in the U.S. and other countries.
                        Android is a trademark of Google, Inc.


                        205EN_WP/2012-11-05




                                                                                                                                                            11

More Related Content

More from Sergey Polovnikov

Финансовые итоги МТС (2 квартал 2015)
Финансовые итоги МТС (2 квартал 2015)Финансовые итоги МТС (2 квартал 2015)
Финансовые итоги МТС (2 квартал 2015)Sergey Polovnikov
 
Анализ роуминговых тарифов операторов РФ, ТС, ЕС и мира (весна, 2015)
Анализ роуминговых тарифов операторов РФ, ТС, ЕС и мира (весна, 2015)Анализ роуминговых тарифов операторов РФ, ТС, ЕС и мира (весна, 2015)
Анализ роуминговых тарифов операторов РФ, ТС, ЕС и мира (весна, 2015)Sergey Polovnikov
 
МТС, операционные итоги 2014 года
МТС, операционные итоги 2014 годаМТС, операционные итоги 2014 года
МТС, операционные итоги 2014 годаSergey Polovnikov
 
Сравнительный анализ тарифов операторов РФ на услуги связи в международном ро...
Сравнительный анализ тарифов операторов РФ на услуги связи в международном ро...Сравнительный анализ тарифов операторов РФ на услуги связи в международном ро...
Сравнительный анализ тарифов операторов РФ на услуги связи в международном ро...Sergey Polovnikov
 
Стоимость услуг связи в регионах России (2014)
Стоимость услуг связи в регионах России (2014)Стоимость услуг связи в регионах России (2014)
Стоимость услуг связи в регионах России (2014)Sergey Polovnikov
 
Отчет компании «Евросеть» о продажах аксессуаров собственной торговой марки G...
Отчет компании «Евросеть» о продажах аксессуаров собственной торговой марки G...Отчет компании «Евросеть» о продажах аксессуаров собственной торговой марки G...
Отчет компании «Евросеть» о продажах аксессуаров собственной торговой марки G...Sergey Polovnikov
 
Сравнительный анализ тарифов на роуминг мобильного интернета, май 2014
Сравнительный анализ тарифов на роуминг мобильного интернета, май 2014Сравнительный анализ тарифов на роуминг мобильного интернета, май 2014
Сравнительный анализ тарифов на роуминг мобильного интернета, май 2014Sergey Polovnikov
 
Tele2, результаты 1 квартала 2014 года
Tele2, результаты 1 квартала 2014 годаTele2, результаты 1 квартала 2014 года
Tele2, результаты 1 квартала 2014 годаSergey Polovnikov
 
МегаФон, результаты 1 квартала 2014 года
МегаФон, результаты 1 квартала 2014 годаМегаФон, результаты 1 квартала 2014 года
МегаФон, результаты 1 квартала 2014 годаSergey Polovnikov
 
МТС: Итоги 1 квартала 2014 года
МТС: Итоги 1 квартала 2014 годаМТС: Итоги 1 квартала 2014 года
МТС: Итоги 1 квартала 2014 годаSergey Polovnikov
 
Рынок интернет-кинотеатров в России 2013
Рынок интернет-кинотеатров в России 2013Рынок интернет-кинотеатров в России 2013
Рынок интернет-кинотеатров в России 2013Sergey Polovnikov
 
Финансовые и операционные результаты МТС 4 кв. 2013
Финансовые и операционные результаты МТС 4 кв. 2013Финансовые и операционные результаты МТС 4 кв. 2013
Финансовые и операционные результаты МТС 4 кв. 2013Sergey Polovnikov
 
Финансовые и операционные итоги Tele2 2013
Финансовые и операционные итоги Tele2 2013Финансовые и операционные итоги Tele2 2013
Финансовые и операционные итоги Tele2 2013Sergey Polovnikov
 
"Связной": операционные итоги 2013 года
"Связной": операционные итоги 2013 года"Связной": операционные итоги 2013 года
"Связной": операционные итоги 2013 годаSergey Polovnikov
 
Исследование уровня знания и пользования легальными онлайн-кинотеатрами
Исследование уровня знания и пользования легальными онлайн-кинотеатрамиИсследование уровня знания и пользования легальными онлайн-кинотеатрами
Исследование уровня знания и пользования легальными онлайн-кинотеатрамиSergey Polovnikov
 
Tele2 Россия представила первый отчет в области корпоративной социальной отве...
Tele2 Россия представила первый отчет в области корпоративной социальной отве...Tele2 Россия представила первый отчет в области корпоративной социальной отве...
Tele2 Россия представила первый отчет в области корпоративной социальной отве...Sergey Polovnikov
 
Геолокация - ключ мобильного маркетинга,
Геолокация - ключ мобильного маркетинга, Геолокация - ключ мобильного маркетинга,
Геолокация - ключ мобильного маркетинга, Sergey Polovnikov
 
МТС: финансовые и операционные итоги 3 кв. 2013
МТС: финансовые и операционные итоги 3 кв. 2013МТС: финансовые и операционные итоги 3 кв. 2013
МТС: финансовые и операционные итоги 3 кв. 2013Sergey Polovnikov
 
100 дней до Олимпиады в Сочи - МегаФон
100 дней до Олимпиады в Сочи - МегаФон100 дней до Олимпиады в Сочи - МегаФон
100 дней до Олимпиады в Сочи - МегаФонSergey Polovnikov
 
Millennialmedia SMART report (october 2013)
Millennialmedia SMART report (october 2013)Millennialmedia SMART report (october 2013)
Millennialmedia SMART report (october 2013)Sergey Polovnikov
 

More from Sergey Polovnikov (20)

Финансовые итоги МТС (2 квартал 2015)
Финансовые итоги МТС (2 квартал 2015)Финансовые итоги МТС (2 квартал 2015)
Финансовые итоги МТС (2 квартал 2015)
 
Анализ роуминговых тарифов операторов РФ, ТС, ЕС и мира (весна, 2015)
Анализ роуминговых тарифов операторов РФ, ТС, ЕС и мира (весна, 2015)Анализ роуминговых тарифов операторов РФ, ТС, ЕС и мира (весна, 2015)
Анализ роуминговых тарифов операторов РФ, ТС, ЕС и мира (весна, 2015)
 
МТС, операционные итоги 2014 года
МТС, операционные итоги 2014 годаМТС, операционные итоги 2014 года
МТС, операционные итоги 2014 года
 
Сравнительный анализ тарифов операторов РФ на услуги связи в международном ро...
Сравнительный анализ тарифов операторов РФ на услуги связи в международном ро...Сравнительный анализ тарифов операторов РФ на услуги связи в международном ро...
Сравнительный анализ тарифов операторов РФ на услуги связи в международном ро...
 
Стоимость услуг связи в регионах России (2014)
Стоимость услуг связи в регионах России (2014)Стоимость услуг связи в регионах России (2014)
Стоимость услуг связи в регионах России (2014)
 
Отчет компании «Евросеть» о продажах аксессуаров собственной торговой марки G...
Отчет компании «Евросеть» о продажах аксессуаров собственной торговой марки G...Отчет компании «Евросеть» о продажах аксессуаров собственной торговой марки G...
Отчет компании «Евросеть» о продажах аксессуаров собственной торговой марки G...
 
Сравнительный анализ тарифов на роуминг мобильного интернета, май 2014
Сравнительный анализ тарифов на роуминг мобильного интернета, май 2014Сравнительный анализ тарифов на роуминг мобильного интернета, май 2014
Сравнительный анализ тарифов на роуминг мобильного интернета, май 2014
 
Tele2, результаты 1 квартала 2014 года
Tele2, результаты 1 квартала 2014 годаTele2, результаты 1 квартала 2014 года
Tele2, результаты 1 квартала 2014 года
 
МегаФон, результаты 1 квартала 2014 года
МегаФон, результаты 1 квартала 2014 годаМегаФон, результаты 1 квартала 2014 года
МегаФон, результаты 1 квартала 2014 года
 
МТС: Итоги 1 квартала 2014 года
МТС: Итоги 1 квартала 2014 годаМТС: Итоги 1 квартала 2014 года
МТС: Итоги 1 квартала 2014 года
 
Рынок интернет-кинотеатров в России 2013
Рынок интернет-кинотеатров в России 2013Рынок интернет-кинотеатров в России 2013
Рынок интернет-кинотеатров в России 2013
 
Финансовые и операционные результаты МТС 4 кв. 2013
Финансовые и операционные результаты МТС 4 кв. 2013Финансовые и операционные результаты МТС 4 кв. 2013
Финансовые и операционные результаты МТС 4 кв. 2013
 
Финансовые и операционные итоги Tele2 2013
Финансовые и операционные итоги Tele2 2013Финансовые и операционные итоги Tele2 2013
Финансовые и операционные итоги Tele2 2013
 
"Связной": операционные итоги 2013 года
"Связной": операционные итоги 2013 года"Связной": операционные итоги 2013 года
"Связной": операционные итоги 2013 года
 
Исследование уровня знания и пользования легальными онлайн-кинотеатрами
Исследование уровня знания и пользования легальными онлайн-кинотеатрамиИсследование уровня знания и пользования легальными онлайн-кинотеатрами
Исследование уровня знания и пользования легальными онлайн-кинотеатрами
 
Tele2 Россия представила первый отчет в области корпоративной социальной отве...
Tele2 Россия представила первый отчет в области корпоративной социальной отве...Tele2 Россия представила первый отчет в области корпоративной социальной отве...
Tele2 Россия представила первый отчет в области корпоративной социальной отве...
 
Геолокация - ключ мобильного маркетинга,
Геолокация - ключ мобильного маркетинга, Геолокация - ключ мобильного маркетинга,
Геолокация - ключ мобильного маркетинга,
 
МТС: финансовые и операционные итоги 3 кв. 2013
МТС: финансовые и операционные итоги 3 кв. 2013МТС: финансовые и операционные итоги 3 кв. 2013
МТС: финансовые и операционные итоги 3 кв. 2013
 
100 дней до Олимпиады в Сочи - МегаФон
100 дней до Олимпиады в Сочи - МегаФон100 дней до Олимпиады в Сочи - МегаФон
100 дней до Олимпиады в Сочи - МегаФон
 
Millennialmedia SMART report (october 2013)
Millennialmedia SMART report (october 2013)Millennialmedia SMART report (october 2013)
Millennialmedia SMART report (october 2013)
 

Recently uploaded

Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdfJamie (Taka) Wang
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfAnna Loughnan Colquhoun
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncObject Automation
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 

Recently uploaded (20)

Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdf
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation Inc
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 

[CITRIX] How IT departments can retain control over external IT service providers

  • 1. For They Do Not Know What They Do How IT Departments Can Retain Control over External IT Service Providers with support from
  • 2. For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers Whenever external IT service providers require access to enterprise systems, IT managers often get stomachaches. However, IT managers can use the latest generation of remote support tools to ensure their company’s security even as they speed issue resolution. Most IT departments encounter the following situation. They often rely on external service providers to maintain company IT. However, external remote support services often don’t conform to the necessary security standards. To save time, IT staff often grant those external service providers permanent remote access or they grant access without performing the required security checks. More diligent and security-conscious IT departments may requires the onsite presence of an internal IT employee to monitor the external provider’s support steps. In order for external service providers to access enterprise systems in an emergency or just to maintain external solutions, companies often utilise the following approaches to ensure the integrity of their IT systems: Legal solution: • Introduction of standard written agreements for all external IT service providers • Creation of customer-specific contractual agreements that address the external IT service provider’s specific procedures Staffing solution: • Training their own employees on the IT service provider’s systems. • Principle of dual control: company employees must be present and control all work performed by external service providers. • Forgoing of external IT service providers and development of costly in-house solutions • Trust without the use of control mechanisms or supplemental agreements to service contracts Technical solution: • Utilisation of a remote technical support solution that allows for complete documentation and protects against unauthorised access. 2
  • 3. For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers Important The legal solution builds on general or service-specific contracts. The principle benefits of of deterrence applies. The disadvantages: Contracts don’t ensure genuine GoToAssist security. The more complex a contract is formulated, the more inflexible the Corporate: support. This can go so far that external service providers are prevented from performing much needed support services if they’re not governed by contract. • Easy to use • Enables immediate tech Companies that choose to train their own employees on the systems of external support to resolve IT service providers relativise the outsourcing advantage and ultimately restrict issues fast themselves so much that an economically feasible operation is no longer possible. • Absolutely secure data transfer • Permission-based Only the technical solution can offer real security and cost effectiveness. With usage the right technical solution, only authorised IT service provider staff are allowed • Ensures that access—and only when authorised by internal staff. The physical location of support from employees and service provider staff is irrelevant. The right technical solution third-party provi- ders is supervised also documents when external access to sensitive systems occurs and what and/or authorised tech support steps are taken. • IT staff can initiate remote support from anywhere at Flexible IT departments rather than rigid on-call times anytime Saturday, three o’clock in the morning: a company employee receives an emergency call on their mobile phone. Rather than travelling to the company, the employee simply opens their notebook, launches a secure remote support solution and invites the responsible external IT service provider to join the session. Quickly and easily from home—without breaking the security chain. This innovative use of remote support software is by no means a future scenario, but instead is a current and highly developed practise. The benefits of using such software, like GoToAssist Corporate, can be summarised in seven points: 1. Increased staff flexibility and availabilty: IT staff who monitor the external delivery of support can do so from any location and aren’t required to be physically present on-site. Employees can work more flexibly and are always available when needed. 3
  • 4. For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers 2. Extensive control of IT service providers Employees in busy IT departments can simultaneously manage multiple support sessions, even if they’re hosted at different locations. By recording support sessions, external IT service providers’ service steps can later be reproduced. 3. Very quick support response times: IT staff are extremely flexible, and during an emergency, e.g. a critical system failure, they can grant external service providers access to internal systems and supervise support sessions from home, even during unusual hours. 4. Reduction of outage and follow-up costs System failures disrupt smooth operations and are responsible for high costs. Not only do the repairs inflict costs on the company, but also employees may not be able to complete their tasks because of the technical failures. Indeed, if lengthy delays occur, contractual penalties could be invoked for late projects. With a flexible IT department, however, external IT service providers are no longer dependent on the physical presence of company employees and fixed office hours. Interruptions can be remedied immediately. 5. Better overview of utilised resources Modern remote support tools such as GoToAssist Corporate offer tracking and management functions as standard features. The IT department has a continuous overview of who is logged on and performing maintenance work. Solution steps and their duration can be identified at any time. 6. Learning effect as a result of best practises for future service cases Recorded support cases can be used as best practise cases for similar events in the future. Follow-up cases can therefore be dealt with more efficiently. At the same time, a knowledge base is developed. 7. Logging for documentation Thanks to the integrated recording and logging features, actions can be ascribed at any time to the responsible persons. Remote support solutions such as GoToAssist Corporate record exactly which support participant has performed which steps. Such records can be reviewed later if questions arise. 4
  • 5. For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers Retaining Control With GoToAssist Corporate The following describes a typical support scenario and the steps taken to resovle an IT issue with the help of the GoToAssist Corporate remote support solution. It illustrates how technology solutions can help ensure IT security. Highest-level security Using GoToAssist Corporate, it’s easy for IT managers and support staff to observe compliance policies without having to relinquish the services of service partners. The GoToAssist Corporate solution keeps track of who accesses corporate systems via which IP address and who performs actions. This supervision can also be performed retroactively: a video recording of the remote support session as well as all logged data are available. Session recording occurs on the server side and is thus protected from subsequent modifications and totally tamperproof. The recording cannot be interrupted and continues until the end of the session, even if a participant leaves the meeting and returns at a later time. Management features help corporate IT managers and employees keep track of things at all times and thus reduce the administrative burden. Authorised persons can log in to ongoing support sessions at any time and intervene if necessary. Since all functions are remotely available, locations are irrelevant, which ensures the desired flexibility. 5
  • 6. For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers Typical execution of a secure remote support session The typical execution of a controlled maintenance support session with GoToAssist Corporate follows these five steps: Telephone Internal IT employee External service partner 1 The IT employee receives an emergency call, contacts the external service partner and explains that urgent maintenance work needs to be performed. Secure VPN connection, e.g. via GoToMyPC GoToAssist Corporate GoToAssist Corporate connection connection Internal IT employee Server in Branch A 2 The internal IT employee sets up a VPN connection to the affected server and launches a support session with GoToAssist Corporate. The location of the affected device is irrelevant. IT employees can remain at home when they are on call. 6
  • 7. For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers GoToAssist Corporate GoToAssist Corporate connection connection Server in Branch A Internal IT employee External service partner 3 The IT department employee invites the external service provider to participate in the support session. When sending the invitation, a GoToAssist Corporate list of authorised accounts is used. The external employee needs to authenticate his or herself with username and password in order to participate in the session. GoToAssist Corporate connection GoToAssist Corporate connection Server in Branch A GoToAssist Corporate connection Internal IT employee External service partner 4 The internal IT employee provides the external service provider with all the necessary authorisation that they require for the maintenance work. GoToAssist Corporate begins by recording and logging all support steps. The internal IT employee can withdraw from the meeting and perform other duties. Or they can remain in the session to follow the work of the external service provider, to learn something or possibly to intervene. 7
  • 8. For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers Server in Branch A Server in Branch B Internal IT employee Server in Branch C External service partner A B C 5 The internal IT employee can view the GoToAssist Corporate overview to see which other internal or external service staff currently have support sessions open. Since the corporate employee’s constant presence at a session is not required, they can simultaneously control multiple sessions. IT staff can access an ongoing session at any time. In case of doubt, staff can also review the automatically recorded session. 8
  • 9. For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers Monitoring options with GoToAssist Corporate: Time-delayed view GoToAssist dashboard: Option 3 Live overview of Recording all external activities and logging Option 2 Option 1 Server in Branch A Internal IT employee Management Centre: Administration of user privileges External service partner Option 1: The internal employee is in the live GoToAssist Corporate session at the same time as the service partner. Option 2: On the GoToAssist Corporate dashboard, the internal employee has an overview of several external service providers who provide support in the IT environment. If required, the IT employee can join one of the ongoing sessions at any time. Option 3: The internal employee subsequently reviews the records and logs for each step taken by the external service partner. For all three options, it is the case that external service partners cannot obtain access unless they are invited to a support session by an internal IT employee, when they must and can prove verify their identity. The company’s IT department can specify which actions each external service partner is allowed to carry out (such as a file transfer) in the user privileges management section of the Admin BackendManagement Centre in GoToAssist Corporate. GoToAssist records each support case automatically, also protectsing it from tampering, and creates a log of all the support actions automatically. 9
  • 10. For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers Conclusion Complex IT environments and outsourcing of IT services to third parties make it difficult for IT departments to ensure compliance. New technical remote support solutions remedy the situation and simultaneously offer employees in the IT department more flexibility. In order to retain control over their own IT systems, companies must focus on technical solutions. In many IT departments, complex “homemade” solutions are often used, but they are inadequate with regard to technical security. Professional remote support solutions of the latest generation, such as GoToAssist Corporate, offer a more flexible workflow for IT support staff in emergencies, and they guarantee secure and replicable maintenance on remote computers and servers. Employees can simultaneously supervise several support sessions with external service providers rather than having to work with them one at a time. Sophisticated control functions ensure the security of mission critical data as well as the up-time of distributed computing environments. This increases efficiency and ensures control of external service providers. 10
  • 11. For They Do Not Know What They Do - How IT Departments Can Retain Control over External IT Service Providers GoToAssist Corporate, our cloud services for remote and customer support Get your free trial version: United Kingdom: 0800 011 2120 http://www.gotoassist.co.uk North America Citrix Online Europe Citrix Online Asia Pacific 7414 Hollister Avenue Middle East & Africa Level 3, 1 Julius Ave Goleta, CA 93117 Citrix Online UK Ltd Riverside Corporate Park U.S.A. Chalfont Park House North Ryde NSW 2113 T +1 805 690 6400 Chalfont Park, Gerrards Cross Australia info@citrixonline.com Bucks SL9 0DZ T +61 2 8870 0870 United Kingdom asiapac@citrixonline.com Media inquiries: T +44 (0) 800 011 2120 pr@citrixonline.com europe@citrixonline.com T +1 805 690 2969 About Citrix Citrix Systems, Inc. is transforming how people, businesses and IT work and collaborate in the cloud era. Its portfolio of GoTo cloud services enable people to work from anywhere with anyone by providing simple-to-use-cloud-based collaboration, remote access and IT support solutions for every type of business. Learn more at www.citrix.com and www.citrixonline.com ©2012 Citrix Online, UK Ltd. All rights reserved. Citrix, GoToAssist, GoToMeeting, GoToMyPC, GoToTraining, GoToWebinar, HiDef Corporate, Podio and Sharefile are trademarks of Citrix Systems, Inc., or a subsidiary thereof, and are or may be registered in the U.S. Patent and Trademark Office and other countries. All other trademarks are the property of their respective owners. Mac and iPad are trademarks of Apple Inc., registered in the U.S. and other countries. Android is a trademark of Google, Inc. 205EN_WP/2012-11-05 11