One of the more pervasive challenges today is that remote site access has been around for decades, but the security needs have sharply changed. No longer, for example, does a firewall have to be pierced to permit remote site access.
"Remote support tools do not jeopardize a firm's PCI compliance efforts. Bad implementation does," said George Hamilton, senior product manager for LogMeIn, a remote access and support software company based in Boston.
Hamilton cites a typical problem with many of today's remote access setups, referencing a conversation he had with a retailer at a recent tradeshow and an employee who left the chain. "When one of their technicians left the company, it took them six hours to go onto all of the individual systems and remove their login credentials," he said. "During that entire six-hour period, that person who no longer worked for the company, he had access to critical POS systems. That is something you want to control centrally."