We had a client bring up privacy concerns after he realized we could remote in to his system at any time. I explained to him that we would update his policy so that it would require his permission for us to connect (as it should be - his policy hadn’t been updated yet), which brought up further concern since he realized we can make that change at any time and connect without his authorization. Further, he deals with very sensitive information and wanted to ensure that we could not access his filesystem without authorization from him, which is not the case with Syncro using the backgrounding tools, I believe.
He would have been happy with an option on his end to control remote access, where he could see whether or not we had access - but I opened Splashtop Streamer on his system and the only option for ‘requiring authorization’ was ‘off’, with no option on his end to enable it.
This seems like a serious privacy concern, especially for clients such as doctors and lawyers who have confidential information that could be accessed. Is there any way to give the clients more control or do they just have ‘trust’ that we’re not going to breach their privacy?
Even if there was a way for your client to be the only one in control of remote access via Splashtop, once a RMM agent goes on the PC there is always a way to gain access into the data on the PC.
Be upfront with the client about Syncro back ground tools, about scripting etc, and that you don’t need access to Splashtop to look at his data if you had the time to look at his one PC compared to the hundreds or thousands of other PCs your business looks after.
At the end of the day, the client has to decide to trust you or some other IT provider.
Alternatively your client can decide to only trust himself and no one else.
I agree with andrewd here. I have a few of these clients and while I respect them - there wont be a good solution that will work without trust. Granted, I do have a few that dont want any rmm - so we have work out a deal where either we come out to them or they come to us every few weeks to do a check up on their machines, but it does require more time and so we do have to charge them more of it.
Andrew nailed it. If they can’t trust you, then you can’t do your job effectively. A lot of our work can fall outside of business hours, and then what? There are reports for remote access, you can send him those if he wants to monitor connections.
Thanks all. With the frustration of our client I think we glossed over the options in Splashtop and didn’t realize what it was saying. We’ve gone a different route with him but if it comes up again at least we know it’s an option.