What is remote access?
With the help of remote access, remote computers, servers, networks, network components or other IT systems can be accessed from a local computer. Remote access is used in both private and professional environments. A typical application is an access to centrally stored data and applications for working on the road or from the home office.
Remote desktop applications also fall under this type of remote access. They mirror the desktop of a remote computer onto the user interface of a local device. Users work with the local device on the centrally provided physical or virtual remote computer.
Other possible applications include remote support, remote control of IT processes and applications, or remote maintenance and administration of desktop systems or IT systems and network components such as routers and switches. Various concepts and software solutions exist for remote access. To secure remote access, connections to remote systems are usually authenticated and encrypted.
How remote access works
To access a remote system, a network connection is required. The Internet is often used in combination with VPN connections for remote access. However, private data networks or dial-up connections via telephone networks can also be used. Many remote access solutions are client-server-based. A server component is installed on the system to be accessed remotely, to which the client software installed on the local computer connects.
In addition, numerous standardized or proprietary protocols exist for establishing remote access connections. One of these protocols is the proprietary Remote Desktop Protocol (RDP) from Microsoft. It is not only integrated into Windows systems but can also be used for other operating systems such as Linux. Other remote access and remote desktop protocols include Virtual Network Computing (VNC), Apple’s Apple Remote Desktop (ARD), or X11 forwarding.
Security aspects of remote access
Without security measures, the possibility of remote access represents a major security risk, as in principle any computer can connect to the remote system and misuse it, manipulate it or steal data. Remote access connections are therefore usually protected by various security mechanisms. To establish a connection, the local computer must authenticate itself to the remote system.
Only authorized clients or users are granted access to the remote resources released for them. To prevent unauthorized reading of the data transferred between the local computer and the remote system, the connections are encrypted.
Virtual private networks (VPNs) are a frequently used technical option for securing and encrypting remote access. A VPN creates a closed, protected network within the Internet. The participants of a VPN are securely connected to each other via the Internet and can exchange data without it being visible to others.
Remote access can be realized on the basis of VPN connections. A high level of security for remote access is provided by the use of direct data connections. They provide a direct, physically protected connection option that is isolated from the Internet but comes at a significant additional cost compared to Internet connections. Other security measures include:
- The need for explicit consent from the client before the start of a maintenance session
- Automatic notifications of active remote access
- Audit-proof logging of remote access