Remote Access and GDPR: A Compliance Odyssey – Part 1

With the release of the updated General Data Protection Regulation, its impact on remote control software has been on my mind a lot recently. If the topic of remote control and data protection doesn’t ring your bell, I understand. Unless you are a member of the help desk crowd, you probably don’t share my interest in remote control software. Similarly, unless you are within the European Union, you may not even be aware of the GDPR, much less its impact on remote control. But bear with me for a moment.

The GDPR was designed to protect personal data. Your personal data. To that end, organizations who collect, monitor or store your data will be held to a set of standards for processing it as well. I may be over-selling this a little, but if you interact with networked computers (e.g., the Internet) the topic of remote control and GDPR should interest you.

First, consider that remote control software is everywhere. Popular remote control tools VNC and TeamViewer are installed on over a billion devices each. Every version of Microsoft Windows since XP has included remote desktop protocol (RDP). Netop Remote Control, the product I work with, is used in over 80 countries, by half of the largest banks in the world, and by a quarter of the world’s largest retailers.

The list of remote control software vendors goes on and on. Remote control software has become an integral part of computer networks. Used for installing, configuring and maintaining the digital devices our modern lives depend on, it’s not an exaggeration to say your life would be significantly different without it.

Second, regulations passed by the European Union impact everyone. Whatever your thoughts on the extraterritorial effect of legislation in the European Union (and who doesn’t think about that subject) the impact of the EU on the global economy can’t be overlooked. The European Council estimates the EU as either the largest or second largest trade and investment partner for most countries in the global economy. For example, the US government calculates over $1 Trillion USD annually in transatlantic trade with the EU. The economic relationship between the US and the EU is the largest and most complex in the world. If you live in the EU, or the US, or do business with citizens of either region, you will be impacted by these regulations.

Comprised of 99 Articles and 173 Recitals, the GDPR is a combination of generic principles and specific guidelines designed to cover every possible situation involving personal data.

The GDPR takes effect on May 25, 2018. While that may sound like ample time to prepare your compliance strategy, anyone who deals with PCI-DSS compliance or has suffered through the migration to EMV compliant payment cards will tell you that compliance with comprehensive new regulations takes longer than you initially expect.

My exploration of the GDPR’s impact on remote control software is by no means a comprehensive analysis of each regulation and requirement, but rather an overview of the subject for anyone who uses remote control software in their business or commercial life.

For a comprehensive guide to aligning your remote access solution with the General Data Protection Regulation, check out our latest white paper “Making Remote Support GDPR Compliant: A Complete Guide.”

Over the coming weeks, I’ll be reviewing how the GDPR themes of Transparency, Accountability and Consent impact the use of remote control software. Additionally, I’ll discuss configuration options, product settings and best practices to comply with GDPR concepts like Data Minimization, Data Security and the Right-to-be-forgotten. Subscribe in the sidebar to receive notifications when I post these articles. Drop me a note below with your thoughts and questions about the GDPR and I’ll do my best to answer them in future posts.

One thought on “Remote Access and GDPR: A Compliance Odyssey – Part 1

Comments are closed.