Protecting SMBs with Remote Desktop Management and Access Controls

The First Industrial Revolution ushered in a predominance of office- and factory-based work. Technological advancements and financial requirements shifted employment opportunities from agriculture- and handicraft-based work to industry[i] and manufacturing. This evolution meant that workers were forced to leave their leave their homes to find sustainable employment. At the time, offices were by no means a new or unfamiliar concept, but outside-the-home work now became the norm rather than the exception. By the dawn of the 20th century, more people worked in office or factory spaces than not.

This trend continued for decades. While telecommuting emerged in the 1970s, perhaps fueled along (eh, hrm) by the OPEC oil embargo, remote work was rare and often viewed as a special benefit for certain employees. It wasn’t until 1990, when the U.S. Office of Personnel Management and General Services Administration launched the Federal Flexible Workplace Pilot Program,[ii] allowing federal government employees to test work-from-home programs, that companies started experimenting with remote workers.

It’s no coincidence that around the same time, affordable desktop and laptop computers become readily available, making the transition from corporate office to home office easier. Over the next few decades, aided by mobile phones, reliable WiFi, and cloud, we’ve arrived at a place where it’s no longer unusual for businesses to have a heavy percentage of employees working remotely.

Benefits of remote vs. IT challenges

Remote and flexible work offer undeniable benefits, but they also create challenges for IT and security teams. Remote employees need access to all the same digital resources as on-premises employees, but this requires secure connections to and from corporate networks and cloud services and applications. It means that organizations need to find ways to ensure that personally-owned devices, which might not have the most up-to-date security controls, are not passing exploits to corporate resources. It means access controls and authentication mechanisms must be tightly maintained and monitored. And it means that IT and security teams need to be able to triage remote workers’ issues, but do so securely, even if the employee is using an insecure device or working from a high-risk location.

In the early 2000s, David Hervieux was consulting as a software architect and developer in Montreal, Quebec. He found he consistently needed a simple way to login to clients’ systems, but he didn’t find any commercial tool that fit his needs. Over the next few years, as he continued to work for himself then for healthcare-related organizations, he started using his personal time to build a remote desktop tool that fulfilled his own requirements as a consultant and architect. In 2010, he published the solution for others to use, and then received a call from a company that wanted to white label it and use it for internal remote desktop protocol (RDP) and SSH purposes.

SMB focus

Thus was born Devolutions, a now 10-year old company headquartered just outside of Montreal, which today employs more than 120 people. Devolutions’ offerings are geared toward small- and medium-sized businesses (SMBs), and include Remote Desktop Manager (RDM), Password Hub, Password Server, and Wayk Now, a remote desktop and support utility. The key to their success, said Max Trottier, VP of Sales and Marketing for Devolutions, during a recent call, is “a good user experience and a simple way for small IT teams to manage and secure remote access and access controls.” Trottier told us that their customers are “looking for increased productivity and better user experience in a platform that’s easy to install and fits the budget of an SMB.”

Remote Desktop Manager is Devolutions’ primary platform, as it integrates the company’s other aforementioned products. With RDM installed, IT and security admins can securely and centrally launch and manage remote connections, manage and monitor passwords, apply role-based access controls, enforce two-factor authentication, and audit connections.

Devolutions supports API/SDK integrations with 60+remote desktop technologies and password management tools, meaning, if an organization already has a KeePass or CyberArk deployed, for instance, they can continue to use those technologies and apply Devolutions as a quasi-orchestration layer to see and manage all activity in one dashboard. When we asked why Devolutions has decided to play nicely in the sandbox with would-be competitors, Trottier told me and Ed that their business strategy for the short term is serving current needs of SMBs—companies that haven’t yet embraced the passwordless movement and don't have the internal resources to manage, buy, or build their own infrastructure. “We might not have the most robust feature set,” said Trottier, “but our products are quick to deploy and give companies simple control over their connections, permissions, and privileges.”

The company also offers Web Browser Password Plugin as a companion to RDM, Password Server, and Password Hub; an authenticator app that can be downloaded for free from the Apple App Store or Google Play Store; and Devolutions Launcher, a free tool that secures remote connections on Windows OS.

Future fit

In the long term, Devolutions will be challenged to evolve their technologies to handle the move toward passwordless and the reality of cloud. For now, however, the company is seeing a major uptick in requests for downloads, and customers are happy with the near-real-time visibility and control they get after installing one or all of the tools.

Interested IT or security admins can test any of the products by downloading s a 60-day free trial from the Devolutions website. If you’re looking for a quick way to gain increased control immediately, Devolutions is worth a look. For the future, we hope to see the company embrace the orchestration aspect of their RDM product and help their customers migrate securely to the cloud.