Here at Vigilix, we have worked hard to ensure that your system stays secure. This page describes the security measures we have taken for the Remote Control feature. The Vigilix Dashboard keeps logs of Remote Control activity so you can see who has been using Remote Control inside your system. With two-factor authentication, a user must verify his or her identity in two different ways before taking control of a Remote Agent. Finally, Vigilix only allows users with certain roles to take Remote Control.
Vigilix supports two-factor authentication for Remote Control, which is a requirement for PCI compliance. To access Remote Control when this feature is enabled, a user must first log on to the secure Vigilix portal. When that user tries to take control of an Agent, he or she will receive an e-mail or text message with a six-digit PIN. The user is prompted for this PIN before they are allowed access to the remote machine.
To enable two-factor authentication, do the following:
- Go to Organization Options in the navigation menu and then select Security Settings.
- Check the Enable two-factor authentication for Remote Control box.
- Click the Save icon next to Security Options
With two-factor authentication enabled, the Vigilix user will receive a PIN via e-mail, text message, or both depending on how the user account is set up. The PIN is good for ONE time and will only unlock the Remote Control module for five minutes after the PIN was sent.
Remote Control Logging
There are two places in the Vigilix portal where Remote Control access to an Agent is recorded. The first is the Audit Trail, which shows all activity that has taken place within an Organization on the Vigilix Dashboard. In the navigation menu, click Reports and then Audit Report. To see the remote control sessions that have taken place within your Organization, select Remote Control from the Type drop-down menu. You may fill in any of the other fields to narrow the scope of the report (the fields are all optional), and then click Search.
Your report will give you login information, the date, and the Agent that was accessed through Remote Control. To refine your search, fill in any of the fields at the top of the window and click Search.
Remote Control Session Log Alert
You can also see more details about a Remote Control session through the Remote Control Session Log alert. To see this information, click Remote Control Agents in the navigation menu and choose Click for Options next to the Agent you want. Inside that menu, select View History. Click on the name of the Remote Control Session Log, and you will see a screen similar to the one below. The left panel is a timeline for that event, and the right panel shows more details for that Remote Control session.
User Access to Remote Control
The User Role assigned to a user in the Vigilix portal determines whether or not that user can access Remote Control. The following User Roles can access Remote Control by default:
You may also allow users without one of these roles to have Remote Control. Simply do the following:
- Click User Administration and Manage Users in the navigation menu.
- Select the user from the list near the bottom of the window (you may have to expand an Organization or Customer), and check the box that says Allow access to Remote Control.
- Click the Save icon.