Our IT team has grown a bit recently, so we’re reviewing technician permissions.
Right now, a few people have access to the Manage tab, which means they can start Remote View or Remote Control sessions. It hasn’t caused issues so far, but we’re wondering if it’s better to limit that just to the support team.
For those managing larger teams, how are you handling this?
27 Views
Hey @benjay !
At first, most of our admins could start remote sessions, but after a while, it felt a bit too open. So, we created a separate technician role just for the support engineers with remote view/control permissions. The other admins still manage policies and devices, but they can’t start sessions anymore.
Honestly, it made things much easier to keep track of.
That actually sounds like the direction we’re thinking about.
Did it cause any issues, though? Like when an admin occasionally needs remote access?
Not really. We kept it mostly within the support role, but for one or two senior admins, we added remote session and control permissions to their existing roles.
They don’t use it often, but it’s helpful when something gets escalated and they need to jump in.
Funny thing — when we first introduced remote support, a few employees thought IT could just pop into their screens anytime without them knowing 😄.
But once they saw that the device actually showed a prompt asking them to allow the session, most of those concerns disappeared.
😂 I can imagine that happening here too.
But what about devices running in kiosk mode? We have a few POS terminals, and obviously, there’s no one there to approve a session.
Yeah, we ran into the same thing.
For those devices, we enabled unattended access through a policy, but only for that kiosk device group. Everything else still requires the user approval prompt.
Got it. That actually sounds like a good balance.
I’ll probably keep remote sessions limited to the support role and only enable unattended access for our kiosk devices.
Thanks for sharing how you guys set it up!
Don't have an account? Sign up
