Remote Access: Your Hidden Risk
Is Your Dental Practice Secure?
Remote Access Might Be Your Weakest Link
A Super-Quick Bullet Point Guide for Dental Practice Owners
What Is Remote Access?
- Remote access allows someone to control your computer from another location. It’s often used by IT vendors, consultants, or staff working off-site.
- Remote access software can be easily installed by any employee without the practice owner’s knowledge if proper IT safeguards are not in place. (i.e.: group policies, user permissions)
- Remote access software that was innocently installed in the past may be long forgotten may remain actively listening for many years, potentially allowing unauthorized users to maintain access. This poses security risks to dental practices by potentially exposing confidential and sensitive information to unknown actors.
Remote Access Security Checklist
Use your IT Vendor or Do It Yourself ?
If the steps listed below are unfamiliar, best to avoid ‘doing-it-yourself’ and engage your IT vendor to do this work.
Step 1: Identify Remote Access Tools
☐ Obtain a list of all active remote connections, and all listening ports.
☐ Check all workstations and servers for software like TeamViewer, LogMeIn, GoToMyPC, AnyDesk
☐ Check for open RDP ports. Check the RDP event logs if you have concerns.
Step 2: Review Access Permissions
☐ List all users with remote access credentials.
☐ Confirm that each user still requires access.
☐ Remove access for former employees or vendors.
Step 3: Secure Remote Connections – most important
☐ Disable all unused remote access software.
☐ Require unique usernames and strong passwords for remote access.
☐ Use a VPN (virtual private network) for remote access.
☐ Enable two-factor authentication for remote connections.
Step 4: Monitor & Maintain
☐ Schedule bi-annual audits of remote access tools.
☐ Train staff to report suspicious software or activity.