Types of remote access software

There are different ways to remote into a system or computer. This guide will help you find the right one for your business and use case.

If you have a physical office, you may have computers and systems that you need to access from home. Remote access software allows you to connect to a system, computer, or network from over the internet. Since that access is exposed to the internet, it is important to make sure only the right people can connect to it.

If your business doesn't have a physical office that hosts systems and only uses cloud-based tools, you don’t need to worry about remote access software. Read our other tips about securing your business and your other cloud tools.

Top 11 security tips for business


At CERT NZ, we see attackers taking advantage of weak remote access controls. Once they bypass these controls, they often drop malware or ransomware on the system and this can spread like wildfire on your network.

The guide below can help you understand which remote access solution can work for you and your team. Each solution has their benefits and downsides. It is important to pick a solution that works for how your business operates.

Types of remote access

Before you pick a solution, it is important to know what your options are. We've briefly described them below, provided a table of the advantages and disadvantages, and added a summary of each option.

Types of remote access:

Virtual private network

Virtual private network (VPN) software creates a tunnel between your remote computer and your office network. Setting up a VPN requires you to either configure a server on your office network to run the VPN software or enable VPN features on your office router. Once connected to the VPN, you can access the same files and systems as if you were sitting in your office.

You might have heard of VPN software in your personal life, like when it comes to using overseas streaming services. While this is the same technology, it is not used in the same way. VPN software for your business connects you to your private, office network. Where VPN software you use in your personal life might allow you to appear to be located geographically somewhere else.

  advantages Disadvantages
Authentication Some software allows multi-factor authentication (MFA) and other secure controls, like invalid login attempts. Authentication controls have to be configured, and not every VPN software offers the same options.
Authorisation As a central connection point, it is easy to manage incoming and outgoing connections.

You can configure controls to allow users to part of the network as if they were working in the office.
If your authentication controls are not strong, it could mean an attacker also has access to your entire network.

This level of access might be too much if staff or third parties just need access to a single machine or system.
Encryption in-transit Some software allows you to use encryption so data is secured while being sent through the tunnel.

There are multiple options, and it comes down to the type of VPN protocols used and the encryption they support.
Not all encryption is created equal. Some VPN protocols have known vulnerabilities and should not be used, like PPTP.
User accessibility Depending on the software, it may only require a user to download software or access a website (browser-based) on their remote computer. Some staff may require help in getting their remote computer setup.
Initial setup and maintenance Most VPN software vendors have guides to help you and your stuff use their product.

Most of these vendors also provide updates to their software when known vulnerabilities are discovered.
Setting up a VPN server can take a lot more time than other options.
It also requires updates to software on the server, and sometimes on the remote computer if they are using downloaded software.
Performance   VPN software usually has limits on how much traffic they can support. You will have to consider how many people will need to connect and if this option is viable.

Higher encryption standards often means slightly slower performance due to the time it takes to encrypt connections.

This doesn't mean you should turn off encryption. It might mean you should look to other remote access software that allows for higher performance.

Summary — VPNs

VPNs are a good option for businesses who have a small to medium-sized workforce who need access to multiple files and systems on the office network. It is ideal for a business who needs their staff to be 'virtually working' in the office, with access to all the same tools and systems they have when they are sitting at their desk.

When going with a VPN, it is important to check:

  • which VPN protocols that are used and if they have any known security issues
  • if they support MFA and other strong authentication controls
  • what access and security logs you could configure and review, and
  • if they can support your performance needs.

This is not a good option for businesses who use a lot of third party vendors or contractors who don’t need access to the entire network. It also might be challenging to implement a correctly sized VPN if you have a large workforce.

SaaS remote desktop tools

Software-as-a-service (SaaS) remote desktop tools create a connection between your remote computer and a single computer at the office. Setting this up requires you to download remote desktop software to the computer you need remote access to, and authenticating to it via software or a browser on your remote computer.

Software-as-a-service products, like Team Viewer and LogMeIn, are considered remote desktop software.

  Advantages Disadvantages
Authentication Some software allows multi-factor authentication (MFA) and other secure controls, like login attempt limiting. These are either built into the software, or third-party addons. Authentication controls have to be configured, and not every desktop software offers the same options.
Some software only requires a PIN which can be easy for attackers to guess, brute force, or phish.
Authorisation Allows you access to the computer as if you were sitting at your desk.
This would be a good level of access for third parties vendors or contractors who only need access to one computer on a network.
If your authentication controls are not strong, it could mean an attacker also has access to your computer.

It is not a central access point, so it can be difficult to control if you have multiple staff using their own remote desktop software.
Encryption in-transit Most vendors confirm that they use encryption. This is configured and enforced by the remote desktop software and requires no setup or user involvement. Most remote desktop software uses proprietary protocols, which means we can't be sure how they work. We also don't have the ability to change these protocols or configurations ourselves.
User accessibility Depending on the software, it may only require a user to download software or access a website (browser-based) on their remote computer. Some staff may require help in getting the remote desktop software downloaded and installed on their work computer.
Initial setup and maintenance Initial setup is easy. It requires you to download software on your work computer and set up configurations. After that it will require periodic software updates. Most remote desktop software uses their own proprietary protocols. This means the vendor is solely responsible for keeping it secured.
Performance Since you are connecting one user to one computer, performance will be dependent on the user’s internet connection and would be less affected by the performance of the office's router or VPN server Remote desktop software will also have limits on how much traffic they can support.

Higher encryption standards often means slightly slower performance due to the time it takes to encrypt connections.

This doesn’t mean you should turn off encryption. It might mean you should look to other remote access software that allows for higher performance.

Summary — using SaaS remote desktop tools

Remote desktop software is a good option when you have a limited number of staff, third party vendors, or contractors who need access to a single computer.

When going with remote desktop software, it is important to check:

  • if the software is still supported and patched by the vendor
  • if they support MFA and other strong authentication controls, and
  • if audit and security event logs can be enabled.

This is not a good option for businesses who need a remote working solution for a large number of staff.

Common remote service ports

Similar to remote desktop software, common remote services can allow a user remote access to one computer. Instead of using proprietary vendor protocols, remote services used widely used protocols and services that are often built into the operating system. Such services include RDP, VNC, or SSH.

  Advantages Disadvantages
Authentication There are many guides online that can help you set up a MFA server so you can enable MFA for your remote access service. Setting up a MFA server adds a level of complexity to setting up remote access. Most organisations don’t take this step and end up using just usernames and credentials to access the remote service.
Authorisation Allows you access to the computer as if you were sitting at your desk.

This would be a good level of access for third parties vendors or contractors who only need access to one computer on a network.
If your authentication controls are not strong, it could mean an attacker also has access to your computer.

It is not a central access point, so it can be difficult to control if you have multiple staff opening ports and enabling remote access services.
Encryption in-transit   Not all remote access protocols use encryption. It will depend on the software you are using and if they configure it by default. For example, VNC is a common remote access service used for Apple devices. It does not encrypt traffic itself and therefore requires the software to add an additional layer of encryption when setting up a remote connection.
User accessibility   Using remote access services requires more technical knowledge than just accessing a browser or downloading a piece of software. It also requires the user to open remote access ports and configure firewall rules on their work computer.

This should be a task done with the help of the IT team.
Initial setup and maintenance Maintenance can be straightforward. Remote access services require you to keep the service and operating system it runs on up-to-date. Initial setup can be difficult as it requires you to set up the remote desktop service and the MFA server (if you don't have one).
Performance Since you are connecting one use to one computer, performance will be high and dependent on the user’s internet connection. Remote desktop software will also have limits on how much traffic they can support.

Higher encryption standards often means slightly slower performance due to the time it takes to encrypt connections.

This doesn't mean you should turn off encryption. It might mean you should look to other remote access software that allows for higher performance.

Summary — using remote service ports

Exposing remote access services directly to users over the internet carries a large security risk because they need to be configured well in order to be secure. Instead of opening these remote access services to the internet, you could consider enabling VPN features on your office router so your technical staff could securely RDP from a non-public location.

When setting up remote access services, it is important to check:

  • how MFA can be configured for your setup,
  • how audit and security event logging can be configured,
  • if the software used supports strong encryption, and
  • if the software used is still being patched by the vendor.

This is not a good option for businesses who need a remote working solution for many staff or staff who are not in IT operations.