How GDPR compliant is Remote Access Plus?

There is a steep demand towards the compliance for European Union's General Data Protection Regulation (GDPR) that sets rules to ensure end-users' privacy. The primary focus of GDPR is to provide granular insights to the end-users on how, where and what amount of their private data has been stored, processed and used.

ManageEngine Remote Access Plus as an enterprise that deals with personal information (PII) of the end-users has various features that ensures end-users' privacy.

Principles on processing private data

At Remote Access Plus, we ensure that any personal information such as an e-mail ID that you provide during sign-up, evaluation, purchase or the course of usage is obtained with explicit consents and used per ManageEngine's Privacy Policy for the purposes that are defined by you.

Remote Access Plus throws light on all the personal information acquired, its purpose and where it is being stored. Remote Access Plus users can request for the complete information on what amount of their personal data is being obtained and processed. Remote Access Plus as per GDPR article 15 is totally liable for the information acquired and shall provide complete info on the requested data within the promised duration.

Data Protection and Security

At Remote Access Plus we are hyper focused on technical and organisational security. So whenever you contact our team for technical assistance, we do not acquire any information from your database without your consent. If you've enabled automatic upload of logs for diagnostic purposes, only the relevant and required data such as the server and the agent logs is obtained without any personal information.

Right to Erasure

Whenever a technician/user is removed from Remote Access Plus, as per GDPR article 17 Remote Access Plus does not retain any information of the particular user except for the user name as it is required for audit and legal purposes

Data Security and Breach Notification

Remote Access Plus is highly reliable with 256 bit encryption. However, in accordance with GDPR article 33, whenever Remote Access Plus (data processors) is impacted by a data breach, the customers who've subscribed for the breach notification, will be notified on the breach, its effects along with the relevant fixes. Similarly, if a vulnerability is detected in Remote Access Plus, we ensure to duly notify all the customers on the vulnerability, its impact with the relevant fixes.

User Confirmation

Request the end user's stamp of approval before initiating a remote session, and require technicians to provide a reason for connecting to employees' computers. Financial and health care companies striving hard to comply with regulatory bodies like HIPAA, PCI and others can count on Remote Access Plus, as it comes with a setting to request the end user's stamp of approval every time before initiating a remote session and require the technicians to provide the reason for connection.

Role based access control

You have too many technicians working with Remote Access Plus and would you let them access every detail of your enterprise? With User Management, you can tailor roles or use the predefined roles to define scope for each technician and refine them from accessing information elevated to their privilege.

Have you any queries on Remote Access Plus, feel free to shoot us a line at remoteaccessplus-support@manageengine.com

 

Also read articles on,

  1. How PCI DSS compliant is Remote Access Plus?
  2. How HIPAA compliant is Remote Access Plus?