Information technology systems utilized in retail, entertainment and restaurant operations continue to grow in scope and complexity while under continuous pressure to reduce costs related to acquisition, support and maintenance. Suppliers of all types of system components are therefore incorporating capabilities that more easily allow for low cost maintenance, diagnosis and troubleshooting of remote installations. Of particular value are enhancements that allow faster, simpler and more powerful access to remote systems by support and maintenance technicians.
As these pressures come to bear, however, new and unprecedented requirements related to ensuring the security of consumer and business information handled and stored by systems are being placed on suppliers and operators. An example of these requirements are those imposed by PCI DSS (Payment Card Industry Data Security Standard), a multifaceted security standard which was developed by the major credit card companies and is aimed at preventing credit card fraud, hacking and various other security vulnerabilities and threats. Under particularly close scrutiny are any system implementations or business processes which might allow unauthorized access to remote installations, thereby creating the risk of security breaches and theft of sensitive data.
These trends and their related pressures are in clear conflict. On one hand, what serves to make systems more easily accessed with a high level of privilege on the part of a remote technician can also make those same systems far more vulnerable to breaches and theft. On the other hand, what serves to make systems more centrally and rigidly controlled from the standpoint of remote access and privilege also serves to drive up capital costs and operating costs related to network infrastructure, maintenance and support.
A need, therefore exists, for a more secure support and maintenance system which enables powerful capabilities at lower operating costs while using existing infrastructure.