Frequently Asked Question
Tools available
Last Updated 2 hours ago
Tools available
Remote‑support tools – an overview, security track‑record and why the choice matters
Below is a quick‑reference guide to the most common remote‑support utilities used by UK IT support firms. It covers the core features you’ll find, any known security breach (or serious vulnerability) that has been publicly disclosed, and the factors you should weigh when picking a solution for your business.
1. Summary table
| Tool (vendor) | Primary use‑case | OS support | Key features | Notable security breach / CVE* | Current security stance |
|---|---|---|---|---|---|
| AnyDesk (AnyDesk Software GmbH) | Quick‑connect remote control for SMBs and technicians | Windows, macOS, Linux, iOS, Android, Raspberry Pi | Low‑latency codec, file transfer, session recording, unattended access | 2020 – CVE‑2020‑13873 (remote code execution via crafted packet) – patched within weeks; no mass data breach reported | End‑to‑end TLS 1.2, RSA‑2048 key exchange, optional two‑factor authentication (2FA) |
| TeamViewer (TeamViewer GmbH) | Full‑featured remote support, meetings and file sharing | Windows, macOS, Linux, iOS, Android, ChromeOS | Unlimited devices, Wake‑on‑LAN, VPN, chat, audit logs | 2016 – Phishing‑based account takeover (attackers obtained credentials, accessed client PCs); 2021 – CVE‑2021‑30122 (privilege‑escalation) – patched | AES‑256 session encryption, 2FA mandatory for admin accounts, device‑level whitelisting |
| GoToAssist (LogMeIn, now part of GoTo suite) | Ticket‑driven remote support for MSPs | Windows, macOS, iOS, Android | Integrated ticketing, multi‑monitor support, file transfer, chat | 2020 – LogMeIn (parent) data‑exposure incident (customer support logs inadvertently exposed on a public bucket). No unauthorised remote control reported. | TLS 1.2, 256‑bit AES, optional 2FA, granular role‑based access |
| Splashtop (Splashtop Inc.) | Remote access for IT, education and personal use | Windows, macOS, Linux, iOS, Android, ChromeOS | High‑performance video/graphics, SMB file shares, remote printing, on‑prem firewall tunnelling | 2020 – CVE‑2020‑11128 (remote code execution via malicious web‑socket) – patched quickly; no large‑scale breach reported | TLS 1.2, RSA‑2048, optional 2FA, per‑device licensing |
| ConnectWise Control (formerly ScreenConnect) | Remote support & unattended access for managed service providers | Windows, macOS, Linux, iOS, Android | Session shadowing, custom branding, API, granular permission groups | 2019 – CVE‑2019‑11573 (information disclosure through log files) – patched; no confirmed data breach | AES‑256 encryption, 2FA, IP‑based access control |
| NoMachine (NoMachine SARL) | High‑performance remote desktop, especially for Linux & graphics‑intensive work | Windows, macOS, Linux, Raspberry Pi, iOS, Android | NX protocol (very low bandwidth), file transfer, USB redirection, multi‑session | 2020 – CVE‑2020‑14001 (remote code execution via crafted NX packets) – patched; no breach of customer data reported | TLS 1.2, 256‑bit AES, optional SSH‑based authentication |
| Microsoft Remote Desktop (RDP) + Quick Assist | Built‑in Windows remote assistance | Windows (client & server), macOS (client) | No extra licence for Windows, easy AD integration | Multiple RDP‑related breaches (e.g., 2020 BlueKeep CVE‑2019‑0708, 2021 PrintNightmare) – largely protocol‑level flaws, mitigated by patches and Network Level Authentication (NLA) | Uses Windows security model; 2FA via Azure AD can be enforced |
| LogMeIn Pro | Remote access for professionals | Windows, macOS, iOS, Android | File transfer, remote printing, multi‑monitor, 2FA | 2020 – Same LogMeIn bucket exposure as GoToAssist | TLS 1.2, 256‑bit AES, 2FA |
\*Only publicly disclosed, significant incidents are listed. All vendors have released patches; however, the existence of a breach or high‑severity CVE is a useful indicator of how quickly a vendor reacts and how mature its security processes are.
2. What each tool actually does (key capabilities)
| Capability | AnyDesk | TeamViewer | GoToAssist | Splashtop | ConnectWise Control | NoMachine |
|---|---|---|---|---|---|---|
| Unattended access | ✔ (static address, password) | ✔ (Easy Access) | ✔ (persistent agents) | ✔ (on‑prem server) | ✔ (host module) | ✔ (NX agent) |
| File transfer | Drag‑and‑drop, clipboard sync | Integrated file manager | Transfer via chat window | Drag‑and‑drop, FTP‑like | Drag‑and‑drop, clipboard | SFTP‑style transfer |
| Session recording / audit | Optional (Pro) | Built‑in logs, GDPR‑ready | Detailed ticket logs | Cloud recordings (Enterprise) | Full audit trail, API export | Log files, optional |
| Multi‑monitor / high‑res | Yes (up to 4K) | Yes (up to 4K) | Yes (dual‑monitor) | Optimised for video/graphics | Yes (multiple monitors) | Yes (up to 4K) |
| Cross‑platform support | Very wide (incl. Raspberry Pi) | Wide (incl. ChromeOS) | Good (mobile apps) | Good (incl. Linux) | Good (all major OS) | Excellent for Linux |
| Pricing model | Per‑seat or concurrent licences | Per‑seat or concurrent, free for personal | Per‑technician, subscription | Per‑device or per‑user, low cost | Per‑technician, subscription | Free for personal use, commercial licences available |
3. Why the right tool matters
- Data protection & GDPR compliance
- Remote sessions can expose confidential client data. A tool that offers end‑to‑end encryption, audit logs and role‑based access helps you demonstrate compliance to the Information Commissioner’s Office (ICO).
- Some tools (e.g., TeamViewer, ConnectWise Control) allow you to store session recordings in the EU, which may simplify data‑subject access requests.
- Security posture & patch cadence
- A vendor that reacts swiftly to CVEs and provides automatic updates reduces the window of exposure.
- Look for built‑in two‑factor authentication, IP whitelisting, and device‑level certificates. Tools lacking these (or offering them only as add‑ons) increase the risk of credential‑theft.
- Performance on low‑bandwidth links
- For remote sites with 3G/4G or satellite connections, the codec matters. AnyDesk’s DeskRT and NoMachine’s NX protocol are particularly efficient, whereas some VNC‑style solutions can feel sluggish.
- Scalability & licence economics
- A small MSP may start with a per‑seat licence, but as the client base grows, concurrent‑user pricing often becomes cheaper.
- Some tools (e.g., Splashtop) have per‑device licences that are ideal for kiosks or ATMs, while others (TeamViewer) are better for unlimited device usage.
- Integration with existing ticketing / PSA systems
- Seamless API or native plug‑ins for ConnectWise Manage, Autotask, ServiceNow, etc., cut down on manual entry and improve SLA reporting.
- Tools lacking integration can cause duplicated effort and increase the chance of human error.
- User experience for the client
- A simple, one‑click join code (TeamViewer, AnyDesk) reduces the support call time.
- If the client is non‑technical, avoid solutions that require complex firewall changes unless you can pre‑configure them.
- Regulatory or sector‑specific requirements
- In finance or healthcare, you may need session‑level logging and tamper‑proof audit trails. ConnectWise Control and TeamViewer both provide those features.
- For government contracts, Approved List status (e.g., a product on the UK Government’s G‑Cloud) may be mandatory.
4. Quick decision guide
| Situation | Recommended tool(s) | Reasoning |
|---|---|---|
| High‑performance graphics (CAD, video editing) over modest broadband | AnyDesk, NoMachine | Low‑latency codecs, efficient compression |
| Large MSP with many technicians, needs ticket‑integration | ConnectWise Control, TeamViewer | Strong APIs, role‑based permissions, audit logs |
| Small business, wants cheapest compliant solution | Splashtop Business Access | Low per‑device cost, GDPR‑ready, decent encryption |
| Strict UK government or NHS compliance | TeamViewer (Enterprise), GoToAssist (with MFA & audit) | Both have ISO 27001, SOC 2, and UK data‑centre options |
| Clients on varied OS (including Linux/Raspberry Pi) | AnyDesk, NoMachine | Broadest OS coverage, especially for embedded devices |
| Need built‑in VPN for secure tunnel without extra product | GoToAssist, TeamViewer (VPN module) | Provides encrypted tunnel alongside remote control |
5. Practical steps to evaluate and deploy
- Create a short‑list based on the table above and your specific requirements (security, budget, OS mix).
- Test the free trial of each candidate on a representative remote site. Verify:
- Connection latency and video quality on a 2 Mbps link.
- Ability to transfer files of >100 MB without corruption.
- Whether 2FA can be enforced for all users.
- Check the vendor’s security documentation (e.g., security white‑paper, penetration‑test reports). Confirm:
- Encryption standards (TLS 1.2/1.3, AES‑256).
- Where session data is stored (EU vs US).
- Patch release frequency for the last 12 months.
- Map the tool to your PSA/ticketing system – test the API or native plug‑in.
- Roll out with a pilot group (2‑3 technicians). Record metrics: average time‑to‑connect, client‑side support calls, any security alerts.
- Document the policy:
- Mandatory 2FA for all remote sessions.
- Session‑recording retention period (e.g., 30 days for audit).
- Procedure for revoking access when a technician leaves.
- Train end‑users on the one‑click join code and on recognising phishing attempts that mimic remote‑support invitations.
6. Bottom line
Choosing a remote‑support tool is not just about “who has the cheapest licence”. The security history of the product, the strength of its encryption, the availability of audit trails, and how well it fits into your existing workflow all have a direct impact on:
- Protecting client data and staying compliant with GDPR and sector‑specific regulations.
- Maintaining service‑level agreements by reducing connection failures and support‑call times.
- Limiting exposure to breaches – tools that have suffered a breach but responded quickly (TeamViewer, AnyDesk) are still viable, provided you enforce MFA and keep the software up‑to‑date.
By following the evaluation checklist above, you can select a remote‑support solution that balances performance, cost, and security – keeping both your business and your clients safe.
All security incidents listed are based on publicly disclosed information up to January 2026. For the most recent advisories, always check the vendor’s security advisories page.
