Policy: VNC Remote Access

This official policy document describes behaviours required of those Morehouse employees who have the ability to take over the operational desktop of another user. Typically, this refers to IT HelpDesk staff who use VNC to see what another user sees, drive the other user's mouse and keyboard, etc..

Questions about this or any other IT matter should be directed to the IT HelpDesk.

Only With Permission

Techs within or without the IT department who have the technical capability to connect via VNC, Remote Desktop, or similar programs to other computers may do so only with the approval of the user who is logged into the computer at the time or the user to whom the computer is assigned. Approval must be given each time the tech wishes to connect and should be handled in real time, preferably by voice. Techs requesting such access must make sure the user understands the implications of this connection and should use language very much like the following: "May I connect to your computer so that I'll be able to see what you see, so that I can move your mouse, etc.?" No exceptions: ask every time, even if that annoys the user.

Notice During Connection and Upon Logout

Techs who connect remotely should encourage the user to whose computer they connected to stay on the phone with them while they do their work, or at least to stay at their desk and watch the show. It's better for the tech if the user watches: that way, the user knows what all went on. Upon logging out of the computer, the tech should speak with the user again and use language like "I've logged out of your computer; I no longer see what you see, and control is once again yours". The ritual is important: if this happens every time, a user who claims an exception while making a complaint has a difficult case.

Tell HelpDesk

Techs who use VNC to manage a computer should enter that into the HelpDesk ticketing system for the record. Those who are not members of the HelpDesk should contact HelpDesk (by email) after doing their work to let IT know which computer name they managed, which user they spoke with for that task, and what they did. This sort of report is required anyway; the key is to include "by VNC", if that's how it happened.

Refer to Management

Users who first have their computers managed by someone not clearly a member of the IT HelpDesk may become upset upon realizing that this functionality has been delegated. If that happens, please refer the user to IT management immediately and do not attempt to handle the situation alone. History has shown this to be a major hot-button issue: escalate immediately.