Nexlink IT
Professional IT Services

☎️ (307) 289-5340

Remote Access Agreement

Effective: October 2025

1. Purpose and Scope

This Remote Access Agreement ("Agreement") governs the remote access to your systems by Nexlink IT ("Service Provider") for the purpose of providing contracted IT services. This agreement ensures secure, authorized, and monitored remote access while protecting your data and systems.

2. Grant of Remote Access

2.1 Authorization: You hereby grant Nexlink IT permission to remotely access your systems, networks, and data for the sole purpose of providing contracted IT services. This access includes but is not limited to:

  • Server administration and maintenance
  • Software installation and configuration
  • Security monitoring and updates
  • Backup and recovery operations
  • Troubleshooting and technical support
  • System optimization and performance tuning

2.2 Access Methods: Remote access may be established through:

  • Secure Shell (SSH) connections
  • Remote Desktop connections
  • Virtual Private Network (VPN) connections or Tailscale(R) connections
  • Web-based administrative interfaces
  • Cloud management platforms or device management tools
  • Other secure remote access methods as agreed upon

3. Security Requirements

3.1 Encryption: All remote access connections must use industry-standard encryption protocols, including:

  • SSH with strong key authentication (minimum 2048-bit RSA or 256-bit ECDSA)
  • VPN connections with AES-256 encryption
  • HTTPS/TLS 1.2 or higher for web-based access
  • Two-factor authentication where technically feasible

3.2 Access Controls: Service Provider agrees to:

  • Use unique, strong credentials for each access session
  • Implement principle of least privilege access
  • Maintain separate access accounts for different service types
  • Regularly rotate access credentials
  • Immediately revoke access upon service completion or termination

4. Monitoring and Logging

4.1 Activity Logging: All remote access activities will be logged whenever possible, including:

  • Connection timestamps and duration
  • User identification and authentication
  • Commands executed and actions performed
  • Files accessed or modified
  • System changes made
  • Disconnection events

4.2 Log Retention: Any access logs will be retained for a minimum of 90 days and may be retained longer for security and compliance purposes.

4.3 Log Access: You have the right to request access to logs related to your systems at any time.

5. Data Protection and Confidentiality

5.1 Confidentiality: Service Provider agrees to maintain strict confidentiality regarding:

  • All data accessed during remote sessions
  • System configurations and architecture
  • Business processes and workflows
  • Security vulnerabilities and weaknesses
  • Any other sensitive information encountered

5.2 Data Handling: Service Provider will:

  • Not copy, download, or transfer data without explicit authorization
  • Use data only for the purpose of providing contracted services
  • Implement appropriate data protection measures
  • Notify you immediately of any data breaches or security incidents

6. Service Provider Responsibilities

Service Provider agrees to:

  • Access systems only during agreed service windows, in order to perform optimization, updates, patching or maintenance, or in the event of a security incident.
  • Perform only authorized actions related to contracted services
  • Maintain detailed records of all remote access activities
  • Provide advance notice of planned maintenance or changes
  • Ensure all remote access tools are properly secured and updated
  • Comply with all applicable security policies and procedures

7. Client Responsibilities

You agree to:

  • Provide necessary access credentials, permissions, and system information to Service Provider.
  • Ensure systems are accessible during agreed service windows
  • Maintain current backup copies of critical data
  • Notify Service Provider of any security concerns or access issues
  • Review and approve access requests for sensitive systems
  • Maintain appropriate network security measures
  • Revoke access credentials upon service termination

8.2 Notification: Security incidents will be reported to you within 24 hours of discovery.

9. Access Termination

9.1 Service Completion: Remote access will be terminated upon completion of contracted services, with all credentials revoked and access logs provided.

9.2 Immediate Termination: You may terminate remote access immediately if:

  • Security concerns arise
  • Unauthorized activities are detected
  • Contract terms are violated
  • Business requirements change

10. Compliance and Auditing

10.1 Auditing: You have the right to audit Service Provider's remote access practices.

11. Limitation of Liability

Service Provider's liability for remote access activities is limited to the scope of contracted services. Service Provider is not liable for:

  • Pre-existing system vulnerabilities
  • Third-party security breaches
  • System downtime due to maintenance
  • Data loss not directly caused by Service Provider's actions

12. Indemnification

You agree to indemnify Service Provider against claims arising from:

  • Your failure to maintain adequate system security
  • Unauthorized access due to compromised credentials
  • System vulnerabilities not disclosed to Service Provider
  • Violations of applicable laws or regulations

13. Agreement Duration

This agreement remains in effect for the duration of contracted services and may be terminated by either party with 30 days written notice. Immediate termination is permitted for security reasons.

14. Governing Law

This agreement is governed by the laws of Wyoming, United States.

15. Contact Information

For questions about this Remote Access Agreement, contact:

  • Email: contact@nexlink.website
  • Phone: (307) 289-5340
  • Website: nexlinkit.com
  • Mailing Address: Available upon request (just contact us by phone or email)

We strive to respond to any requests or inquiries within 1 business day.