Every aspect of the WiseMo software is designed with your security in mind. To protect and guard your business-critical information, we’ve integrated multiple encryption methods, and added a three-part security model that defines who has access, what they can do and documenting who did what and when. WiseMo is very secure remote control over the internet as well as off-line in a LAN / WAN environment.
- Strong end-to-end encryption
- IP address filtering, white listing
- Confirmed access
- Multiple authentication methods, including two-factor authentication
- Authorization / permission – role based
- Logging and auditing
Strong end-to-end Encryption
WiseMo applies the strongest end-to-end encryption methods to protect the data stream from being read or tampered with by intruders. We use industry-leading 256-bit AES encryption and a 2048 bit dynamic key exchange using the Diffie-Hellman method.
IP address filtering
By maintaining an IP address white list you can restrict which IP address can reach a certain device or computer.
For attended devices or computers, where there is a person present, access can be controlled by such person. A prompt is shown, for the person at the distant computer / device to deny or grant access. In an un-attended situation, an authorised person can remotely access the device, to accept the prompt, thus granting the second person access.
Authentication – Who can access ?
With a WiseMo solution you have strong authentication features available to protect against un-authorized access to your computers and devices.
A remote user trying to access a computer is authenticated via integration to this computer’s system authentication. For Windows PCs and Windows Servers, authenticate via Windows computer or domain authentication (e.g. using Active Directory). For Mac computers, authenticate via integration to macOS System security.
When using system authentication, access to the computer is granted to system users or to system groups. This means that access to a computer can be controlled centrally by administering system users and their membership of system groups.
WiseMo user authentication
Or use one of the other options available, including the possibility to define your own choice of user name and password, often used for Mobile devices, e.g. Android or Windows Compact Embedded devices. Or protect access with just a password, if ease of use is more desirable than the strongest access protection – for example if it is only you that need to access a computer on an internal LAN.
Furthermore, you can protect the end-point computers and devices with an extra layer of security by enabling two-factor authentication, where a constantly changing verification code must be entered to gain access. The verification code is for example generated by the Google authenticator app, or Microsoft authenticator app, on a Smartphone (the second factor). Very secure for your most critical computers – ATMs, Servers and your home computer.
Authorization – What is permitted ?
It is the WiseMo Host module on the computer or device that is in charge of controlling what an authenticated remote user is permitted to do. Perhaps only view the screen ? Or permitted also to control mouse / keyboard input / touch input ? Is it allowed to pick-up files or leave files ? There are many possible settings to limit what such remote user may do, all defined via the Host module:
From everything is allowed (like being there) to very restrictive, where only specific tasks are permitted.
By adding system groups (e.g. from Active Directory) to the Host’s security roles, a user’s access permission can be changed centrally by moving the membership of one to another.
Logging and auditing – who, what and when
Knowing who did what and when is important to any business. WiseMo Host modules provides for extensive logging of event activity. This includes changes made to configuration settings, specific actions, security related events, and session events, such as who connected when.
Logging can be made to a file locally and for Windows computers to the Windows event log (both locally and on another computer/server) and for Mac computers to the console log.