Secure remote control

Every aspect of the WiseMo software is designed with your security in mind. To protect and guard your business-critical information, we’ve integrated multiple encryption methods, and added a three-part security model that defines who has access, what they can do and documenting who did what and when. WiseMo is very secure remote control over the internet as well as off-line in a LAN / WAN environment.

Strong end-to-end encryption
IP address filtering, white listing
Confirmed access
Centrally managed authentication or handled by the end-point with multiple authentication methods available. Possibility to define two-factor authentication of the end-point(s) as well as the myCloud User account.
Authorization / permission – role based – Centrally managed or handled by the end-point.
Logging and auditing, including optional video recording of the remote control session

End-point protection

Strong end-to-end Encryption

WiseMo applies the strongest end-to-end encryption methods to protect the data stream from being read or tampered with by intruders. We use industry-leading 256-bit AES encryption and a 2048 bit dynamic key exchange using the Diffie-Hellman method.

IP address filtering

By maintaining an IP address white list you can restrict which IP address can reach a certain device or computer.

Confirmed Access

For attended devices or computers, where there is a person present, access can be controlled by such person. A prompt is shown, for the person at the distant computer / device to deny or grant access. In an un-attended situation, an authorised person can remotely access the device, to accept the prompt, thus granting the second person access.

Confirmed remote access – an extra layer of protection

Authentication – Who can access ?

With a WiseMo solution, you have strong authentication features available to protect against un-authorized access to your computers and devices. Managed centrally, or defined on the end-point.

myCloud Device Access Control (mDAC)

Central management of authentication and authorization. Which users may access which computers and devices – and if authenticated for remote access, what are such user permitted to do on the remote computer / device. Easy to add users for remote access, easy to remove users from access. Easy to add or remove a target computer or device. Easy to define or change what a certain user is permitted to do on a specific device.

System authentication

A remote user trying to access a computer can be authenticated via integration to this computer’s system authentication. For Windows PCs and Windows Servers, authenticate via Windows computer or domain authentication (e.g. using Active Directory). For Mac computers, authenticate via integration to macOS System security. For mobile devices, consider using WiseMo user authentication or mDAC.

When using system authentication, access to the computer is granted to system users or to system groups. This means that access to a computer can be controlled centrally by administering system users and their membership of system groups.

WiseMo user authentication

If system authentication is not relevant, use one of the other authentication options available on the end-point (the Host), including the possibility to define your own choice of user name and password, often used for Mobile devices, e.g. Android or Windows Compact Embedded devices. Or protect access with just a password, if ease of use is more desirable than the strongest access protection – for example if it is only you that need to access a computer on your internal LAN.

Two-factor authentication

Furthermore, when access control is handled by the individual Host, you can also protect the end-point computer / device with an extra layer of security by enabling two-factor authentication, where a constantly changing verification code must be entered to gain access. The verification code is for example generated by the Google authenticator app, or Microsoft authenticator app, on a Smartphone (the second factor). Very secure for your most critical computers – ATMs, Servers and your home computer.

Two-factor authentication can also protect a myCloud User account, making the use of mDAC for central security management even more secure.

Authorization – What is permitted ?

What an authenticated remote user is permitted to do is either defined centrally (use authentication method myCloud Device Access Control) or it is defined via configuration of the WiseMo Host module, that runs on the target computer / device.

Perhaps only viewing of the remote screen is permitted ? Or permission is given to also control mouse / keyboard input / touch input ? Is it allowed to pick-up files or leave files ? There are many possible settings to limit what an authenticated remote user may do. From everything is allowed (like being there) to very restrictive, where only specific tasks are permitted.

If using System authentication, a user’s access permissions can also be changed centrally. This is done by moving the user’s membership of one group to another, where the group (e.g. from Windows Active Directory) has been added to a specific security role. It is the security role that dictates permissions, e.g. to only permit viewing.

Strong protection of the end-point

Logging and auditing – who, what and when

Knowing who did what and when is important to any business.

WiseMo Host modules provides for extensive logging of event activity. This includes changes made to configuration settings, specific actions, security related events, and session events, such as who connected when.

Logging can be made to a file locally and for Windows computers to the Windows event log (both locally and on another computer/server) and for Mac computers to the console log.

Perhaps also consider using the Windows Guest feature for creating a screen recording of the remote control session. This to further document things are done according to protocol.

An abundance of events can be logged

Free Trial