It may be a silly question asking an online security company how secure their RMM tool is, but as the old saying goes: you get what you pay for… How secure is the RMM tool? Specifically the RDP/screen-sharing? I would like to know that my keyboard/mouse input to the remote station cannot be eavesdropped, nor can the screenshots being sent back to my console.
Hello @marc1990 ,
I will escalate your questions to the proper department and we will get back to you as soon as we have an answer.
This is a very good question, lets analyse it…
You do not want Keyboard/mouse/screenshot to be eavesdropped.
So lets analyse the potential threats that could enable eavesdropping.
1)Data at rest at source: If there is a malicious code during your session, then everything could be eavesdropped.
2)Data in transit: Data is encrypted. Unless the eavesdropper can crack the encryption standards that we use
3)Data at rest at destination: Your computer, where the data will end up residing, is compromised, hence all the data can be eavesdropped.
So in order to achieve what you need
1)There must be no malware on the target computer
2)Eavesdropper must not have the capability to break AES/RSA etc (not likely)
3)There must be no malware on your computer.
As long as this is the case, you can rest easy.
Thank you for the quick follow up. So that I may rest easier, may I know what level encryption is used in transit? Thank you.
should be AES but i asked the guys to confirm.
This is the response I received from Support:
“We use TLS v1.0 protocol and AES 256 key encryption. Server side supports TLS v1.0, TLS v1.1 and TLS v1.2 and client side (agent and console) support SSL v2, SSL v3 and TLSv1.0 When they communicate they use the protocol which they both understand, which is TLS v1.0”
Thank you for the quick follow up!
Hello @marc1990 ,
We are glad that we were able to provide the answer to your question in a timely manner! Please do not hesitate to contact us in case that you have any other questions.