ConnectWise Control Access: Security

Unrestricted access invites threats. With ConnectWise Control’s role-based security, administrators can determine user permissions and control who has access to what features, functions, and groups of machines—down to the most granular details.

ConnectWise Control audit logs provide full accountability of your services, while helping track down security breaches and data misuse for your customers. Review hosts and guests, timestamps, and session activity including executed scripts, commands, tools, and files transferred.

ConnectWise Control lets customers enforce transparency through video session recordings of every remote engagement. Video logs can be stored to a specified network drive, private, or public cloud location.

By enabling permission-based security in ConnectWise Control, end-users can allow or deny remote access to their system. It’s a control designed to make customers feel more comfortable and in control, but it’s also intended to let your technicians know that they have the green light.

ConnectWise Control lets technicians send end users requests for consent to remotely connect and control their systems. This action doesn’t interrupt the end user while they’re working, and lets them decide whether or not they wish to hand over control.

Communication is the key to a successful technician/end user relationship. ConnectWise Control adds an extra layer of transparency by allowing the end user to observe the tech’s actions during a session via VOIP and chat, and later review via video recordings.

ConnectWise Control removes the support client from the remote computer after the completion of every session. This feature effectively eliminates the possibility of leaving the client device vulnerable to cyberthreats and should curb any reservations users or their organizations may have.

With ConnectWise Control, you have a choice of licensing models, including self-hosting for TSPs or for customers that either: 1) need to meet state or federal regulatory compliance requirements, or 2) cannot, or choose not to host their applications in the cloud.

Protect data transmitted between the user's browser and the server through a proprietary protocol and our AES-256 encryption algorithm. In addition, all cloud instances of ConnectWise Control are automatically encrypted with SSL certificates.

ConnectWise Control features include the ability to store audit logs and optional session video recordings if ever needed for auditing or security vulnerability tracking purposes. The server's SQLite database stores all logged data, which authorized users can query for analysis and reporting.

ConnectWise Control permits can securely authenticate using their existing Windows® and Forms credentials. While Windows authentication uses local Windows usernames and passwords to authenticate users, Forms authentication relies on user IDs and passwords stored in a secured database.

ConnectWise Control requires multi-factor authentication—an electronic authentication method that gives users access to a website or application only after successfully presenting two or more pieces of evidence. This method adds yet another layer of defense to thwart cybercriminals.

While brute force attacks are premised on the old-school “trial-and-error” method of guessing access credentials, they are still relatively effective. ConnectWise Control locks out users after a predetermined number of failed login attempts, foiling potential hackers from access to your data.

ConnectWise Control triggers session timeouts if a user's actions remain idle on the host or admin page for a specified amount of time. The resulting timeout will automatically log out the user—keeping potential hackers from entering the open connection.

There's no need to manage users in multiple systems. ConnectWise Control lets you use external sources including: MS Active Directory, OpenLDAP or OpenDJ to securely and confidently authenticate users.

Administrators can invoke IP login restrictions to specify which IPs have access to sign in to ConnectWise Control. Addresses can be associated with named users or associated with an organization’s range of IP addresses. It’s an optional, added layer of protection for granular control.