ConnectWise Control Access: Security
Your customers are relying on you to keep their environments secure, so we've equipped you with a layered approach to security, designed for teams of all sizes. ConnectWise Control Access provides you with the tools that provide world-class threat protection including role-based permissions, 256-bit AES encryption, and multiple authentication methods, along with premium reporting capabilities.
Control who has access at every level
Security in ConnectWise Control puts you in full control over which technicians have remote access, and to which networks. This also ensures that you are meeting your customers’ security and compliance requirements as they relate to restricted access.
Unrestricted access invites threats. With ConnectWise Control’s role-based security, administrators can determine user permissions and control who has access to what features, functions, and groups of machines—down to the most granular details.
Session activity logging
ConnectWise Control audit logs provide full accountability of your services, while helping track down security breaches and data misuse for your customers. Review hosts and guests, timestamps, and session activity including executed scripts, commands, tools, and files transferred.
Video session logging
ConnectWise Control lets customers enforce transparency through video session recordings of every remote engagement. Video logs can be stored to a specified network drive, private, or public cloud location.
Make your clients comfortable
By enabling permission-based security in ConnectWise Control, end-users can allow or deny remote access to their system. It’s a control designed to make customers feel more comfortable and in control, but it’s also intended to let your technicians know that they have the green light.
ConnectWise Control lets technicians send end users requests for consent to remotely connect and control their systems. This action doesn’t interrupt the end user while they’re working, and lets them decide whether or not they wish to hand over control.
Communication is the key to a successful technician/end user relationship. ConnectWise Control adds an extra layer of transparency by allowing the end user to observe the tech’s actions during a session via VOIP and chat, and later review via video recordings.
ConnectWise Control removes the support client from the remote computer after the completion of every session. This feature effectively eliminates the possibility of leaving the client device vulnerable to cyberthreats and should curb any reservations users or their organizations may have.
Ensure in-house security
ConnectWise Control protects any and all information passing between host and guest systems while in session. This includes data, file transfers, keystrokes, and chats—using encryption similar to that used by many banking and government institutions.
With ConnectWise Control, you have a choice of licensing models, including self-hosting for TSPs or for customers that either: 1) need to meet state or federal regulatory compliance requirements, or 2) cannot, or choose not to host their applications in the cloud.
Protect data transmitted between the user's browser and the server through a proprietary protocol and our AES-256 encryption algorithm. In addition, all cloud instances of ConnectWise Control are automatically encrypted with SSL certificates.
ConnectWise Control features include the ability to store audit logs and optional session video recordings if ever needed for auditing or security vulnerability tracking purposes. The server's SQLite database stores all logged data, which authorized users can query for analysis and reporting.
User authentication and security
More than ever, hackers are attempting, and are becoming far more effective at breaking into unsuspecting user accounts. To combat these never-ending cyberattacks, ConnectWise Control employs a diverse set of commercial-grade features and methods to validate real users.
Windows and forms authentication
ConnectWise Control permits can securely authenticate using their existing Windows® and Forms credentials. While Windows authentication uses local Windows usernames and passwords to authenticate users, Forms authentication relies on user IDs and passwords stored in a secured database.
ConnectWise Control requires multi-factor authentication—an electronic authentication method that gives users access to a website or application only after successfully presenting two or more pieces of evidence. This method adds yet another layer of defense to thwart cybercriminals.
Brute force attack
While brute force attacks are premised on the old-school “trial-and-error” method of guessing access credentials, they are still relatively effective. ConnectWise Control locks out users after a predetermined number of failed login attempts, foiling potential hackers from access to your data.
ConnectWise Control triggers session timeouts if a user's actions remain idle on the host or admin page for a specified amount of time. The resulting timeout will automatically log out the user—keeping potential hackers from entering the open connection.
LDAP and Active Directory
There's no need to manage users in multiple systems. ConnectWise Control lets you use external sources including: MS Active Directory, OpenLDAP or OpenDJ to securely and confidently authenticate users.
IP login restrictions
Administrators can invoke IP login restrictions to specify which IPs have access to sign in to ConnectWise Control. Addresses can be associated with named users or associated with an organization’s range of IP addresses. It’s an optional, added layer of protection for granular control.
Trusted by 30,000+ companies, ConnectWise Control gives you powerful, affordable, easy-to-use secure remote access for remote desktop support, access, and online meetings.