End-to-end encryption

Our servers that handle data transmission, video streams, and file transfer between clients cannot in any way decrypt or store the data stream. This is because the technology used by Iperius Remote is based on end-to-end encryption (DTLS-SRTP with AES encryption) even in cases where the connection between clients is not peer-to-peer (which happens in most cases, ensuring consistently high performance).

Remote access and remote contro with end to end encryption - Iperius Remote

2FA extended on all critical channels

With Iperius, you can eliminate all the typical vulnerability points of some remote access solutions. Thanks to the 2FA applied to all critical communication channels of the software, you can protect remote devices and access to your address book and administrative area. You can enable 2FA to prevent unauthorized access from any device where your license is installed.

Finally, you can protect each remote device individually with 2FA. For each connection to a remote device where 2FA protection is enabled, it will be necessary to specify the OTP code, for example by using Google Authenticator on your smartphone.

2FA for remote access and remote desktop with Iperius

Confirmation window to accept or deny remote access

On each remote client, it is possible to enable a confirmation request to accept remote access from another device. This means that with each attempt to connect using remote desktop, the client will open a confirmation window that the user must personally interact with to accept or reject the connection, and to decide what permissions to grant to the connecting party (move the mouse and keyboard, copy files, transfer files, copy and paste, share the clipboard, etc.). This feature prevents remote access to a machine if there is no user physically present to accept the connection.

Remote access confirmation prompt with Iperius Remote

Permissions for mouse, keyboard, clipboard, and file transfer

All remote clients can be configured individually to grant or deny granular actions that can be carried out by those who connect: move mouse and keyboard, copy files, transfer files, copy and paste, share clipboard, etc...

File transfer, input and clipboard permissions for remote access with Iperius

Allowed IDs and IPs filters

To minimize the risk of unauthorized access, each remote client can be configured to accept connections only from certain IP addresses or specific Iperius Remote IDs. For example, we can decide that our servers can only be accessed from the public IP of the company that provides us with maintenance services. Alternatively, we can ensure that only one computer can connect to another computer, allowing only one ID.

IDs and IPs filter for Iperius Remote Desktop

Additional protection password

Iperius Remote generates by default a new random alphanumeric password with each opening or reconnection of the client. However, you can specify a custom password, and therefore fixed, for access. There are also other passwords that can be set: an additional password for each remote client that is requested when connecting from the address book (which normally does not require a password). A password to protect the entire address book and one to protect the program configuration.

Multiple password protection with Iperius Remote Desktop

Granular permissions for operators and address books

In complex environments, with dozens of agents performing remote technical support work, or in companies that have many employees working remotely, it is essential to configure access permissions precisely. In the administrative area of Iperius Remote, you can create users with administrative or limited permissions, grant viewing permissions for individual devices or groups of devices in the address book only to certain operators, effectively creating unlimited customized address books for each profile.

Granular permissions for agents for remote support

Check who is using your license in real time

From the administrative area, you can view in real-time who is using your license and what connection they are making. You can check both the source and destination device, the operator's name, and the temporal details of the connection. Finally, you can disconnect a remote access session if you need to free up a connection for your license or if you believe it is unauthorized and therefore take a deeper look at access protections. All information relating to connections is still stored in statistics, always accessible and exportable.

Administrative area to see who is using your remote support license

Code Signing GlobalSign SHA256

The code signing is the process of applying a digital signature to a binary software or a file. This digital signature validates the identity of the author or publisher of the software and verifies that the file has not been altered or tampered with since it was signed. All our software executables have a digital signature, to allow end users to verify that the code received has not been altered or compromised by third parties. This protects you from malware, fraud, and theft.

Code Signing GlobalSign SHA256 anti tampering

Data center and server security

Our partner data centers guarantee us a high level of infrastructure quality that underlies the reliability and performance of Iperius Remote. Our global network relies on Tier IV data centers and ISO 27001 certified. Our servers are constantly updated, monitored, and protected with firewall policies designed to minimize attack surface. Finally, all our servers are proactively protected against DDOS attacks.

Iperius Remote data center and server security measures ISO 27001

GDPR legislation: only strictly necessary data

We store on our servers only the data and logs strictly necessary for the functioning of our services and solely for the purpose of maintaining a high standard of usability for customers. Based on end-to-end encryption functioning, we do not store on our servers any audio, video, chat, file, or other data that is transmitted during remote desktop sessions between clients.

All data is stored and transmitted between clients and servers using the latest encryption protocols. We regularly perform security checks to identify potential vulnerabilities and address them promptly. Access to data and servers in our infrastructure is only possible for a limited number of authorized people, who must perform their work duties in a lawful, responsible, and transparent manner.

Remote Desktop software GDPR