Security and Trust Center
At Remotely, we are committed to protecting our customers' data. We believe to provide world-class security for our customers, we must adopt the same principles in-house. We believe trust is built on transparency and honesty. Our Information Security team continuously monitors the infrastructure, devices, applications, and data we use to provide service to our customers and applies hardening techniques to minimize vulnerability. We understand the necessity of data privacy, which is why we have architected our applications with security as a core tenant.
Cloud Security Features
The Remotely Web Application’s fundamental design is comprised of individual microservices. Each microservice plays a key role in collecting and providing data, which is why we designed them to be segregated from one another inside their own containers. By doing so, it reduces attack surface and potential attack impact. Data collected from our customer’s Azure environment using Microsoft Graph API is encrypted in transit using TLS and is stored at rest in Azure Cosmos DB with AES 256-bit encryption.
Furthermore, the Remotely Web Application sits behind a Web Application Firewall which uses the Open Web Application Security Project (OWASP) Core Rule Set to protect the web application from common vulnerabilities and exploits.
Client Agent Security Features
Our installed client agent is signed by a Code Signing Certificate to provide source validation, and code integrity. The installed agent communicates with the Remotely Web Application to send data securely over the internet using Transport Layer Security over TCP and HTTPs protocols. Data collected from the agent is stored in Azure PostgreSQL and encrypted using the FIPS 140-2 cryptographic module and the AES 256-bit cipher.
Remotely is currently in the process of completing the work necessary to become ISO 27001 and SOC2 compliant. This page will be updated when the Company achieves audits in these frameworks.
If there are any questions or concerns regarding security and compliance at Remotely, please email them to Security@remotelyrmm.com