RealVNC Connect is built from the ground up with security in mind, affording you the flexibility and access you need while providing the controls and privacy required by regulations.
Start your free trial now
` ); } }); }); })(jQuery);});
Our fundamental security principles
You don't have to trust RealVNC as a company to trust our software and services
We do not record your sessions, and data cannot be decrypted now or in the future
Every connection is treated as though it is made in a hostile environment
The owner of the remote computer ultimately decides who is able to connect
STANDARDS AND COMPLIANCE
DATA PRIVACY
SECURE INFRASTRUCTURE
24X7 SECURITY OPERATIONS CENTER (SOC)
Standards and Compliance
RealVNC’s remote access solution is designed to meet and assist with a broad range of industry and government standards and regulations.
We are certified to ISO/IEC 27001:2013 and Cyber Essentials and comply with GDPR, and CCPA, ensuring adherence to stringent data protection and privacy guidelines. Additionally, RealVNC supports your compliance with HIPAA and PCI-DSS.
Data Privacy
RealVNC does not process, store, or have any access to any data accessed during a remote session.
Secure Infrastructure
The RealVNC Connect services run on RealVNC owned and managed servers and network equipment.
We do not use public Cloud services (such as AWS or Azure) for the RealVNC authentication and cloud connection brokering services. No third-party provider has access to the RealVNC infrastructure.
24x7 Security Operations Center (SOC)
We have a 24×7 Security Operations Center that monitors for cyber security events across our infrastructure and investigates and, where needed, mitigates them.
Global threat intelligence provides detailed information on attacker tools, techniques, and trends to facilitate effective triage.
Full End-to-End Encryption
RealVNC Connect uses full end-to-end encryption with Perfect Forward Secrecy built into our protocol. This means the session cannot be decrypted by a man-in-the-middle during the session, and that session data cannot be saved or decrypted in the future.
These remote sessions are encrypted with AES-GCM 128 or 256-bit, and all web API calls use at least TLS 1.2, ensuring no one can read the data in transit, including RealVNC.
Works with any network
RealVNC Connect’s cloud connectivity enables easy access to machines through NAT and firewalls. It does this using an outbound connection to RealVNC cloud services from both RealVNC Viewer and RealVNC Server. By avoiding the use of inbound TCP or UDP packets, RealVNC Connect doesn’t require any ports to be opened on your firewall.
On-premise (offline) deployment mode
If you have specific security or regulatory requirements, RealVNC Connect can be deployed entirely behind your firewalls and used only within your network without requiring devices to have an internet connection.
Secure Cloud Brokering
RealVNC Connect has been designed to work in a hostile environment – in fact, you don't have to trust RealVNC as a company to trust our software and services. Even when using our cloud-based brokering service, RealVNC Connect is fully end-to-end encrypted and you are guaranteed to be connected to the intended device via both automated and manual identity checking of our RSA key-based fingerprint verification.
Ring-fenced devices
Only permitted members of your team can discover and then attempt to access your RealVNC Connect devices, unlike competitor products where remote devices are discoverable by anyone.
AUTHENTICATION
Default two-factor authentication for account access
RealVNC accounts are secured using email-based 2FA by default. This ensures that your account is secure even if someone gets their hands on your account credentials (email address and password). You can also set up time-based one-time password (TOTP) authentication and enforce this for your entire RealVNC Connect Team.
SSO
Single Sign-On
By implementing Single Sign-On, you can use your existing identity provider for authentication, reducing user complexity while enhancing security.
AUTHENTICATION
Multi-factor authentication
Learn how to protect both your RealVNC® account, and remote computers with RealVNC® Connect installed, using as many authentication factors as you need.
SESSION AUTHENTICATION
Remote session authentication by default
All remote sessions must be authenticated using local system – or domain – credentials by default. This authentication is independent of RealVNC account authentication.
Centralized management
Use your existing management tooling, such as Group Policy, to manage all aspects of your RealVNC Connect software configuration. Group Policy ADM/ADMX templates are available for download.
Brute force protection
No matter which method is used to connect to your devices, RealVNC Connect clients have built-in brute force protection, so even the final device-level authentication layer has protection by exponentially increasing the delay between incorrect authentication attempts.
Granular Permissions
Users or groups can be granted specific remote access permissions. As an example, you can disable functionality such as file transfer or copy & paste for a specific user or user group.
Gatekeeping Access
If a user is already logged in when a remote session starts, RealVNC Connect can be configured to prompt the end user to approve or reject the connection. It is useful when the end user has something confidential open on their desktop.
Privacy Mode
Keep your sessions and sensitive data private by blanking the screen and connected monitors on your remote device. You can also lock-down input devices like the keyboard and mouse so you can work without interference.
Deployment Options
To support the varied needs of businesses, RealVNC Connect offers a choice of deployment options, including MSI packages for Windows deployment, group policy management, and deployment via script.
Secure by Design
The RealVNC engineering team follows a Security Development Lifecycle to ensure security is included in all stages of product design and development.
We use software composition analysis to alert our engineering team of vulnerabilities found in third-party libraries used within the RealVNC Connect codebase, which are then remediated as necessary.
White-box security audited
RealVNC periodically employs a specialist security consultancy to audit all aspects of the RealVNC Connect software. For further information, see our cure53 report.
Independent penetration tests
As well as extensive internal security measures, we employ third-party security experts to perform penetration tests on our public-facing services. For the most recent penetration test report, see our our latest pentest report
Code signing
We use code signing to ensure binaries haven’t been modified in transit or at rest by malicious third parties. On Windows, RealVNC Connect installers and installed binaries are signed using Authenticode, while on MacOS, we use Gatekeeper. For added peace of mind, you’ll also find checksums on our website to verify that the component you download is valid.
Session Logging & Audit
Track and monitor remote access activity using session logs to meet compliance and security policies. All events are saved to the local system log. If using cloud connections, events are logged in our Audit tool, which you can access in the RealVNC Connect Portal or via API for ingestion into external log systems.
Try RealVNC® Connect for yourself
Sign up for your free 14-day trial and see what RealVNC Connect can do! No bank details required.
Start your free trial now
4.7 stars, 400+ reviews
Top 50 IT Management
Products 2020
4.8 stars, 11,700 reviews
Apple App Store 5M+ downloads
4.6 stars, 55,000 reviews
Google Play Store 5M+
downloads
4.5 stars, 100+ reviews
Best Software Reviews
Platform
