Please note - EditShare Engineers use a multi-factor authentication when using Simple Help
Basic Security Overview
All sessions and remote machine interactions in SimpleHelp are securely encrypted.
The Simple-help server uses high end industry standard encryption algorithms to protect your data whether you are in a session transferring screen updates and files or just accessing a remote machine's files and CPU usage charts via the Access tab.
The primary algorithms used are 4096-bit RSA and 256-bit AES. These are widely regarded as more than sufficient to protect data.
The Simple-help server uses high end industry standard encryption algorithms to protect your data whether you are in a session transferring screen updates and files or just accessing a remote machine's files and CPU usage charts via the Access tab.
The primary algorithms used are 4096-bit RSA and 256-bit AES. These are widely regarded as more than sufficient to protect data.
In-Depth Security Explanation
SimpleHelp converges on one mechanism to secure data transferred between technicians and customers or technicians and remote access services. In doing this we focus on one secure implementation that is then used across multiple apps and multiple forms of encapsulation.
SimpleHelp implements a protocol closely based on DTLS using AES-256, RSA-4096, and a combined 256-bit SHA-512/SHA3 (Keccak) authentication hash. Since SimpleHelp always retains control over both ends of the connection (app + server) it does not negotiate these algorithms and thus all sessions and established communications between a remote access service and your server will always use AES-256 and RSA-4096.
Whether you are connected in a session using HTTP, TCP or UDP as an underlying transport or accessing a remote machine's stats or filesystem, all communications are encrypted using this protocol and these mechanisms.
Although SimpleHelp does support and can use SSL, SimpleHelp does not rely on SSL connections to provide security except in the case of browser sessions such as the mobile client (/mobile page on your server) and secure presentations being viewed in a browser. SSL can be configured to be used in a session but this is not necessary for the data transferred to be encrypted and in practice SimpleHelp will be performing a higher level of encryption than the underlying SSL connection. Instead SimpleHelp will always use its DTLS based protocol with its own encryption algorithms (RSA-4096 / AES-256) and will treat the base level connection purely as a transport, much in the same way that SSL will treat TCP/IP as a transport.
As such even when connected to the remote machine over SSL SimpleHelp will still encrypt all information transferred with its standard high security algorithms and will not simply rely on SSL to provide a secure layer. This approach allows SimpleHelp to establish connections via a variety of mechanisms including plain HTTP, TCP, SSL and UDP while retaining high security across both.
Established connections therefore may appear to use plain HTTP or TCP but this is a result of encapsulating the secure DTLS implementation on top of these.
SimpleHelp implements a protocol closely based on DTLS using AES-256, RSA-4096, and a combined 256-bit SHA-512/SHA3 (Keccak) authentication hash. Since SimpleHelp always retains control over both ends of the connection (app + server) it does not negotiate these algorithms and thus all sessions and established communications between a remote access service and your server will always use AES-256 and RSA-4096.
Whether you are connected in a session using HTTP, TCP or UDP as an underlying transport or accessing a remote machine's stats or filesystem, all communications are encrypted using this protocol and these mechanisms.
Although SimpleHelp does support and can use SSL, SimpleHelp does not rely on SSL connections to provide security except in the case of browser sessions such as the mobile client (/mobile page on your server) and secure presentations being viewed in a browser. SSL can be configured to be used in a session but this is not necessary for the data transferred to be encrypted and in practice SimpleHelp will be performing a higher level of encryption than the underlying SSL connection. Instead SimpleHelp will always use its DTLS based protocol with its own encryption algorithms (RSA-4096 / AES-256) and will treat the base level connection purely as a transport, much in the same way that SSL will treat TCP/IP as a transport.
As such even when connected to the remote machine over SSL SimpleHelp will still encrypt all information transferred with its standard high security algorithms and will not simply rely on SSL to provide a secure layer. This approach allows SimpleHelp to establish connections via a variety of mechanisms including plain HTTP, TCP, SSL and UDP while retaining high security across both.
Established connections therefore may appear to use plain HTTP or TCP but this is a result of encapsulating the secure DTLS implementation on top of these.
Comments
0 comments
Please sign in to leave a comment.