N‑able Take Control Take Control security features
N‑able™ Take Control is built from the ground up with security in mind. From robust encryption to cryptographic library modules to automatic clipboard deletions after sessions, Take Control is designed to provide the secure remote support you need to help keep your customers’ data safe. Read on to learn more about Take Control’s security features.
Multi-factor authentication
Take Control offers Multi-factor authentication (MFA) via technician access permission settings, which requires both a username/password combination in addition to a tokenized time-based one-time password (TOTP) to help keep accounts secure.
Secure sessions
For attended support, only authorized users can open remote support sessions, and each requires its own unique PIN. PINs automatically expire after each session, which prevents people from reopening sessions.
Unattended sessions can be performed by securely installing the Take Control agent on the customer’s device during a support session, or from the console’s homepage and generating a support link to access it.
Automated clipboard deletion
The system can be set to automatically delete clipboards used by technicians after each session. If they’ve stored sensitive data like passwords or configuration information, the system will automatically wipe this information so no one can exfiltrate it after the fact. Additionally, timeout controls can be set for idle sessions to help prevent hackers from stealing a session.
Advanced AES 256-bit encryption
Take Control sessions are sheltered by a communication protocol with global security by AES using 256-bit cipher when establishing, or for the duration of, the session.
- The key exchange is protected by SSL-based technology in AES-CBC with TLS 1.2
- All commands, including keyboard and mouse strokes, file transfers, and clipboard information, are digitally signed
- Take Control cannot access session content
Encryption keys are randomly generated for each session
Elliptic-curve Diffie-Hellman (ECDH)
By definition, ECDH is a key agreement protocol that allows two parties, each having an elliptic-curve public–private key pair, to establish a shared secret over an insecure channel. More specifically for Take Control, ECDH enables secure shared secrets between two endpoints, even before the session is established, to help keep sessions secure.
Resiliency and redundancy
Take Control’s infrastructure is based on a fault-tolerant, geographically distributed architecture, hosted mainly in AWS, as well as multiple other ISO 9001/ISO 27001 cloud partners. If network traffic can’t go through one server, our systems will route the traffic to another. Additionally, traffic remains encrypted end-to-end, making it difficult (if not impossible) to snoop on communications.
GDPR Compliance
Take Control was built with security in mind, including data privacy by design and the principle of least privilege, to help support GDPR readiness. Thanks to its features, Take Control helps companies comply with GDPR, ensuring that users’ PII is secure, and holds business to a higher standard when it comes to how this data is collected, stored, and used.
Other security features and settings
- Option to lock the machines after each session to reassure technicians and customers the devices won’t be accessible to the wrong people
- Ability to limit which IP addresses can access Take Control to ensure only authenticated users have access to client resources
- Prevention of auto-sleep, auto-lock, and inactivity disconnections
- Ability to remotely wake computers using Wake-on-LAN technology
Try Take Control
for free
Remote access support from N‑able™ Take Control can help you support your customers with speed, power, and affordability. Give your team the ability to assist more users and devices in less time.