Security Built In,
Not Bolted On.
At ISL Online we address security very seriously. We apply industry-standard security technologies to protect your data and comply with the strictest security standards. Banks, government bodies and global brands choose ISL Online for our high level of security.
Read Security StatementStrongest Encryption
ISL Online ensures secure data transfer between operators and clients through advanced encryption protocols, incorporating RSA 2048/4096-bit key exchange and AES 256-bit encryption. STUN/TURN servers enable the establishment of direct connections, while the signaling remains on the ISL Online servers. ECDSA P-256 manages encryption key negotiation for direct connections.
Port Filtering
ISL Online seamlessly integrates with your firewall, requiring no extra configuration. It automatically initiates outgoing connections via ports 7615, 80, or 443. When direct connection is available via STUN/TURN, connections use arbitrary UDP ports.
Two-Factor Authentication
Two-factor authentication (2FA) is an extra layer of security for helpdesk technicians and IT professionals and makes unauthorised access much harder. With 2FA enabled, an operator must provide a second factor (a one-time passcode) in addition to their password to login successfully.
Code Signing
ISL Online applications are digitally signed by means of a Code Signing certificate, which reliably identifies ISL Online as the software publisher. This digital signature assures you and your users that the remote desktop software does indeed come from the trusted source, and that the code has not been subsequently modified.
Equipped for your Standards
Customisation & Permissions
ISL Online allows you to tweak the security settings to your needs in order to adhere to distinct security standards of your company. You can restrict and disable selected features available within a session, such as taking control of the remote computer, transferring files from the customer or to the customer, desktop sharing on the operator’s side and more.
GDPR Ready
At ISL Online, we respect the privacy of our website visitors and clients who use our products and services. We provide our users with high-quality, secure and reliable remote desktop software under the GDPR regulation, taking into consideration all of its privacy requirements.
Single Sign-On (SSO/SAML)
Users from your organization are able to log into their ISL Online account through your SSO identity provider (e.g., Microsoft Entra, Okta, etc.) via the secure SAML 2.0 protocol.
Please follow our Single Sign-On manual to properly configure SSO for your organization.
Manage Your Users Centrally
ISL Online integrates with external user directories such as Microsoft Active Directory, NetIQ eDirectory, LDAP, RADIUS or SAML 2.0 and allows simple and secure user management.
ISO 27001 Certification
ISL Online Headquarters (XLAB) holds the ISO/IEC 27001:2022 certificate which proves our commitment to information security. We use globally recognized ISO 27001 standard as a framework for implementing the information security management systems (ISMS), which helps us keeping information assets secure.
HIPAA Compliance
ISL Online enables remote access, remote support, and online collaboration tools at the highest security level, proven by the certification against the ISO 27001 security standard. The software is also suitable for companies and organizations that need to adhere to strict HIPAA (Health Insurance Portability and Accountability Act) requirements and audit their compliance. ISL Online also incorporates the ISO 27001 practices within the tools provided to its customers. As the ISO 27001 requirements exceed the requirements outlined by the HIPAA, ISL Online enables its clients to remain or become HIPAA compliant. A dedicated data protection team can help you with the documentation and tests required to demonstrate the compliance.
Security Measures at a Glance
We have pulled together a short list of security measures and features a remote desktop provider should use to guarantee a high level of security.
Customer Protection
ISL Online is designed in such a way that it can never run in the background without a client being aware of it. A customer can revoke control of a technician or terminate a support session at any time.
Automatic Session Recording
Having all of your sessions recorded and archived can be an important additional security measure or a step towards a better quality assurance. If this is something you're interested in then you can enable automatic session recording.
User Access Management
Setting up access permission becomes very important once there are numerous users using the software to connect to remote computers. With ISL Online, the account admin can assign its domain users different rights and limitations, including allowing or disabling access to specific computers. For each individual user you can also set a maximum number of concurrent sessions, disable rights to use audio, video, remote printing, file transfer, and desktop sharing.
Allow / Deny lists
Prevent any misuse of remote desktop software in your company by creating allow and deny lists, which restrict the use of ISL Online software within your organisation. You are able to limit the data access to ISL Online servers based on the IP and/or MAC addresses.
Prevent Brute Force Attacks
ISL Online servers prevent brute force intrusion (login) attempts by limiting the of failed login attempts for a user or for a specific address in the defined period of time. A login can also be limited only in a specific time frame.
Strong Passwords
The security of your data depends on the strength of your password. By default, users have to follow the latest NIST specifications. The passwords must be at least 8 characters long, any leading and trailing spaces will be removed. Only any printable ASCII characters and spaces are allowed in the passwords. The passwords are checked against the deny list, which consists of the most common and simple passwords.
Logs and Accountability
ISL Online allows IT administrators to identify unique users, show which systems were connected, and with session recording enabled, trace what actions were taken over the remote connection. Such records are available for each individual session, exposing the information about an operator, a client, IP addresses etc.
Reverse Proxy Support
ISL Online allows you to install the server behind a reverse proxy without exposing it directly to the internet. You can place your reverse proxy in an Internet-facing DMZ, but hide your ISL Conference Proxy server inside a non-public subnet.
Securely Unlock Remote Desktop with YubiKey
Two-factor authentication (2FA) can be configured by using different methods for the second step of verification:
- Phone (Twilio SMS)
- Authentication app (TOTP)
- Security Key (Yubico keys based on FIDO U2F standard)
Trusted by Industry Leaders
Many industries are conducting security audits and penetration testing to assess ISL Online's information security measures and procedures. Security reports reveal that ISL Online is a trustworthy remote desktop service provider with very high-security standards.
Learn More about ISL Online Security
We are here for you.
Need to Know More?
Contact usNo risk, no obligation.