Devicely RMM
DevicelyManage devices securely

Security & Compliance

Devicely RMM is built with security and compliance at its core. Learn about our security measures, data protection practices, and compliance features.

Security Features

🔐 Two-Factor Authentication (2FA)

All user accounts are protected with mandatory two-factor authentication. After entering your password, you'll receive a one-time verification code via email to complete the login process. This adds an extra layer of security to prevent unauthorized access to your account and sensitive data.

  • Mandatory 2FA for all user accounts
  • Email-based OTP verification codes
  • Time-limited codes with automatic expiration
  • Protection against unauthorized access

🔒 Data Encryption

All data transmitted and stored by Devicely RMM is protected with industry-standard encryption protocols to ensure confidentiality and integrity.

  • In Transit: TLS 1.3 encryption for all data transmission
  • At Rest: Encryption for sensitive data stored in databases
  • Remote Access: End-to-end encryption using WebRTC with DTLS-SRTP
  • Password Storage: bcrypt hashing with salt for all passwords

🏢 Multi-Tenant Data Isolation

Complete data isolation between tenants ensures that your organization's data remains private and secure, with no cross-tenant access possible.

  • Row-Level Security (RLS) enforced at database level
  • Complete tenant isolation with no cross-tenant data access
  • Role-based access control (RBAC) with Owner, Admin, and Technician roles
  • User permissions enforced at application and database levels

📋 Comprehensive Audit Logging

Complete audit trails for all system activities, providing transparency and supporting compliance requirements.

  • All user actions logged with timestamps and user identification
  • Remote access sessions tracked with complete activity logs
  • Device management actions recorded for compliance reporting
  • Software deployment and system changes tracked

🖥️ Secure Remote Access

Remote access features are built with multiple layers of security to ensure safe and authorized connections.

  • End-to-end encrypted WebRTC peer-to-peer connections
  • Password-protected remote access with user consent required
  • Complete audit trail of all remote access sessions
  • No VPN required - secure direct connections

Compliance & Data Protection

Data Protection Principles

Devicely RMM follows industry best practices for data protection and security:

  • Confidentiality: All data is encrypted in transit and at rest, with strict access controls
  • Integrity: Data integrity is maintained through encryption, checksums, and audit logging
  • Availability: High availability infrastructure ensures your data is accessible when needed
  • Accountability: Comprehensive audit logs track all system activities and user actions

Regular Security Practices

  • Regular security audits and vulnerability assessments
  • Automated security monitoring and threat detection
  • Timely security updates and patches
  • Secure infrastructure hosted on enterprise-grade cloud platforms

Questions About Security?

Our security team is available to answer any questions about our security practices, compliance features, or data protection measures.

Contact Security Team