Security and compliance
With great power comes responsibility. Our software is built from the ground up with security in mind, so you can balance the access and control you need with the complete privacy regulations require.
Our fundamental security principles
You don't have to trust RealVNC as a company to trust our solutions and services
We do not store your session data, and it cannot be decrypted now or in the future
Every connection is treated as though made in a hostile environment
The remote computer ultimately decides who is able to connect
Security features of the VNC SDK
For equivalent information for VNC Connect, please see this page.
Mandatory encryption
Whether you connect devices via RealVNC’s VNC Cloud service or directly over a LAN, end-to-end AES encryption up to 256-bit is mandatory.
Perfect forward secrecy
Every connection uses the latest version of RealVNC’s proprietary RFB 5 protocol, so sessions cannot be decrypted now or in the future, by RealVNC or anyone else.
Identity checking
VNC Cloud automatically verifies each endpoint’s identity using 2048-bit RSA keys, to prevent MITM attacks. For direct connections, you can implement identity verification yourself.
NAT traversal
If you connect devices using VNC Cloud service, there’s no need to port forward routers or open holes in firewalls.
Secure HTTPS communication
All communications with VNC Cloud use HTTPS, with TLS certificates checked against well-known CAs.
Username/password authentication
The SDK automatically prompts connecting users for credentials out-of-the-box. You can implement multiple additional factors of authentication yourself.
Automatic blacklisting
By default, connecting users who fails to authenticate property are blacklisted, to deter brute-force, dictionary and DoS attacks. It’s easy to configure frequency and timeouts.
Session permissions
Make connected users view-only, or restrict their ability to exercise control or copy and paste text, either before or mid-session.
Audit logging
Send any quality or quantity of connection metadata to a destination provided by the VNC SDK, or to a custom location.
Your security feature here…
It’s easy to write code to filter out direct connections from particular IP addresses, prompt computer owners to verify connecting users, and more.
Resources for the VNC SDK
For equivalent resources for VNC Connect, please see this page.
Security whitepaper
An overview of the features, policies and controls that keep your computers and data protected wherever you are.
RFB 5 security analysis
An analysis of the security aspects of the latest version of the RFB protocol, from our in-house Security team.
PCI DSS compliance
Learn how to enjoy the benefits of remote access without sacrificing PCI DSS compliance.
HIPAA compliance
Learn how to enjoy the benefits of remote access without sacrificing HIPAA compliance.
