01 - Isolate
Tenant boundaries
Every endpoint, session, and technician action is scoped to a customer tenant. Cross-tenant access is not part of the operational model.
Security Center
Published security, signing, and transparency documentation for certificate authority review, MSP security questionnaires, and IT administrators.
Security
TLS, encryption, RBAC, and session governance.
DocumentationSoftware Signing
Publisher verification and Authenticode integrity.
DocumentationResponsible Disclosure
Report vulnerabilities to our security team.
PolicyAgent Identification
Deployment traceability and licensing context.
DocumentationSoftware Authenticity
Validate Remvx packages before deployment.
DocumentationUninstall Guide
Authorized Windows agent removal.
Documentation02 - Attribute
Named technicians
Remote sessions record who connected, when, and under which policy - so MSPs can answer client audits without reconstructing events from logs.
03 - Export
Reviewable evidence
Audit trails and security documentation are available on request during guided evaluation - structured for questionnaires, not slide decks.
Control plane
Security capabilities
Six operational controls that form the Remvx security posture. Scope and rollout timing are confirmed during onboarding.
TLS encryption
All control-plane traffic uses TLS 1.3. Remote session payloads are encrypted with AES-256. Certificate pinning and rotation procedures are documented in the security pack for DigiCert and enterprise reviews.
Secure authentication
Role-based access scoped per tenant and technician. MFA for console access. SAML/OIDC federation is in controlled rollout for enterprise MSPs - confirmed during onboarding, not assumed GA.
Audit logging
Session start/end, technician, tenant, endpoint, and permitted tool usage are logged. Export formats support client security questionnaires and internal MSP reviews.
Device tracking
Every enrolled Windows endpoint maps to a tenant, agent build, and last-seen signal. Inventory reflects what is installed - unified under Remvx governance for MSP fleet reviews.
Security reporting
Structured pack covering data flows, subprocessors, retention, and operational controls - provided on request to partners, auditors, and certificate authorities.
Responsible disclosure
Good-faith vulnerability reports welcome at [email protected]. Include reproduction steps. We aim to acknowledge within five business days.
Session governance
How sessions are approved, attributed, and logged
The flow government and regulated clients review during evaluation - from scoped request through policy enforcement to exportable audit records.
Request
A technician initiates a session against an endpoint already scoped to their tenant and role.
Policy
Tenant RBAC and any configured approval workflow are evaluated before the session can proceed.
Session
An encrypted channel opens - AES-256-GCM session payload over TLS 1.3 transport.
Audit
Session events are tied to the technician identity and available for export when your policy requires it.
Trust & Transparency
Published documentation for auditors, IT administrators, and software validation reviewers - focused on authenticity, licensing, and authorized deployment.
Agent Identification
Deployment traceability for authenticity and licensing - not surveillance.
DocumentationSoftware Authenticity
Verify Remvx LLC publisher and Authenticode signatures before install.
DocumentationUninstall Guide
Authorized Windows removal for endpoints no longer requiring the agent.
DocumentationRequest the security pack
Available during guided evaluation - scoped to your tenant rollout, FedRAMP-adjacent requirements, and CA review timelines.