Skip to content


Information security is an essential consideration for all IT organizations around the world.
Pulseway utilizes industry standard encryption, attacks protection systems, security policies and multi-factor authentication mechanisms to ensure security compliance.

Full End-to-End Encryption

All connections to Pulseway services are done with a fully encrypted communication based on RSA private/ public key exchange and AES (256 Bit) session encoding. This is the industry standard encryption algorithm used worldwide.

Messages are also encrypted with AES (256 Bit) symmetric keys, which are sent via RSA public/private key exchange mechanism to guarantee that in the unlikely event of transport encryption failure, privacy is not compromised. Keys are automatically rotated on a controlled interval to prevent brute-force attacks also adding an extra layer of security against man-in-the-middle attacks.

Two-Step Authentication

Users can enable two-step authentication at any time on their accounts, which sends an OTP (One Time Password) via email to the account owner whenever you try to access sensitive account information such as Device Polices, remotely provisioning computer settings or connecting to a system via Pulseway Remote Desktop.

Device Access Control Lists

For enhanced security on the Pulseway mobile apps you can setup:

- PIN code mobile authentication (and Touch ID where supported) to prevent unauthorized access to the monitored systems.
- Centralized device access control lists with the ability to remotely disable mobile devices.
- Default device access control list that will be used for newly added systems which allows you to deny access for all systems until you explicitly approve the new device.
- Agent device access white list to only allow commands from explicitly allowed devices.

IP Address Filters

Pulseway Web Application respects IP Address filters configured on each account which can be used to restrict access to monitored systems to the Intranet or VPN networks for increased security.

Audit Log

All Pulseway commands are locally logged in the Application Windows Event Log and in the Pulseway Enterprise Server database for auditing reasons. The account owner is notified via email every time a new mobile device or a web browser instance is registered on the account.
The surprisingly easy way to monitor and control everything IT from any mobile platform. Get up and running in less than 5 minutes.