Security & Safety Commitment
At Gomyid, security is not just an additional feature. It forms the foundation of the entire platform.
Every part of our remote access technology is built with strict safety standards, strong encryption
and advanced access control. Our goal is simple. Only the correct users should be able to reach the
correct devices, and only when that access is legitimately approved. This page explains our approach
to preventing misuse, protecting user privacy and ensuring that the GoMyID system cannot be exploited
for unauthorized activity.
Only Authorized Users Can Connect
GoMyID follows a strict authorization model. Each action, connection attempt and session request must
come from a verified account inside the customer’s own environment. No external party can impersonate an
operator or initiate access without authenticated credentials. Every user operates under an identity that
is managed by the organization, and administrators have complete oversight over who can reach which device
or department.
GoMyID does not expose machines to the public internet. Devices are visible only within the organization’s
workspace. Remote access requests can be initiated only by users already approved for that environment.
Because of this structure, the visible attack surface is extremely small and cannot be discovered by outsiders.
Authorization rules can be configured to match internal policies. For example, sensitive devices or critical
servers can be assigned stricter access rules. Detailed logging, identity verification and structured
audit trails further enforce the principle that unauthorized access is not possible inside the GoMyID system.
Every Session Requires Explicit Permission
Remote access cannot begin without an approval step. GoMyID does not support silent, hidden or automatic
sessions. Before any remote session starts, the receiving device must give clear permission. This confirmation
ensures that the session is expected, valid and approved by the device owner or operator.
Administrators may add additional rules such as multi factor confirmation, departmental authorization flow
or timed access windows. Even authorized operators cannot start a session unless the receiving side gives
consent. This human approval requirement is central to our safety design. Remote access should always be
transparent, intentional and visible.
Encrypted Communication (AES 256)
All data including screen images, input, file transfers and commands is protected with AES 256 encryption.
This is a trusted encryption standard used across banking, government and high security environments.
Each session is protected inside a dedicated secure tunnel.
We do not rely on outdated ciphers or weak fallback protocols. Every session uses unique key material.
Forward secrecy mechanisms protect past sessions even if a key is compromised. Encryption is handled
securely in both cloud and self-hosted environments. For self-hosted customers, all encrypted data stays
fully inside their own infrastructure. No unencrypted content, session metadata or communication details
are accessible to GoMyID or any third party.
We Do Not Enable Remote Access by Default
When the GoMyID Agent is installed on a device, it does not automatically become accessible. No ports are
opened and no public broadcast is made. Remote access remains disabled until an administrator explicitly
configures and enables access rules.
This design prevents accidental exposure and removes the possibility of unintended remote access. New
devices join in a restricted mode until administrators configure permissions, rules and access policies.
No Anonymous Access and No Public Servers
GoMyID does not allow anonymous user accounts. Every operator has an identifiable user profile with unique
credentials. This prevents impersonation and ensures a clear chain of responsibility. All communication
stays inside the organization’s workspace or self-hosted setup.
GoMyID does not operate any public relay server that accepts unknown traffic. No device is publicly indexed
or discoverable. Attackers cannot scan for reachable ports or use open public endpoints because such
structures do not exist in our platform.
Privacy by Design
GoMyID follows a privacy by design approach. The platform does not store session content, keystrokes or
screen data unless the customer explicitly enables these features. Even when enabled, recordings remain
fully inside the customer’s infrastructure. GoMyID does not keep copies or view customer information.
This model supports compliance with GDPR, ISO 27001, SOC 2 and other privacy requirements. GoMyID has no
operational access to customer data or remote sessions.
Transparent Logging and Full Audit Trails
GoMyID records detailed logs for all events including session start, session end, operator activity,
permission grants, permission denials, file transfers and administrative actions. These logs assist
organizations in identifying unusual behavior, conducting investigations and meeting compliance requirements.
Audit trails cannot be disabled by operators. Administrators control log retention and may export logs
to external SIEM platforms.
Misuse Prevention as a Core Principle
GoMyID is designed from the ground up to prevent abuse. The permission system, identity model,
approval workflow and logging architecture ensure that the platform cannot be used for unauthorized
monitoring or hidden access. Every action is visible, traceable and tied to an identified user.
This philosophy supports responsible usage and aligns with requirements in regulated sectors such as
finance, healthcare, telecommunications and government.
A Secure and Responsible Remote Access Platform
The purpose of the GoMyID Security and Safety model is clear. The platform exists to protect users,
not to be misused. Authorization, encryption, identity verification, session approval and logging all
work together to ensure a secure and transparent experience. Organizations that choose GoMyID benefit
from a controlled and privacy oriented remote access system suitable for modern security demands.
Whether deployed in cloud workspaces or self-hosted on-premise, GoMyID provides the safety, control
and trust needed for secure remote operations.