The Remote Access Surface
We assess the access mechanisms themselves: the VPN or zero-trust access platform your staff connect through, its configuration, authentication strength, and the enforcement of multi-factor authentication on every path in. We examine split-tunnelling and what it exposes, the security posture required of a device before it is granted access, and whether a compromised home device can reach corporate resources unimpeded. Remote desktop and similar services receive particular scrutiny, as RDP and VNC systems are generally complex and prone to configuration issues and other security flaws.