Remote Working Security Assessment
There are a variety of technical solutions on the market allowing remote workers to access corporate resources from any location. These include site-to-site and client-based virtual private networks (VPNs), remote email access portals, and document shares to name just a few. They allow business as usual activities to continue when employees cannot work from the office. However, with so many different solutions and possible configurations, there is the risk of a software or configuration issue introducing a vulnerability that could be exploited by a remote attacker.
Pentest People have built a Remote Working Security Assessment service that is tailored around the unique needs of each client so you can be assured that you are not opening up your corporate network to further risks.
Download & view our digital Remote Working Security Assessment Data Sheet >>
What are the Risks?
If an attacker identifies an exploitable vulnerability in your remote working solution, they may be able to access corporate data such as documents and emails.
If your solution provides remote access to the office local network, then the attacker could gain a foothold from which to attack internal servers, workstations, and infrastructure devices.
How Can We Help?
Pentest People will use industry-leading techniques to assess the security of your remote working solution following a defence in depth approach, identifying the available public facing attack surface, authentication control weaknesses, segmentation issues, and any configuration vulnerabilities that could allow a user to escalate privileges.
The Remote Working Security Assessment allows access to SecurePortal
Receive detailed security metrics and trends about all your hosts and risks through the SecurePortal.
Receive useful trend information such as the top vulnerable hosts, and the most common vulnerabilities within your infrastructure.
SecurePortal allows you to access all your vulnerability data in a secure single platform.
Receive overview and trend data of all of the current security issues you face in your organisation. All viewable on an interactive dashboard.
Until now, the traditional deliverable from a Penetration Test engagement has been a lengthy 100+ page PDF report.
Pentest People have developed a solution to this issue where you interact with your vulnerabilities within the SecurePortal.
Gain useful insight into the security of your remote working solution, ensuring that your corporate data is not exposed by a configuration vulnerability.
- Identify software or configuration issues affecting your remote working solution that could be exploited by an attacker
- Reduce the risk of sensitive data exposure by hardening the security of a very common remote attack vector
- Meet the requirements of many compliance standards by performing a security assessment of your remote access solution
- Prove to your supply chain that you have taken the necessary steps to investigate and remediate security issues
- Prioritise remediation efforts using the severity based assessment results, ensuring that time is spent as efficiently as possible to reduce risk quickly
Pentest People's consultants will discuss your current remote working solution in detail, and perform active testing to identify any vulnerabilities that could be exploited by an attacker. Results are uploaded to your SecurePortal account, allowing you to priorities and plan remediation efforts to harden your solution.
Pentest People can assess the security of any remote working solution, be it a client-based VPN connection with two-factor authentication, or a series of Web-based login portals for accessing emails and documents.
Yes, Pentest People can perform testing of third-party solutions, providing that permission to perform testing has been confirmed. Testing third-party solutions are especially important, as you may not have full visibility of how the service has been configured and secured.
The results of the assessment are uploaded to your SecurePortal account, with individual issues ranked in order of severity. The results will also contain a management summary with totals, key points, and detailed consultants comments, ensuring that vulnerabilities are presented realistically and in the context of your environment.