WHAT IS A REMOTE ACCESS SECURITY ASSESSMENT
A Remote Access Assessment evaluates the security of the systems which your organisation uses to provide your staff members with the remote access they need to conduct their day to day activities when outside of the office.
WHY CONDUCT A REMOTE ACCESS ASSESSMENT?
A remote access solution could take on a number of forms such as a Virtual Private Network (VPN), Citrix Virtual Desktop, Remote Desktop Web Client as well as a number of other solutions and protocols which provide your staff members with remote access to your organisations network and services.
As Remote Access solutions are intended to be remotely accessible, they are also accessible by automated tools and malicious attackers seeking to acquire access to systems, services and sensitive data.
A remote access penetration test aims to ensure the security of these solutions from a number of differing attack vectors and the assessment is often conducted from an unauthenticated and authenticated perspective to review your security from these alternative perspectives.
The unauthenticated assessment can help to ensure that attackers do not gain access to the service. A combination of methods can often be used to generate a likely list of usernames for these remote services. With this list in mind an attacker can target the weakest configured passwords for your users in an attempt to gain access to your services and infrastructure.
In many cases this initial access can be used to then connect further into your organisations network and begin targeting internal resources and services for additional vulnerabilities and attacks.
The authenticated assessment can aid your organisation to minimise any risk or damage which could be achieved if an account is ever compromised. Using targeted methods in an attempt to identify security issues which will allow an attacker to break out of restrictive environments, gain access to additional functionality, gather sensitive data and achieve privilege escalation.
As part of our approach, our Penetration Testers use a combination of the most effective automated tools and manual exploitation techniques to identify vulnerabilities within your remote access solutions. Our extensive reports provide a thorough assessment of each vulnerability and provide business context alongside each finding.
This is supplemented by technical and non-technical descriptions including evidence of exploitation to assist in prompt remediation activities and provide a thorough understanding of each issue.
A Remote Access Penetration Test and report will allow your business to:
Receive assurance around the security posture of your remote access solutions.
Make ongoing improvements to the secure implementation of your remote access solution via specialist support, advice and consultancy.
Adhere to regulatory bodies who require Remote Access Penetration Testing to be performed.
Gain access to a dedicated team of specialist CREST Registered penetration testers who use the latest tools and techniques to accurately assess and identify emerging threats