CyberCX has released its annual Digital Forensics and Incident Response Year in Review Report for 2023 

How do you control split tunnelling when vendors advise that best practice is that some Apps work best outside of VPN tunnels?

Mark Hofman Answered by Mark Hofman, Chief Technology Officer, CyberCX

Unfortunately, this will be a risk-based decision. Sorry, not helping much there.

A few applications may work better or faster if they go direct but you will lose a level of control. You can mitigate some of this risk by utilising CASB or a corporate cloud-based proxy. With these products, you will largely retain control of your data regardless of whether you have split tunnelling or not. The other challenge with forcing all traffic to go to the corporate network first is the increased load. Most solutions are built for 25% of the working population to utilise the remote access product, not 100%. Ultimately it comes back down to risk. I would review the applications that ‘work better’ according to the vendor and then decide based on risk whether they must go via the corporate environment or can go direct.

View our 5 easy steps to improve your cyber resilience.

Cyber Resilience Strategies

Ready to get started?

Find out how CyberCX can help your organisation manage risk, respond to incidents and build cyber resilience.