|Answered by Mark Hofman, Chief Technology Officer, CyberCX|
Unfortunately, this will be a risk-based decision. Sorry, not helping much there.
A few applications may work better or faster if they go direct but you will lose a level of control. You can mitigate some of this risk by utilising CASB or a corporate cloud-based proxy. With these products, you will largely retain control of your data regardless of whether you have split tunnelling or not. The other challenge with forcing all traffic to go to the corporate network first is the increased load. Most solutions are built for 25% of the working population to utilise the remote access product, not 100%. Ultimately it comes back down to risk. I would review the applications that ‘work better’ according to the vendor and then decide based on risk whether they must go via the corporate environment or can go direct.
View our 5 easy steps to improve your cyber resilience.