Uncovering Unauthorised Remote Access: A Digital Forensics Case Study

A case study on work that Notion Digital Forensics have completed.

A case study on work that Notion Digital Forensics have completed.

Notion Digital Forensics was approached by a customer who had concerns that their IT managed service provider (MSP) was accessing commercially sensitive information without explicit consent. The customer was not sure if the MSP was taking commercially sensitive information without their consent.

Background of the incident

The concerns arose because of an incident where a helpdesk staff member took control of the keyboard, mouse and display of a customer’s computer without telling them.

However, the MSP claimed that they were only responding to a request to fix a computer problem and cited a help desk ticket to show that.


The objective of the project was:

  • To determine whether the MSP had taken information without authorisation,
  • whether the MSP had implied consent to remotely control a mouse and keyboard without explicit consent from the company or the user.


Notion Digital Forensics carried out a remote forensic acquisition of the staff member’s computer that was accessed and interviewed the affected party. This was done to the 800-86 standard.


The analysis confirmed that the MSP connected to a desktop computer without explicit consent.

However, there was no evidence to suggest that they did anything other than action the help desk ticket. They did not access any commercially sensitive information, and they resolved the issue they were asked to fix.


Notion Digital Forensics’ investigation clarified the situation for both parties. While the MSP had indeed accessed the computer without explicit consent, they did not take any unauthorised actions during their access. This finding was instrumental in resolving the dispute between the customer and the MSP.

It also led to them improving their procedures to ensure that parties were informed when a help desk staff member took control of the keyboard and mouse of a personal computer.

About Notion Digital Forensics

Notion Digital Forensics are technical experts in cybersecurity, e-discovery, and digital forensic investigation and cyber-defence for business and lawyers.

Other Case Studies

Get expert advice for your case. Contact us now

or phone us on 02 8006-0855

Important Notice

Preserving Confidentiality

The case study presented above is based on real events. To protect the identities of the parties involved, we have altered certain facts and details. These changes may be minor or significant and may include the inclusion of false information. Our aim is to maintain confidentiality for those involved.

Seek Customized Advice

Cybersecurity and digital forensics are specialised fields with various options and trade-offs. The information provided on this website may not be applicable to your specific situation. It is highly recommended that you seek tailored advice from an expert before taking any action. We are cyber security specialists, but we may not be your cyber security specialists. Seek professional advice.