Under NIS2's supply chain security clause, your MSP's remote access tool is inside your client's compliance scope. ProxyLink is built from the ground up for European compliance — EU-hosted, open protocol, full audit trail.
NIS2 Article 21 mandates specific technical controls. Here's what that means for MSPs and the tools they use to access client infrastructure.
Your MSP's remote access tool is a third-party supplier in your client's NIS2 supply chain. It must meet the same security standards as any other vendor with access to their systems.
MFA required. Every session must be authenticated. Generic shared credentials are non-compliant. ProxyLink gates every session behind your team's authenticated account.
Every access event must be recorded: who accessed what, when, from where. ProxyLink maintains an immutable audit log with CSV export for every proxy link, tunnel, and session.
All data in transit must be encrypted. ProxyLink uses WireGuard (ChaCha20-Poly1305) for tunnel traffic — a modern, audited, open-source protocol with no proprietary black box.
NIS2 favors EU-based processors. ProxyLink is hosted on Hetzner Germany (Falkenstein). Session relay and storage run entirely on our own EU server — no third-party remote-access relay network. WireGuard tunnel traffic connects directly to our German endpoint; web traffic is fronted by Cloudflare's edge for TLS and WAF protection.
After a security incident, you need to know exactly what happened during remote sessions. ProxyLink records SSH, RDP, and VNC sessions with timestamped playback.
When an MSP connects to a client's network, that MSP becomes a third-party supplier under NIS2. Your client's compliance officer will ask: "What remote access tool does your MSP use, where is it hosted, and does it log every session?" TeamViewer and AnyDesk — both breached in 2024 — cannot answer this cleanly. ProxyLink can.
| Requirement | ProxyLink | TeamViewer | AnyDesk | Splashtop |
|---|---|---|---|---|
| EU-hosted infrastructure | ||||
| Open protocol (WireGuard) | ||||
| Immutable audit log | Partial | |||
| Session recording | Higher tiers only | |||
| No breach history | ||||
| No agent required on network devices | ||||
| MFA enforced | ||||
| Zero third-party routing |
TeamViewer and AnyDesk were both breached in 2024. ProxyLink has no breach history.
Free access. No credit card. Full MSP feature set during early access.
Get free access →Questions? Email [email protected]