Why Remote Users' Connection to Your Office May Be Bad, Really Bad - HUB Blog

HUB TechMinutes

Work smarter with the latest business technology news, tips and events.

HUB Blog

Better business through better information.
2 minutes reading time (325 words)

Why Remote Users' Connection to Your Office May Be Bad, Really Bad

Why Remote Users' Connection to Your Office May Be Bad, Really Bad

Remote desktop access is a great way to enable workers to work remotely. No doubt about that. However, the technology they are using to connect into your office may be putting your entire organization at risk. The fact is, there are a lot of businesses that utilize direct Remote Desktop Protocol (RDP) as a simple and cheap means of giving users access to the corporate network with or without knowing how risky it is. Direct RDP utilizes an open port in your firewall, without the protection of data encryption or secure virtual private network (VPN).

Consequently, any attackers who scan firewalls for open ports can easily find the vulnerability. Once found, hackers can instantly launch a brute force attack against an organization's server(s) resulting in 1000s of authentication attempts with random usernames and dictionary passwords to see if any of them matches and passes the authentication. This attack can not only degrade your server's performance significantly, but if a match is found, the attacker is in. And everyone knows what that means (ransomware deployment).

The Best Solution
In environments where security is a primary concern, which nowadays ought to be every environment, there are best practices to follow for setting up network access for remote users. One practice is to set up a secure VPN connection which creates encrypted tunnels between the office network and remote users, thus eliminating the need for RDP ports be open on the firewall (this will also serve to prevent brute force and man-in-the-middle attacks).

A second option would be to set up an RDP proxy gateway to secure the connections with a secure sockets layer (SSL) certificate (this requires an SSL certificate to be purchased).

Bottom-line, always use best practices in your network environment as unsecure methods of direct RDP can be very costly. To determine if your business is vulnerable to attack via RDP or to learn more about properly securing your business against hacker attacks, contact us today!

Make Your Business Better with HUB's BeSure IT Ass...
Technology Basics: Blue Screen of Death

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Guest
Friday, March 05, 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.hub.ca/

Happy Clients

Don't Miss Our Next Newsletter!

Subscribe to our free monthly newsletter! It's packed with valuable information, useful tips, and important security alerts.
* indicates required
Your email address is secure with us - we never share our subscriber information.

HUB Tech Minutes

04 March 2021
There has been a massive increase in online shopping since the start of 2020 and it is important that consumers do their best to understand the potential security risks associated with eCommerce, and how to navigate around them. Today, we discuss som...
02 March 2021
Businesses are always looking for a way to boost productivity. Some businesses will try almost anything to do so. For the individual, however, managing your productivity is a little less complicated. That’s not to say that it is always simple. Typica...
01 March 2021
Passwords are effectively the cornerstone of your business’ data security—if they aren’t up to muster, your protections could crumble. Unfortunately, many users shortchange their passwords to try to make them more convenient, also making them more co...