Welcome, let's improve your business today!
Remote desktop access is a great way to enable workers to work remotely. No doubt about that. However, the technology they are using to connect into your office may be putting your entire organization at risk. The fact is, there are a lot of businesses that utilize direct Remote Desktop Protocol (RDP) as a simple and cheap means of giving users access to the corporate network with or without knowing how risky it is. Direct RDP utilizes an open port in your firewall, without the protection of data encryption or secure virtual private network (VPN).
Consequently, any attackers who scan firewalls for open ports can easily find the vulnerability. Once found, hackers can instantly launch a brute force attack against an organization's server(s) resulting in 1000s of authentication attempts with random usernames and dictionary passwords to see if any of them matches and passes the authentication. This attack can not only degrade your server's performance significantly, but if a match is found, the attacker is in. And everyone knows what that means (ransomware deployment).
The Best SolutionIn environments where security is a primary concern, which nowadays ought to be every environment, there are best practices to follow for setting up network access for remote users. One practice is to set up a secure VPN connection which creates encrypted tunnels between the office network and remote users, thus eliminating the need for RDP ports be open on the firewall (this will also serve to prevent brute force and man-in-the-middle attacks).
A second option would be to set up an RDP proxy gateway to secure the connections with a secure sockets layer (SSL) certificate (this requires an SSL certificate to be purchased).
Bottom-line, always use best practices in your network environment as unsecure methods of direct RDP can be very costly. To determine if your business is vulnerable to attack via RDP or to learn more about properly securing your business against hacker attacks, contact us today!
By accepting you will be accessing a service provided by a third-party external to https://www.hub.ca/