Is it time to move away from RDP for remote users?
One of the most convenient waysof working remotely is remote desktop access. It is a widely known fact thatopening a hole in a firewall in order to get a direct RDP connection is riskyas it entails a weak encryption or VPN. Because it is convenient and so muchquicker to set up a direct RDP rather than a VPN or a gateway proxy, most userstend to ignore the risks associated with it. Additionally, it is alsoconsiderably cheaper.
However, there are numerous disadvantagesthat accompany the use of direct RDP for remote users and perhaps the mostimportant one is the concern for security. Because RDP makes use of port 3389which is an open port, the security and safety of the user is at stake. Theserver can be immediately attacked by hackers through countless attempts ofauthentication in the hope that at least one of them would work. It is best to rename your user account from ‘administrator’to something different, as well as have a strong password and enable auto-lockon your account when there has been three attempts on entering the incorrectpassword.
The biggest problem concernedwith the use of direct RDP is performance. Because of the aforementionedattempts to log into the server by hackers from all around the world, there arethousands of sessions created every minute which require the system to respondto them. Consequently, the main functions you are trying to perform on yourserver are affected through slower processing and unnecessary lags. There aresome steps you can follow to ensure that your slow performance of the system isnot because of a brute force attack; one of which is checking the sessionnumbers to see whether they are insanely high or not.
While these can be temporarysolutions, they are not always effective and the whole setup will still be abig threat to the safety of the user. Perhaps the best solution is to use a VPNor an RDP gateway proxy. These help secure the connection through theestablishment of an encrypted tunnel in the network which prevents middle-manattacks and also helps provide a better network with better performance. Aconvenient and cheap as direct RDP sounds, it can be a source of a great dealof trouble in the long run and therefore it is advised to always take the saferroute in order to avoid easily preventable costly incidents in the future.
Our technicians at TriTech are well informed and can help you get setup in a more secure environment. Send us a quick email to support@tri-tech.comand we'll help you out right away.