One of the most convenient ways of working remotely is remote desktop access. It is a widely known fact that opening a hole in a firewall in order to get a direct RDP connection is risky as it entails a weak encryption or VPN. Because it is convenient and so much quicker to set up a direct RDP rather than a VPN or a gateway proxy, most users tend to ignore the risks associated with it. Additionally, it is also considerably cheaper.

However, there are numerous disadvantages that accompany the use of direct RDP for remote users and perhaps the most important one is the concern for security. Because RDP makes use of port 3389 which is an open port, the security and safety of the user is at stake. The server can be immediately attacked by hackers through countless attempts of authentication in the hope that at least one of them would work.  It is best to rename your user account from ‘administrator’ to something different, as well as have a strong password and enable auto-lock on your account when there has been three attempts on entering the incorrect password.

The biggest problem concerned with the use of direct RDP is performance. Because of the aforementioned attempts to log into the server by hackers from all around the world, there are thousands of sessions created every minute which require the system to respond to them. Consequently, the main functions you are trying to perform on your server are affected through slower processing and unnecessary lags. There are some steps you can follow to ensure that your slow performance of the system is not because of a brute force attack; one of which is checking the session numbers to see whether they are insanely high or not.

While these can be temporary solutions, they are not always effective and the whole setup will still be a big threat to the safety of the user. Perhaps the best solution is to use a VPN or an RDP gateway proxy. These help secure the connection through the establishment of an encrypted tunnel in the network which prevents middle-man attacks and also helps provide a better network with better performance. A convenient and cheap as direct RDP sounds, it can be a source of a great deal of trouble in the long run and therefore it is advised to always take the safer route in order to avoid easily preventable costly incidents in the future.

Our technicians at TriTech are well informed and can help you get setup in a more secure environment. Send us a quick email to support@tri-tech.comand we’ll help you out right away.