The risks of such exposure are far too high. With that said, how do you secure RDP for both internal and external operations?įirst security rule of RDP- it is absolutely unacceptable to leave RDP exposed on the Internet for access-no matter how much endpoint and systems hardening is performed. If these setting are solely relied on for security and used as is, they create a situation that presents an unacceptable risk to most organizations. RDP’s default settings only provide a baseline for encryption and basic security. Requires a level of IT security maturity that goes far beyond default RDP settings. However, securing RDP to prevent rogue sessions, hijacking, inappropriate access, exploits, privileged escalation, etc. In ideal and environmentally-controlled situations, the remote desktop protocol works great. However, some of these use cases pose far more dangerous risks than others.īest Practices for Addressing RDP Security Risks These are all valid use cases, and extremely important in a work-from-anywhere world. Allow employees, contractors, vendors, or auditors access to a desktop to provide a similar user experience as being in an office.Provide access for help desks, call centers, and service desks into remote users that provide technical support.Provide a graphic user experience to remote servers, regardless of their location, for maintenance, set up, and troubleshooting.Allow a virtual desktop interface (VDI) for (or into) cloud environments using a common office environment (COE) for employees or contractors.Provide a bastion host with applications into an environment that mimics local resources. IS THERE A NEW RDP CLIENT FOR MAC WINDOWSTo that end, if you are familiar with using a Citrix Server or Microsoft Windows Terminal Services, you are probably using RDP all the time-and may not even be aware of it-using an Remote Desktop (RD) Gateway or RD Web Access approach, which shares similar risks.Įnterprises of all sizes may use RDP to access servers, collaborate with other employees, and remotely access desktops to perform tasks similar to how they would with a physical office presence. This practice is common and should absolutely be avoided. However, the highest risk is the exposure of RDP on the Internet, port 3389, and allowing it to traverse directly through the firewalls to a target on the internal network. The mitigation would entail additional authentication and abstraction controls in the RD Gateway or RD Web Access Server defined as Policy Rules. While these are based on running RDP over HTTPS (blue and black connectivity lines), the risk is only moderately mitigated as compared to running the RDP protocol directly (orange line). A client can use a browser or remote desk client through the Internet to connect to remote desktop gateways on premise. The diagram above helps illustrate typical scenarios for connectivity. Read on for an overview of RDP including, how it works, common use cases, RDP security risks, best practices for securing RDP, and alternatives to RDP to keep your organizations. Numerous threat and breach research reports over the last 18+ months have indicated that this misuse of RDP is helping fuel the success and onslaught of ransomware and other cyberattacks. However, with emergence of a “new normal” that entails more remote working, increased reliance on cloud computing, and ever more distributed environments, RDP is now commonly being stretched for use cases far beyond what it was intended. Over this time, RDP has also had its share of security issues. Since the release of XP, RDP has been the de facto standard for remote session access for Windows Desktop and Server Operating Systems.Īt 20 years old, RDP has seen multiple versions, with new capabilities added to mature it as a reliable remote access protocol. Every Windows OS release to follow has also included this capability, which became mainstream with the release of Windows XP (circa October 2001). This add-on capability enabled remote desktop access over a network using TCP/IP. In 1998, Microsoft introduced Windows Terminal Server as an add-on to Windows NT Server 4.0 Operating System. RDP (remote desktop protocol) is a technology that allows for a complete desktop experience, including remote sound, clipboard, printers, and file transfers with high resolution graphics (which can be scaled down based on bandwidth) for a remote user.
0 Comments
Leave a Reply. |
AuthorGreta ArchivesCategories |