Since Corona and the increase of home offices, corresponding solutions have become very attractive for attacks. In Switzerland, according to the IT security experts from Eset, there has been a sharp increase in attacks, especially on remote desktop connections – from 30,000 to over 200,000 attacks daily. The aim is to gain access to foreign data or to infiltrate malware. We recommend the following measures especially for Remote Desktop:
With a Remote Desktop Gateway the RDP connection is encrypted with HTTPS and thus additionally secured for access via the Internet. With the gateway, you can define your own permission group for external access, in which only home office users are included. Do not give administration rights to any of these users.
As an alternative to the Remote Desktop Gateway, protect your RDP connection with a VPN connection as an additional security layer.
If the use of an RDS gateway and VPN is not possible and the RDP port to the Internet is opened directly, at least the attack surface should be reduced. Use a NAT rule to set the RDP port in the WAN to a random port, but not the standard port 3389. If possible, restrict access geographically and temporally. Only give RDP access rights to users who need them. Disable the default administrator so that potential attackers would first have to find out possible user names.
Each user must choose a strong password.
Use two-factor authentication for all accounts that can access Remote Desktop from the outside world.
The above measures should effectively secure any RDP environment. A higher level of security than the Internet average is already half the battle against random attacks.
Our product assistant helps you to find the right products.