8 tips to secure from RDP's related threats

One of the new norms created as a result of recent pandemic is the increase of staffs working from home. These in turns created the needs to allow staffs to remotely access computers in the office using Microsoft's Remote Desktop Protocol (RDP).

It is a known fact that RDP itself has many security issues needed to be addressed. Some of the possible risks if it is not being handled properly including brute force attacks where cybercriminals uses automated tools to gain the access to your servers. The attackers can then enter your network with administrative rights, disable your cyber security protections, deploy ransomware, copy data out or install cryptocurrency-mining malware.

Here are 8 ideas we would like to share to more effectively protect your remote access accounts:

1. Disable RDP or keep the number of users allowed to connect directly to the organization's servers over the internet as minimal as possible.
2. Have strong passwords policies for all accounts that can be logged into via RDP.
3. Use an additional layer of authentication for example Multi factor or 2 factors authentication.
4. Implement a virtual private network (VPN) gateway to broker all RDP connections from outside your network.
5. Disable external connections to local machines at the firewall level.
6. Protect your endpoint security software from tampering or being removed by password-protecting its settings.
7. Create segmentation for your insecure or outdated computers to an isolated network if it is necessary to accessed from the internet while waiting to upgrade.
8. Conduct user awareness training as often as possible to strengthen the 'Human Firewall' for cyber attacks.