#CybersecurityTip: Remote Desktop Protocol (RDP) is an effective tool that allows MSPs to access and control their clients machines remotely through RMM to troubleshoot errors at any point in time. This type of flexibility is attractive to the MSP, but it is even more attractive to a threat actor. An unsecured RDP can open up many vulnerabilities if it is not properly protected, especially if malware is deployed. This can be alarming for the MSP if the following best practices are not in place in order to secure and lock down your RDP.
Risks of an Unsecured RDP:
A primary goal of the threat actor is to gain full access to the RDP by:
- Brute force attacks to break login credentials
- Social engineering attacks to deploy malware/ransomware
- Open up backdoors (and leave them open for future attacks)
- Gain full control of exfiltrated network and ability to navigate into other networks; jeopardizing an MSPs SMBs
- Deploy malware or ransomware to access or hold hostage of sensitive data
Secure Your RDP:
- Use a strong, unique passwords and/or passphrase
- Update/patch your software and hardware regularly. Run the latest version software.
- Change/disable listening port to so that port-scanners cannot find it.
- Establish a lockout policy for failed login attempts.
- Enable Network Level Authentication (NLA). This provides an extra level of authentication before a full connection is established.
- Use Remote Desktop Gateway Server (RD Gateway). It provides another way to restrict access to Remote Desktop ports while supporting remote connections through a single "gateway" server.
- For super security, implement an additional multi-factor authentication tool on an alternate device.
Restrict Access by:
- Privileged Access Management and User Permissions
- Using Strict Firewalls
- Restrict IP Address Access
Did you know Passportal's Ocular™ privileged access management platform secures your MSP and your network from internal and external threats?
Recently Released Cybersecurity Tips:
- National Cyber Security Awareness Month: Week Four Recap
- Cybersecurity Tip #21: Establish a Security Policy
- Cybersecurity Tip #22: Consider Compliance Regulations
- Cybersecurity Tip #23: Offer Extra Service Opportunities
- Cybersecurity Tip #24: Monitoring BYOD (Bring Your Own Device)
- Cybersecurity Tip #25: The Risks of BYOD (Bring Your Own Device)
- Cybersecurity Tip #26: Remote Access Management
- Cybersecurity Tip #27: Remote Monitoring and Management (RMM)