Is Remote Desktop Safe Over Internet Connections?
Is Remote Desktop safe to use over internet connections?
This is a question that I get asked quite regularly and the answer is NO!
RDP IS NOT A SECURE ACCESS TECHNOLOGY
RDP was originally designed for remote administration of systems, not as a means of secure remote access. Microsoft has added features over the years to help secure the service which is good but it still isn’t 100% secure.
Opening port 3389 on your firewall to allow RDP traffic to pass through is not a good idea as it opens a door for a hacker to perform Denial of Service (DoS) attacks. DoS attacks essentially can render computers on your network unusable, which can lead to costly downtime.
RDP is susceptible to Man In The Middle Attacks which essentially means that if somebody can “sniff” your internet connection they can read the information that is sent and received via your RDP session and can easily crack passwords to gain full access to your network and information stored within your network.
The easiest and most cost effective way to remove vulnerabilities associated with RDP use is to implement a private IP network or VPN between where your PCs or thin clients are being used, and where your servers hosting the RDP sessions are.
In a previous article on this blog I explained the difference between VPN and Private IP utilising MPLS, which is the most cost effective and scalable solution to secure your network.
So in summary, if your business uses RDP over the internet and you work with sensitive information such as your customers’ private information I would strongly recommend implementing a Private IP Network to protect your customers’ and your own information. Private IP will be more expensive than standard internet connections, but it will prevent any possibility of your RDP sessions getting hacked and your sensitive information being stolen and used for malicious purposes.
You will have peace of mind knowing that you and your customers’ information is secure.
For more information on private IP networks please visit www.aussiebroadband.com.au/business