You often hear stories of those who grew up in the 1950s and 60s of how they would never lock their doors. Today, it would almost be unthinkable to leave your home without locking it. Why? A lot has changed over the years and ultimately the world is not the same today as it was during that period. As a culture, we have learned the importance of physical security and implemented practices and measures to protect what is valuable to us. In essence, we have adapted to the threats around us.
Ironically, when it comes to network security, this same adaptation doesn’t always occur. Instead of adapting to the threat landscape of today, many companies continue to use technologies that can be likened to leaving your front door unlocked. Case in point – remote access using Microsoft’s Remote Desktop Protocol (RDP). To explain, RDP is a protocol used to remotely access computers and servers. It is extremely easy to use and offers much in the way of functionality. For these reasons and more, RDP has been a fan favorite of users and IT personnel for decades. So why should you stop using RDP?
Risks of RDP
Despite the conveniences of RDP, under certain circumstances it has become increasingly unsecure. How so? When RDP is configured to allow access from anywhere on the internet, it becomes highly susceptible to attacks. Hackers all over the world are constantly scanning the internet looking for devices configured for RDP. Once found, they will use tools to try and crack or break into your system. One example that is very common is the use of brute force utilities. This program can guess thousands of password possibilities every minute and typically it is only a matter of time before a password is “cracked.”
Recommendation: Stop using RDP
What if you currently access your network remotely using RDP? Our recommendation is to disable it A.S.A.P. There are more secure ways to access your network. Implement VPNs or technologies such as Direct Access which can provide you the necessary connectivity. If you absolutely cannot disable RDP at this time, then it is paramount you have a strong password and lockout policy. This is the only way to protect or delay a hacker’s ability to access your systems. Many firewalls also have the ability to block access from specific countries. This technology is called Geo Blocking and can go a long way in providing additional layers of protection, especially for those companies that are not global in nature.
Ultimately, act in some way…do something! Ignoring this growing threat could be devastating for your network and business. The lesson to take away from this is that threats are constantly evolving and we must adapt. If you have questions or concerns, let us know – we’re always here to help.