Our Insights

Valuable information we share.

Risks of Unsecured Remote Desktop Connections

Posted by Nino Vales | Jun 18, 2018 11:14:58 AM
The ability to connect to your work computer or remote desktop server remotely provides an added productivity to some employees.

However, the risks of having this incorrectly configured outweigh the convenience it provides.
There are plenty of remote control or desktop sharing programs available. But not all organizations have policies regarding remote access. This leads to several non-standardized and unsecured approach of setting up remote access to work computers.

In the past, enabling remote desktop access and configuring the firewall to forward the necessary ports allows people to connect to their work computer. Most of the time, this is configured in a not secured manner and often scanned and exploited by the bad guys.

Using a weak password and a public remote desktop connection is a recipe for disaster. It also affects the performance of the remote connection due to constant attempts of unauthorized logins.

Things to consider with having an unsecured remote desktop setup:

  • First of all, this is not secure and not recommended. If the firewall port is exposed to the public, it will allow any IP address to connect to it. Anyone located from different parts of the world can try to brute force their way into your computer.
  • The computer can be infected with malware, ransomware, or data theft. Installation of backdoor programs or identity theft is also some of the few things that could happen if they gain access to a machine.
  • If a lockout policy is in place, the accounts will be locked down due to incorrect password attempts causing a denial of service to the owner of the account.
A workaround to secure the connection is by limiting the trusted IP addresses that are allowed to connect remotely. Instead of opening it to the public, it will be limited to trusted IP addresses.

But home routers commonly have a dynamic IP address assigned by the Internet Service Provider (ISP) which means it changes periodically. Once the IP changes, then the remote access is revoked. This defeats the purpose of having access to your computer remotely whenever you need it. Some routers support dynamic DNS or hostnames, but not all support it for port forwarding. It will be unreliable to have a dynamic IP added to the trusted IP addresses. Static IP addresses provide a fixed and trusted connection but might not be available for residential customers.

An ideal and hardened approach to secure the connection is thru a Virtual Private Network (VPN).

VPN sets up a secure tunnel between your remote location and your office network. This will encrypt the connection and prevent outsiders from logging in using remote desktop to your work computer.

If you know you are connecting to your work computer or a terminal server remotely and not familiar with VPN, please contact your administrator to review and secure your existing setup.

It is strongly recommended to secure all public remote desktop ports in your network. It is risky, outdated, and can easily be exploited.

Attackers will take advantage for every loophole they can find. Business continuity is important and information security should be taken seriously.

Topics: Remote Desktop

Written by Nino Vales

Nino regularly writes about tips and articles about Cyber Security. He currently holds dual CCNA certification in Routing and Switching, and CyberOps. During his free time, he loves to go fishing and play basketball. He is a huge NBA fan and loves to collect limited edition basketball sneakers and jerseys. He currently plays NBA 2K19 in his PS4.

ASK US HOW WE CAN SERVE YOU

Clear Concepts is a team of passionate professionals, proud of what we do — we want to make a positive impact on your operation.

Let us hear your technology challenges and opportunities so we can help you get the most out of your technology investment, on-premise and in the cloud. Contact us today.