Remote-access Guide

how to secure remote access to a pc

by Ryder Frami Published 2 years ago Updated 2 years ago
image

Basic Security Tips for Remote Desktop
  1. Use strong passwords. ...
  2. Use Two-factor authentication. ...
  3. Update your software. ...
  4. Restrict access using firewalls. ...
  5. Enable Network Level Authentication. ...
  6. Limit users who can log in using Remote Desktop. ...
  7. Set an account lockout policy.

Full Answer

How do you open a Remote Desktop Connection?

You'll need this later.

  • Make sure you have Windows 11 Pro. To check this, select Start , and open Settings . ...
  • When you're ready, select Start , and open Settings . Then, under System , select Remote Desktop, set Remote Desktop to On, and then select Confirm.
  • Make note of the name of this PC under PC name. You'll need this later.

How do I find my Remote Desktop Connection?

You'll need this later.

  • Make sure you have Windows 10 Pro. To check, go to Start > Settings > System > About and look for Edition . ...
  • When you're ready, select Start > Settings > System > Remote Desktop, and turn on Enable Remote Desktop.
  • Make note of the name of this PC under How to connect to this PC. You'll need this later.

How to block remote desktop access?

  • Option One: To Enable or Disable Remote Desktop Connections to this Computer in Settings
  • Option Two: To Enable or Disable Remote Desktop Connections to this Computer in System Remote Settings
  • Option Three: To Enable or Disable Remote Desktop Connections to this Computer using a REG file

More items...

How to fix 8 common Remote Desktop Connection problems?

  • Open the Control Panel by entering Control at the Windows Run prompt
  • Click System and Security
  • Click Windows Defender Firewall
  • Click Allow an App or Feature Through Windows Defender Firewall
  • Select the Remote Desktop option
  • Click OK

image

What is remote access?

Remote PC access methods, such as desktop sharing, connect a remote computer to the host computer from a secondary location outside of the office. This setup means the operator has the ability to access local files on the host computer as if they were physically present in the office.

How to secure work online?

Your options are using either remote computer access, virtual private networks, or direct application access. Each method has its benefits and drawbacks. Choose the method that works best for your organization.

How to protect data with passwords?

To enact one-time-use credentials, create a log of passwords in a spreadsheet acting as a “safe.” When you a single-use password for business reasons, have the user label the password in the spreadsheet as “checked out.” Upon completion of the task, have the user check-in the password again and retire it.

Why is encryption important?

As important as it is to choose an access method for your online workers , it’s equally important those methods use encryption to secure remote employees’ data and connections. Simply put, encryption is the process of converting data into code or ciphertext.

Why do businesses need to have a cybersecurity policy?

If your business allows remote work, you must have a clear cybersecurity policy in place so that every employee’s access to company data is secure. Without a strategy in place, any employee can easily become an entry-point for a hacker to hijack your organization’s network.

How does a VPN work?

A virtual private network (VPN) is software that creates a secure connection over the internet by encrypting data. Through the process of using tunneling protocols to encrypt and decrypt messages from sender to receiver, remote workers can protect their data transmissions from external parties.

Why use AES encryption?

As it stands, most businesses have the security protocol to use Advanced Encryption Standard (AES) to secure data due to its compatibility with a wide variety of applications. It uses symmetric key encryption, meaning the receiver uses a key to decode the sender’s data. The benefit of its use over asymmetric encryption is it’s faster to use. Look for encryption software that uses AES to secure company data.

How to open local security policy?

Go to the Start menu or open a Run prompt (Windows Key + R) and type “secpol.msc” to open the Local Security Policy menu.

How to see who is logging into my PC?

If you’re wondering how you can keep track of who is logging into your PC (and from where), you can open up Event Viewer to see.

Is remote desktop secure?

How to Enable and Secure Remote Desktop on Windows. While there are many alternatives, Microsoft’s Remote Desktop is a perfectly viable option for accessing other computers, but it has to be properly secured. After recommended security measures are in place, Remote Desktop is a powerful tool for geeks to use and lets you avoid installing third ...

How secure is remote desktop?

How secure is Windows Remote Desktop? Remote Desktop sessions operate over an encrypted channel, preventing anyone from viewing your session by listening on the network. However, there is a vulnerability in the method used to encrypt sessions in earlier versions of RDP.

How to restrict access to remote desktop?

Use firewalls (both software and hardware where available) to restrict access to remote desktop listening ports (default is TCP 3389). Using an RDP Gateway is highly recommended for restricting RDP access to desktops and servers (see discussion below). As an alternative to support off-campus connectivity, you can use the campus VPN software to get a campus IP address and add the campus VPN network address pool to your RDP firewall exception rule. Visit our page for more information on the campus VPN service.

What is RDP gateway?

It provides a way to tightly restrict access to Remote Desktop ports while supporting remote connections through a single "Gateway" server. When using an RD Gateway server, all Remote Desktop services on your desktop and workstations should be restricted to only allow access only from the RD Gateway. The RD Gateway server listens for Remote Desktop requests over HTTPS (port 443) and connects the client to the Remote Desktop service on the target machine.

Why is RDP gateway important?

By enforcing the use of an RDP gateway, you also get a third level of auditing that is easier to read than combing through the domain controller logins and is separate from the target machine so it is not subject to tampering. This type of log can make it much easier to monitor how and when RDP is being used across all the devices in your environment.

What to do if remote desktop is not used?

If Remote Desktop is not used for system administration, remove all administrative access via RDP, and only allow user accounts requiring RDP service. For Departments that manage many machines remotely remove the local Administrator account from RDP access at and add a technical group instead.

How to check if you need authentication for remote connection?

To check you may look at Group Policy setting Require user authentication for remote connections by using Network Level Authentication found at ComputerPoliciesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostSecurity. This Group Policy setting must be enabled on the server running the Remote Desktop Session Host role.

Why is Remote Desktop better than 3rd party?

One advantage of using Remote Desktop rather than 3rd party remote admin tools is that components are updated automatically with the latest security fixes in the standard Microsoft patch cycle. Make sure you are running the latest versions of both the client and server software by enabling and auditing automatic Microsoft Updates. If you are using Remote Desktop clients on other platforms, make sure they are still supported and that you have the latest versions. Older versions may not support high encryption and may have other security flaws.

How to secure RDP?

Ananth: There are some built-in, no-cost defenses that can secure RDP. These include: 1 Patching: Keep servers especially up to date. 2 Complex passwords: Also use two-factor authentication, and implement lockout policies. 3 Default port: Change the default port used by RDP from 3389 to something else via the Registry. 4 Windows firewall: Use the built-in Windows firewall to restrict RDP sessions by IP address. 5 Network Level Authentication (NLA): Enable NLA, which is non-default on older versions. 6 Limit RDP access: Limit RDP access to a specific user group. Don't allow any domain admin to access RDP. 7 Tunnel RDP access: Tunnel access via IPSec or Secure Shell (SSH).

What are some built-in, no-cost defenses that can secure RDP?

Ananth: There are some built-in, no-cost defenses that can secure RDP. These include: Patching: Keep servers especially up to date. Complex passwords: Also use two-factor authentication, and implement lockout policies. Default port: Change the default port used by RDP from 3389 to something else via the Registry.

What is the RDP vulnerability?

Most notably, 2019 gave rise to a vulnerability known as BlueKeep that could allow cybercriminals to remotely take over a connected PC that's not properly patched.

What firewall is used to restrict RDP sessions?

Windows firewall: Use the built-in Windows firewall to restrict RDP sessions by IP address.

How many systems are exposed to the internet via RDP?

Web crawlers like shodan.io make it easy for attackers to quickly identify vulnerable public-facing machines. Worldwide, more than two million systems are exposed to the internet via RDP, of which more than 500,000 are in the US.

Can RDP be placed on the internet?

Some major organizations place RDP directly on the internet, but most (hopefully) are doing this unknowingly. Checking on this is pretty simple; just fire up your favorite internet-wide scanner and look at all the RDP instances directly exposed. Ananth: There are some built-in, no-cost defenses that can secure RDP.

Do all RDP instances need a VPN?

Gamblin: Without many exceptions, all RDP instances should require multiple levels of access and authentication controls. This would include the use of a VPN to access an RDP instance and requiring a second factor (like Duo) for authentication.

How to allow remote access to PC?

The simplest way to allow access to your PC from a remote device is using the Remote Desktop options under Settings. Since this functionality was added in the Windows 10 Fall Creators update (1709), a separate downloadable app is also available that provides similar functionality for earlier versions of Windows. You can also use the legacy way of enabling Remote Desktop, however this method provides less functionality and validation.

How to connect to a remote computer?

To connect to a remote PC, that computer must be turned on, it must have a network connection, Remote Desktop must be enabled, you must have network access to the remote computer (this could be through the Internet), and you must have permission to connect. For permission to connect, you must be on the list of users. Before you start a connection, it's a good idea to look up the name of the computer you're connecting to and to make sure Remote Desktop connections are allowed through its firewall.

How to remotely connect to Windows 10?

Windows 10 Fall Creator Update (1709) or later 1 On the device you want to connect to, select Start and then click the Settings icon on the left. 2 Select the System group followed by the Remote Desktop item. 3 Use the slider to enable Remote Desktop. 4 It is also recommended to keep the PC awake and discoverable to facilitate connections. Click Show settings to enable. 5 As needed, add users who can connect remotely by clicking Select users that can remotely access this PC .#N#Members of the Administrators group automatically have access. 6 Make note of the name of this PC under How to connect to this PC. You'll need this to configure the clients.

Should I enable Remote Desktop?

If you only want to access your PC when you are physically using it, you don't need to enable Remote Desktop. Enabling Remote Desktop opens a port on your PC that is visible to your local network. You should only enable Remote Desktop in trusted networks, such as your home. You also don't want to enable Remote Desktop on any PC where access is tightly controlled.

What is remote access VPN?

The most basic form of VPN remote access is through a RAS. This type of VPN connection is also referred to as a Virtual Private Dial-up Network (VPDN) due to its early adoption on dial-up internet.

What is the first thing that’s required to ensure smooth remote access via a VPN?

The first thing that’s required to ensure smooth remote access via a VPN is to plan out a comprehensive network security policy.

Why is IPSEC used?

This allows IPSec to protect data transmission in a variety of ways. IPSec is used to connect a remote user to an entire network. This gives the user access to all IP based applications. The VPN gateway is located at the perimeter of the network, and the firewall too is setup right at the gateway.

What are the implications of IPSec connections for corporations?

What are the implications of IPSec connections for corporations, considering the very nature of this connection? Well, your employee will only be able to access the network from a single, authorized device. Security is further boosted by the enforcement of antivirus and firewall policies.

What is IPSEC encryption?

IPSec is an IP packet authentication and encryption method. It uses cryptographic keys to protect data flows between hosts and security gateways.

What is the line of defense for remote access?

So, you have a three-layer line of defense working to protect remote access to your network: anti-virus, firewall, and VPN. The network security team should monitor alerts from these defenses constantly.

Should a company use IPSEC VPN?

A company should go for IPSec VPN remote access if it has a strong networking department with the ability to configure each employee’s hardware device individually (installing client software, enforcing security policies etc.).

What does it mean when a remote access application configuration only requires the user to enter a username and password?

If a remote access application configuration only requires the user to enter a username and password, the application has been configured insecurely.

How many failed login attempts can you lock out?

Limit login attempts. Set your remote access to lock out a user after six failed login attempts, with administrators able to unlock accounts.

What does it mean when an attacker sees an IP address with ports 5800 and 5900?

Attackers will routinely scan large ranges of IP addresses looking for open ports that typically relate to the use of remote access tools (i.e., if attackers see that an IP address has ports 5800 and 5900 open, they assume that Virtual Network Computing (VNC) is installed. If they see that ports 5631 and 5632 are open, they assume the system is configured for pcAnywhere).

Is remote access a good technology?

While remote computer access is a convenient and important technology, it’s unfortunately also one of the most hacked business resources in recent years.

image
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9