Bryan Hood, Sr. Solutions Engineer, Bomgar
Many IT departments and IT services vendors rely on Microsoft Remote Desktop Protocol (RDP) to access and work on their own or their clients’ remote computers and systems. Unfortunately, RDP is a common access pathway for hackers, who easily guess default logins and passwords or use brute-force attacks to gain control of RDP connections. Today, there is a thriving interest in RDP hacking, with cybercriminals buying and selling access to point-of-sale terminals and other systems that have RDP enabled on underground forums.
In fact, the 2013 Trustwave Global Security Report states: “Organizations that use third-party support typically use remote access applications like Terminal Services (termserv) or Remote Desktop Protocol (RDP), pcAnywhere, Virtual Network Client (VNC), LogMeIn or Remote Administrator to access their customers’ systems. If these utilities are left enabled, attackers can access them as though they are legitimate system administrators.”
Natively, RDP has no centralized management, auditing or reporting, and limited identity management integration. In addition, RDP is designed for remote access on a local area network (LAN), and establishing a connection to a computer on a remote network usually requires a VPN tunnel and firewall configurations that compromise security - such as opening the default listening port, TCP 3389.
In this webinar, Bryan Hood, Sr. Solutions Engineer at Bomgar, will demonstrate how organizations can eliminate these security gaps, by routing RDP through Bomgar’s secure remote support appliance. With this approach, tech support professionals can still access and fix all of the systems they need to, without opening a door to hackers.