Threat actors can so easily target organisations through
remote desktop protocols (RDP) - which is why partners should consider the
super-safe remote access solution from RealVNC.
Externally exposed, insecure RDP remains
alive and well out there, despite partners' best efforts so far in
educating the market, as noted by the RealVNC blog.
To make things worse, many organisations still aren't
standardised on multi-factor authentication (MFA) and do little monitoring,
even of older host operating systems that are often still hiding away in a
corner somewhere.
That's largely why, however, RDP misuse is still talked
about by current cyberattack reports covering ransomware and the like. in 2018,
RDP was listed as a leading attack vector, and today it might be behind
phishing but still ahead of vulnerabilities when it comes these risks.
In a 2023 Active Adversary Report for Tech Leaders from
Sophos, for instance, RDP played a role in as many as 95 in every 100
cyberattacks, up from 88% in 2022. And a three-year GoSecure honeypot study of
20,000 RDP sessions collected some 190 million separate threat actions.
RDP is not only a way to enter the company network but it
can help cybercriminals move around the network once they've successfully
compromised it.
It's time
to move customers away from RDP
Luckily, more secure routes to remote access are available,
delivering additional control. With RealVNC
Connect, you get secure remote access with MFA.
And you can deliver granular control, restricting
utilisation of remote sessions to specific machines. That's opposed to RDP
which allows anyone to use any other machine they have local log-on rights for.
At the same time, leveraging the principle of least
privilege, with RealVNC, organisations can apply a specified level of privilege
to any given remote-access session.
Every remote control session must first be authenticated
For example, with device access, all connecting users must
authenticate to VNC Server, which is the app that's installed as part of VNC
Connect on every remote endpoint and also has recommended MFA.
For on-demand assist, an end user must enters a nine-digit
code that's also unique to the session, received from their support technician,
out-of-band.
In addition, every remote connection on a VNC Connect
subscription is end-to-end encrypted via 128-bit AES 2048-bit RSA keys and
perfect forward secrecy, with optional 256-bit AES if desired via the
'AlwaysMaximum' Encryption setting in VNC Viewer, via File > Preferences
> Expert.
Even more security is available via a RealVNC Business
Premium or Enterprise subscription. For example, with an Enterprise
subscription, you can ensure that absolutely no data is ever stored by RealVNC
in the cloud.
For the full list of advantages and the right solution for
your organisation, talk to the team at QBS.
In the UK you can call us on +44 (0) 20 8733 7100, or click here to send a message.
(Image by Gordon Johnson from Pixabay)