You’re sitting on your couch at home, it’s 8:00 on a Saturday night and one of your interns emails you about a new security vulnerability he just heard about on the latest and greatest podcast. You know that this new vulnerability is going to be the first thing to come up during the morning water cooler talk Monday morning. It’s time for you, the great server admin, to take flight and protect your kin!
So, where do you start? Drive into the office? Wing it and hope no one tries anything until Monday? Ignore the problem and act like you didn’t know about it? Nope! Like the great server admin you are, you fire up the VPN solution so you can connect into the office. That gives you the ability to RDP into servers and take care of running any updates you need to.
So, let’s take a step back now and talk about why we want to use a VPN.
First off, what is a VPN? A VPN, Virtual Private Network, is a secure connection from you to another point on the internet. Many workplaces have internal networks that are only accessible when workers are on campus. If someone were at home and needed to interact with devices at work, they could use a VPN between where they are, and the exit connection point would be back at their office. The VPN creates a tunnel that all the traffic is encapsulated into and encrypted. After the VPN has connected you to your office you are able to use RDP to connect to the servers.
RDP is the Remote Desktop Protocol. RDP was developed by Microsoft to allow a user to log onto a remote computer and run applications much like you would if you had been sitting at the machine. This allows someone to be able to access a machine from across a room or another part of the world.
So why wouldn’t you want to allow RDP without the VPN?
RDP is an older protocol and over the years it’s been found to have some flaws when enabled. Even after you patch your Windows box, more bugs can be found so it is always important to keep it up-to-date. One of the more recent and notable RDP vulnerabilities you might have heard of was known by the name BlueKeep. This allowed for the potential of remote code execution on multiple installations of Windows.
Keep your company safe by using a VPN to connect before using RDP. That is what the great server admins out there do!
Questions? Contact ProCircular today!