Configuring Your Remote Desktop Connection

What you need to know about configuring your remote desktop

Did you know remote access applications are one of the top avenues attackers use to gain access into merchant systems? Hackers focus on remote access because it’s the easiest avenue for hackers to find and steal data. By using stolen remote access credentials, hackers can bypass difficult firewalls and more easily gain access to sensitive data.

See also: White Paper - Securing Your Remote Desktop Connection.

Configuration is the culprit

It’s not necessarily the remote access application itself, but the way it’s configured that creates vulnerabilities.

Here are a few ways configuring your remote desktop connection incorrectly can make it vulnerable to cyber attacks:

Default passwords

When a remote desktop connection is installed, it uses default passwords. Often these passwords will continue to be used even after installation because it’s easier for future maintenance and use. It’s much more convenient for users and vendors to not have to remember a new password, and it makes the work go faster.

Unfortunately, these passwords aren’t secure and can easily be used by attackers, making your whole software and data vulnerable. Most default passwords and settings are well known by hackers and are easily found via an Internet search. So having a password will do you no good if it’s not a secure one.

See also: How to Do Passwords Right: Password Management Best Practices

Default usernames

Hackers want to find the easiest way to steal data. For them, an easy way is to gain credentials to remote access. By gaining the credentials, hackers can bypass firewalls. Which is easier, going up against a heavy duty firewall, or finding the password to slip by it?

Similar to the password dilemma, by not changing default usernames with security in mind, you’re leaving your remote access vulnerable to attacks.

See also: Top 5 Security Vulnerabilities Every Business Should Know

Third party providers

Many companies will often assume the third-party provider of their remote access will configure the application properly. They may also feel the third-party provider will be at fault should a breach happen. Not so.

Even if your third-party provider fails to configure the application properly and a data breach happens, the merchant is at fault. Making sure the remote desktop connection has secure passwords and usernames is the merchant’s responsibility.

See also: Remote Access Attacks: How to Protect Against Malware

See also: SecurityMetrics PCI Guide

Keep your remote access secure

While remote access is one of the top avenues for hackers to steal data, there are ways to secure it. Here are some tips to make sure your remote desktop connection is secured properly:

• Use two-factor authentication: this is a PCI requirement. You must use a combination of three things to provide authentication: something you know, something you have, or something you are.
• Keep firewalls updated: this helps ensure adequate internal and external protection.
• Store and monitor logs: monitoring log activity can help find suspicious activity, like someone logging in at 3 am over 100 times.
• Run vulnerability scans: these scans can help you find and fix internal and external vulnerabilities.
• Don’t allow guest accounts: guest accounts allow anonymous computer and system access.
• Limit login attempts: set the application to lock out the user if they try to login after a number of failed attempts.
• Use limited access: only provide remote access to those who need it. It keeps credentials from falling in the wrong hands.
• Train employees: make sure everyone knows the procedures with remote access so employees aren’t accidentally giving credentials to unauthorized users.

Remember, your remote desktop connection is only as secure as you configure it. If you don’t secure it properly, your company is at risk for data theft.

Insecure remote access is a simple problem to fix, especially as remote work becomes more and more common. These small changes can make a big difference in the long run.