Cybersecurity Insurance Checklist - Meet Insurance Requirements with BeyondTrust PAM Download for Free

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

RDP: Remote Desktop Protocol Risks are Far from “Remote”

August 19, 2019

  • Blog
  • Archive

Last week, Microsoft warned the public of four new Windows vulnerabilities that are “wormable,” meaning they can be exploited to spread malware from one vulnerable computer to another without any user action. This comes fresh on the heels of the already notorious BlueKeep RDP vulnerability, which was publicly disclosed just months ago

These latest bugs, already patched by Microsoft, reside in Remote Desktop Services (RDS), which allow a user to take control of a remote computer or virtual machine over a network connection. These kinds of vulnerabilities within Remote Desktop Protocol (RDP) can have major security implications for those organizations relying on it.

Today, it is very common for businesses to use RDP as a method to access servers, collaborate with other employees, and remotely access documents stored and backed up in their office. Cyber criminals have developed a wide array of tools to continuously look for remote access points on the Internet and discover potentially vulnerable targets, like the vulnerabilities Microsoft announced. According to the FBI and DHS, RDP attacks have been on the rise since 2016, with attackers using an open RDP port to take over machines and inject various types of malware into the system being remotely accessed.

In this blog, I’ll cover a couple important ways that BeyondTrust solutions can help you improve remote access security and eliminate dangerous threat vectors, such as by better protecting RDP sessions.

1. Control privileges and sessions across all remote access points

BeyondTrust’s privileged access management (PAM) platform enables you to apply least privilege, enforce password management best practices, and layer on other security controls to help secure your RDP.

BeyondTust enables secure session management, with the ability to proxy access to RDP, SSH, and Windows/Unix/Linux Applications. Dynamic assignment of just-in-time privileges via Adaptive Workflow Control allows organizations to lock down access to resources based upon the day, date, time, and location. By limiting the scope to specific runtime parameters, it narrows down the window of opportunity where someone might be exploiting misappropriated credentials. For example, if you normally expect the administrator (or third-party vendor) to be logging on from particular systems, you can ensure that access is only permitted from predefined, allowable address ranges. Similarly, you can set up policies to control when the accounts are accessible, and alert when specific access policies are invoked.

On top of its granular access controls, BeyondTrust ensures that managed accounts have their passwords regularly rotated. For the most sensitive accounts, you can implement one-time-passwords, meaning it is changed for each use. Thus, should someone illicitly gain access to RDP session credentials, the password would have been rotated after the last use, rendering the credential useless and impeding access. This approach mitigates the risk of unauthorized access.

2. Improve security around remote support sessions

BeyondTrust also provides the market’s most secure remote support solution.

BeyondTrust’s Remote Desktop integration allows you to lockdown RDP in your organization and provide a secure, centralized remote access solution with robust auditing and collaboration features.

BeyondTrust’s Remote Desktop integration leverages our Jumpoint technology. A Jumpoint is basically a connection to a remote host, which, in turn, is used to connect to other hosts. This is a great tool to access a private network. The user simply connects via a Jump host, and everything is secure and locked down. Once a Jumpoint has been installed on a remote network, an authorized user can leverage the Jumpoint to initiate sessions with Windows computers on that same network—even if those computers are unattended.

A Jumpoint can be used to start a:

  • Standard support session
  • Remote Desktop Protocol session
  • VNC session
  • Shell Jump to an SSH-enabled network device
  • Shell Jump to a Telnet-enabled network device
  • Intel® vPro Windows system session

Support sessions, RDP sessions, and VNC sessions can also be started with systems on the same network segment.

The Jumpoint acts as the RDP broker. With BeyondTrust Remote Support, you are able to assign RDP permissions for users and teams. The Jumpoint will only allow RDP access to the authorized users and teams. Organizations are then able to restrict installation and use of RDP clients in their environment, while configuring their RDP hosts to only accept connections from the Jumpoint. Once those changes are implemented, the solution’s Windows, Mac, iOS, Android, or Linux Technician Console are the only applications that can be used for RDP access.

How does it work? Here are the key steps:

  1. A Remote Support admin authorizes RDP access for a Technician or Support Team
  2. A Technician initiates an RDP session through a Jumpoint
  3. The RDP endpoint only accepts inbound RDP connections from the Jumpoint
  4. The Jumpoint brokers the request from the RDP endpoint to the Technician
  5. Optionally, the Technician is able to share and/or transfer the session with other technicians
  6. The RDP session details, such as the technician name, endpoint name, date, time, and more, are audited on the BeyondTrust appliance
  7. RDP sessions are recorded for auditing/compliance purposes

RDP with Collaboration

One of the powerful features of BeyondTrust’s Remote Support solution is the ability to collaborate with other Service Desk technician. With Remote Support’s RDP Integration, you can invite other Service Desk technicians to a support session, or even transfer a session to them. It’is a valuable, time-saving tool to have in your arsenal.

Once an RDP session is initiated through Remote Support, you also have the ability to transfer or share those sessions with other remote support technicians, even those running the Mac, Linux version, Android, or iOS version of the Remote Support Technician Console. RDP, I’d like you to meet collaboration. This has been a long time coming.

Next Steps for Securing your RDP and Privileged Access

With BeyondTrust’s RDP Integration, it’s easy to provide details on who accessed what Windows machine, when it occurred, what they accessed, and how long they were connected while using RDP. Our solutions simplify your path to compliance by providing comprehensive audit trails, session forensics, and other rich reporting features.

For a deeper dive into the security risks of RDP and how to address them with privileged access management, check out the on-demand webinar RDP: Privileged Access’ Worst Enemy, with Nick Cavalancia of TechVangelishm.

And, if you’d like to better understand how BeyondTrust can help you secure RDP as well as address other remote access and privileged access challenges, contact us today.

Photograph of Julissa Caraballo

Julissa Caraballo, Product Marketing Manager

Julissa Caraballo is a Product Marketing Manager at BeyondTrust. She has over 10 years of experience in software product marketing and lead generation. Previously, Julissa worked as a Marketing Director for a medical management software company. She holds a BA in Business Administration/Marketing and a MBA in Healthcare Management. Her certifications include, Certified Digital Marketing Manager, Pragmatic Marketing Certified and Certified Medical Practice Executive. She can be found on LinkedIn and all social media platforms.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Microsoft Vulnerabilities Report 2021

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.