What can we help you with?

Supercharged PAM

Combine the best of Session Management and Credential Management solutions at a new, incredible value!

Learn More Learn More

What is BeyondTrust?

Get a closer look inside the BeyondTrust identity & access security arsenal.

Learn More Learn More

Gartner Peer Insights

Find out how customers & analysts alike review BeyondTrust.

Learn More Learn More

Go Beyond Customer & Partner Conference

Our biggest customer conference of the year is happening in Miami and virtually on May 1-5, 2023.

Learn More Learn More

Watch Our Video

Find out more about our integrations.

Learn More Learn More

Leader in Intelligent Identity & Secure Access

Learn how BeyondTrust solutions protect companies from cyber threats.

Learn More Learn More

BlueKeep and DejaBlue shined a spotlight on this issue because cloud-based VMs are the most convenient targets for these exploits. And the number of VMs in the cloud is exploding.

But how should administrators access those VMs without creating major risks? The course of least resistance is to just put those VMs out there and enable SSH/RDP access from the Internet. But that is dangerous.

The “blue” exploits are a great proof of that claim. BlueKeep and DejaBlue permit attackers to break into systems via RDP and gain root level access without any credentials. And two-factor authentication is no protection. With “blue”attacks the game is over before RDP even thinks about checking your password let alone 2FA.

Now of course you can patch (hopefully already) against those attacks but they prove that remote administration protocols are not appropriate for direct exposure to the Internet. And researchers agree there will be more such exploits. Moreover, patches don’t exist when you are targeted with a zero-day attack.

In this webinar, we will look at several different ways to more safely provide admins with SSH/RDP access to VMs in the cloud. Here are a few of the techniques we’ll consider:

Some of these techniques are circuitous and rely on your existing, on-prem remote admin access infrastructure. The techniques are more or less stronger in relation to each other and have different prerequisites. We will compare and contrast them all.

Photograph of Randy Franklin Smith

Randy Franklin Smith, CEO, Monterey Technology Group, Inc. CISA, SSCP, Security MVP

Randy Franklin Smith is an internationally recognized expert on the security and control of Windows and Active Directory security who specializes in Windows and Active Directory security. He performs security reviews for clients ranging from small, privately held firms to Fortune 500 companies, national, and international organizations.