What happens when you’re too sick to be in the office or you’re traveling? For small business owners, the work doesn’t stop when the flu strikes or when it’s time to be on the road a while. But how do you access all your work files, software, server, and client data when you’re in a different location so that you can “be at work” without being at work? You could use the built-in RDP (Remote Desktop Protocol) software that comes with your Windows device, if you don’t mind the very real possibility of the connection being open and exposed to a data breach. Or, if you prefer a safer option, you could use a VPN (Virtual Private Network).
At Cyber Solutions, we like to err on the side of caution and strongly suggest that if a connection needs to be made from outside the network, such as when you’re working from home or some other location, then use a VPN. Using RDP can be a fine and powerful solution to use when connecting machines within a network, but never from the outside. So, if you’re looking to connect machines within your network, RDP may be the way to go. But, if you’re looking to connect from the outside, when you are going outside your firewall and using the internet in the outside world, that’s when it gets really risky and you need to stay away from RDP and make sure the default RDP port stays closed.
What is a VPN?
VPN is like an encrypted tunnel that relies on network credentials. It’s about as secure as you can get if you can’t be in the office.
Why shouldn’t I use RDP to connect to my office computer?
Great question! The answer is simple actually and that’s why it’s so risky. Simply put, Microsoft created the RDP port to always be the same, so it’s super easy to use. Which is great for you… the good guy. But also great for the hacker looking to score access to your precious server data and maybe make a few bucks by selling access to your data in a criminal marketplace. Hackers know that they can make bank by selling access to a prime server in a great location, depending on what software you’re running, and a few other determinants. So, medical, legal, or tax businesses would likely be pretty good targets since they’d probably earn the hacker a nice little sum of money in the criminal world. And if a target doesn’t sell, the hacker can always install malware on your server, in the meantime, in an effort to perform a little bit of identity theft on the side.
But how do they get in?
Another great question! With a simple port scan, anyone can find out who has an open RDP port. Free RDP scanning software looks for open ports. Once an open port is identified, it’s only a matter of time. It’s like leaving your garage door open at night, but locking the backdoor using a password. Then the question becomes, how easy is it to guess a password? It’s surprisingly simple. Often people have an admin account called Admin, and a password called password or Admin. And, if it’s not that simple, there are programs that run password algorithms pretty quickly these days. So, with enough computing power, a hacker could be in your system in just a few hours. Hackers also find built in user accounts that are left active and then they brute force the password, which really just means that they use trial and error. That, along with an absence of group policy, almost ensures a breach. Scott Peterson, Service and Security Compliance Manager at Cyber Solutions says, “It’s disgusting how easy it really is. And, it doesn’t take someone who is very skilled to do it. That’s the sad part.”
If working from home or while on the road is something you’re considering for your business, give us a call at Cyber Solutions. We’ll help you set up a VPN, with security measures in place, to keep you as secure as possible. With Cyber Solutions, we’ll help build your virtual tunnel, encrypt the tunnel traffic, and put guards in place at both ends.