Secure Remote Desktop (RDP) Access

Potential Risks without Secure Remote Desktop

How Secure is Your RDP/RDS Access To Critical Server(s) or Workstations? How easy is it to find open port 3389 on the internet? Not even changing the port is enough to prevent malicious attempts. The FBI recommends 11-Best Practices to secure RDP/RDS access. Rapid7 reports millions of Remote Desktop ports exposed.

It certainly is challenging to configure RDS on a server securely for internal access let alone external and install and configure the different roles. We have an easier solution to secure RDP/RDS and implement it in minutes and it meets and exceeds the FBI Best Practices.

End User:

  • No MFA / 2-step Verification
  • Unsecure TCP ports connections

Customer Infrastructure:

  • AD exposed to password cracking
  • No Identity Management risk detection
  • Firewalls exposed to port scanning
  • Firewalls exposed to DDoS attacks
  • VPN Gateway exposed to password hacking
  • No vulnerability scanning
  • No Intrusion Detection / Prevention
  • No geo-location IP blocking
  • Locked-out accounts

RDP-S³ simplifies corporate-wide access to Enterprise Workspaces that are based on Microsoft Remote Desktop Services (RDS).

RDP- S³ includes fully-integrated security and cloud scalability and can be implemented in minutes

RDP- S³ Security & Compliance Details

Azure Hosting Facility Compliance

Encryption

  • Encrypted traffic
  • Transparent Data Encryption (TDE)
  • HTTP Strict Transport Security
  • Automatic HTTPS rewrites
  • Enforce Modern TLS (1.2 & 1.3)

Threat Prevention and Management

  • Vulnerability scanning
  • Database threat detection
  • Database vulnerability assessments

Network Security

  • DDoS mitigation
  • Network and IP abstraction
  • Firewalls
  • Virtual Network isolation

Authentication

  • Mandatory MFA
  • No passwords stored in our database
  • Proprietary AD anti-hacking features

Fraud Prevention

  • Identity Management risk detection
  • Multi-factor authentication
  • Suspicious login monitoring
  • Geo-IP blocking

Application & Platform Security

  • Hosted on Microsoft Azure Platforms
  • Transparent Data Encryption (TDE) on databases
  • No passwords stored in our database
  • Role-based application security
  • User level encryption of sensitive data
  • Session time-out functionality

Other Security Considerations

  • We host all systems in the United States on Microsoft Azure
  • We are incorporated and headquartered in the United States
  • We are governed by the laws of the United States

Application-Specific Compliance Information

  • PCI Compliance – We do not store customer credit cards or financial information in our database. We use a third-party provider for credit card processing. We securely transmit data to our PCI compliant payment provider via Point-to-Point Encryption (P2PE).
  • HIPAA Compliance – Neither our product, nor any single product, can help an organization achieve HIPAA compliance, however, our product can help an organization improve their HIPAA compliance by improving the security around remote access to healthcare information.
  • GDPR – We are committed to compliance with EU General Data Protection Regulation (GDPR) where applicable.