One of our Zero Cost Security Improvement tips is to eliminate Remote Desktop Protocol (RDP) vulnerabilities. While we encourage first setting up a policy in your organization to prohibit RDP in the first place, we do want to share how you can verify on your own if you have RDP open on your network.
This recommended improvement might seem a little technical, but it’s just a two-step process:
Step 1: If you have any company servers, have someone in your business log into them and identify the IP address for each server (it will be the “IPv4” address that looks like xxx.xxx.xxx.xxx).
Step 2: Armed with the IP address(es) you collected in Step 1, go to a network scanning tool like this one and enter in the IP address(es). If they show up as having TCP port 3389 in the report, then you have RDP running on your network.
If you discover you have RDP running, typically it’s not as simple as just disabling or blocking access. Someone in your organization likely set it up at some point for a reason, and it might be tied to some important business process. Before disabling RDP, you need to contact an IT partner like Net Friends or your preferred IT support person to examine the situation and what systems or processes might be using RDP. Additionally, you will not want to stop RDP services only to find out that the next time your server restarts, RDP starts back up again.
Any IT expert at Net Friends can help you fully and securely shut down RDP without disrupting your critical business workflows. Contact us if you are interested in partnering with Net Friends to secure your business and your reputation.