I have several clients that have open ports for Remote Desktop access to various servers/workstations within their network from the OUTSIDE. They enjoy the ease of accessing their information when needed and really don't want to change anything. As their IT support staff, I find this extremely disturbing and want at minimum simply change the port RDP is listening on. I also want to employ the use of SSL.
Would this be a secure option or is it more secure to just set up a VPN server instead?
Pros / Cons of each?