I have a client getting ready to deploy new retail POS system for three store locations. The POS software is installed on an Dell server running Microsoft 2012 standard. The server will be located at main store. The other two locations will connect via RDC software already purchased from Microsoft. It appears that out of the box the users that remote into the server have full access to everything on the server. What would be the best way to limit access to other parts of the server other than the POS software? Thank you in advance for giving feedback on this question.