<div>
I agree that any port open is risky. <br />
<br />
You should not expose RDS to the internet. &nbsp;Setup a VPN and allow your users to connect to that first. &nbsp;Or an Remote Desktop Gateway server. &nbsp;Exposing ANY port to the internet is risky for any reason and it's generally considered safer to allow access through VPN or RD Gateway instead of direct RDS.
</div>


I agree that any port open is risky.

You should not expose RDS to the internet.  Setup a VPN and allow your users to connect to that first.  Or an Remote Desktop Gateway server.  Exposing ANY port to the internet is risky for any reason and it's generally considered safer to allow access through VPN or RD Gateway instead of direct RDS.

<div>
Only if it's directly on the internet. &nbsp;If it's only accessible within your secure, local network you should have no problems.
</div>


Only if it's directly on the internet.  If it's only accessible within your secure, local network you should have no problems.

<div>
what alternatives would you use to RDP 3389 then?
</div>


what alternatives would you use to RDP 3389 then?

<div>
I'll repeat:<br />
Setup a VPN and allow your users to connect to that first. &nbsp;Or an Remote Desktop Gateway server
</div>


I'll repeat:
Setup a VPN and allow your users to connect to that first.  Or an Remote Desktop Gateway server

<div>
<div class="content wysiwyg-content">
Is having port 3389 open on my server 2012 RDP server risky
</div>
</div>


Is having port 3389 open on my server 2012 RDP server risky

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Windows Server 2012

Remote access may refer to the connection to a data-processing system from a remote location, for example through a virtual private network remote desktop software, terminal emulation, or the activation of features of a business telephone system from outside the business's premises.