Secure remote desktop connection

I am hired to secure remote desktop connection as they are using a new application (https://www.tsplus.net/) which uses remote desktop connection. How to secure the connection to the application which uses RDP?. They are using this application from external network as well.
LVL 30
MAS (MVE)EE Solution Guide - Technical Dept HeadAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
Locally Remote Desktop Connection is secure already. You could do the following:

1. Always have it ask for credentials.
2. Check the Printer resource to see if you need it.

Remote connections should be done via Secure VPN.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MAS (MVE)EE Solution Guide - Technical Dept HeadAuthor Commented:
Many thanks for your reply

-->1. Always have it ask for credentials.  https://www.tsplus.net/
This is an application running from inside and outside.

-->Remote connections should be done via Secure VPN.
You mean connect by VPN and open app?
0
JohnBusiness Consultant (Owner)Commented:
VPN is the best way to connect remotely
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

MAS (MVE)EE Solution Guide - Technical Dept HeadAuthor Commented:
These are users. They are technically poor.
0
JohnBusiness Consultant (Owner)Commented:
Normally true but Remote Desktop Connection depends upon the security of the connection. It does not secure the connection
0
btanExec ConsultantCommented:
Certificate - It uses LetsEncrypt (free and starting with v9.20) which are valid for 90 days. May consider own CA or 3rd party CA like GoDaddy or DigiCert. Nonetheless, TSPlus should renew the certificate automatically every 60 days. Do check every 60-70 days that your certificate has been automatically renewed.

HTTPS - Avoid using self signed. Best to use own CA or reputable one. Minimally 2048 RSA, possibly go for EC (prime256v1, secp384r1).  Also for SSL cipher selection, make sure "Disable weak ciphers" is done. Can verify on the SSL cipher using SSLtest (server)

Connection restriction - It get more business need centric. For example, restrict the user connections to specific time ranges in a week. But more for if they have no AD (central policy) and instead using local user policy then use the provided local feature. Not really a must though but is a safeguard to reduce exposure.

Strong Authentication - Consider 2FA. TSplus has partnership with SAASPASS. Install the SAASPASS mobile application or Desktop client.The SAASPASS-TSplus integration is stated here.
0
MAS (MVE)EE Solution Guide - Technical Dept HeadAuthor Commented:
is there any other solution other than VPN?
0
btanExec ConsultantCommented:
Something like splashtop (rather similar to Logmein approach but supposed to be faster). There is a Splashtop Personal is for non-commercial use only, to access a maximum of 5 computers.
https://www.splashtop.com/business
0
JohnBusiness Consultant (Owner)Commented:
I thought of that, but most of these require a person at the other end to accept the secure connection. VPN allow me to connect and work without anyone at the other end.
0
btanExec ConsultantCommented:
For author advice
0
btanExec ConsultantCommented:
No further input received
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Applications

From novice to tech pro — start learning today.