Secure remote desktop connection

I am hired to secure remote desktop connection as they are using a new application ( which uses remote desktop connection. How to secure the connection to the application which uses RDP?. They are using this application from external network as well.
LVL 32
MASEE Solution Guide - Technical Dept HeadAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
Locally Remote Desktop Connection is secure already. You could do the following:

1. Always have it ask for credentials.
2. Check the Printer resource to see if you need it.

Remote connections should be done via Secure VPN.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MASEE Solution Guide - Technical Dept HeadAuthor Commented:
Many thanks for your reply

-->1. Always have it ask for credentials.
This is an application running from inside and outside.

-->Remote connections should be done via Secure VPN.
You mean connect by VPN and open app?
JohnBusiness Consultant (Owner)Commented:
VPN is the best way to connect remotely
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

MASEE Solution Guide - Technical Dept HeadAuthor Commented:
These are users. They are technically poor.
JohnBusiness Consultant (Owner)Commented:
Normally true but Remote Desktop Connection depends upon the security of the connection. It does not secure the connection
btanExec ConsultantCommented:
Certificate - It uses LetsEncrypt (free and starting with v9.20) which are valid for 90 days. May consider own CA or 3rd party CA like GoDaddy or DigiCert. Nonetheless, TSPlus should renew the certificate automatically every 60 days. Do check every 60-70 days that your certificate has been automatically renewed.

HTTPS - Avoid using self signed. Best to use own CA or reputable one. Minimally 2048 RSA, possibly go for EC (prime256v1, secp384r1).  Also for SSL cipher selection, make sure "Disable weak ciphers" is done. Can verify on the SSL cipher using SSLtest (server)

Connection restriction - It get more business need centric. For example, restrict the user connections to specific time ranges in a week. But more for if they have no AD (central policy) and instead using local user policy then use the provided local feature. Not really a must though but is a safeguard to reduce exposure.

Strong Authentication - Consider 2FA. TSplus has partnership with SAASPASS. Install the SAASPASS mobile application or Desktop client.The SAASPASS-TSplus integration is stated here.
MASEE Solution Guide - Technical Dept HeadAuthor Commented:
is there any other solution other than VPN?
btanExec ConsultantCommented:
Something like splashtop (rather similar to Logmein approach but supposed to be faster). There is a Splashtop Personal is for non-commercial use only, to access a maximum of 5 computers.
JohnBusiness Consultant (Owner)Commented:
I thought of that, but most of these require a person at the other end to accept the secure connection. VPN allow me to connect and work without anyone at the other end.
btanExec ConsultantCommented:
For author advice
btanExec ConsultantCommented:
No further input received
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Applications

From novice to tech pro — start learning today.