If you use Remote Desktop Connection that does not require a secure VPN connection first, contact us immediately to close this vulnerability to your network. We are notifying all our clients to stop the use of any Remote Desktop Connection that doesn’t first require a secure VPN. Our industry is seeing a dramatic increase in successful attacks on Remote Desktop Connections, even the ones using obscure ports.
When company issued equipment that is managed and monitored is being used to connect remotely, the recommended solution is to use an SSL/VPN connection to the company firewall, then a Remote Desktop Connection can be made safely.
When a connection is needed from a personal or home computer that is not managed or monitored, then the recommended solution is to install a third-party remote software like: LogMeIn; TeamViewer or GoToMyPC.
We do not recommend an SSL/VPN be used to connect home equipment to the business network, as this would expose the business network to any malicious software or malware that might exist on the unmanaged home PC.
This vulnerability has to be closed in the company firewall in order to protect the network, simply “not using” the connection does nothing to stop others from exploiting the vulnerability.
Contact Heritage as soon as possible to aid in protecting your network.
