It opens up a vulnerability in your work’s network if you don’t configure the firewall and vpn correctly.
Most companies use VPN for remote workers. Make sure you are configuring everything correctly and you will be fine
Its not a terrible idea because it would actually work, if you have adequate passwords or certificates to authenticate it could be secure also. You need to get a grip and honestly so do the people marking me down, it is a security risk and I said that, but so are lots of things, opening RDP doesn’t mean your machine automatically is hacked, you need adequate passwords or certificates in place of course
You don’t need to pay over the odds for a managed service provider for simply remotely accessing a service
Do not follow this person’s advice. You should NEVER open port 3389 to the internet.
Any solution that you put in place comes with risk, you are going to be punching a hole in your firewall so that you can work remotely and the business decision needs to be made whether this exposure is warranted.
There are proper ways of getting this done that will minimize risk involved, if you don’t know what you are doing and the business sees value in this implementation, then outsource a solution and let a professional set this up for you.
Got it, I’ll look into this.
Thanks again for the advice. I’ll go try and do that.
https://www.cybereason.com/blog/what-are-the-most-common-attack-vectors-for-ransomware
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=rdp+windows
Just because it can work doesn’t mean it’s a good idea. A company that doesn’t have an IT department most likely won’t have proper measures to ensure password complexity, certificates, or two-factor authentication. Within hours of opening RDP, login attempts will be attempted and brute-force attacks will likely happen. Due to the history of RDP and many vulnerabilities that protocol has had, certain security methods could be bypassed.
Opening direct RDP to the Internet is much more risky than other remote access methods that have been posted in this thread. Spending a little money on an MSP to do something correctly is worth it compared to a ransomware’d PC or network that could impact their ability to conduct business for weeks at a time.
Dude c’mon, this is terrible advice.
Thanks for heads up. I’ll make sure that I consult a network engineer before I even touch anything.