Thanks to this feature of Windows, MSP teams can continue to access their office computers even while working from home. But so can hackers.
By now, working from home is no longer being regarded as a temporary phase, as it has become the norm for many employees around the world. This situation has proven particularly challenging for IT teams and MSPs, who need access to the devices they use at the office to conduct their work. For this reason, many have opted to open up RDP on those computers.
What's the issue?
RDP, or Remote Desktop Protocol, is a feature of Windows which when enabled allows a computer to be accessed remotely from another computer. But while RDP can be a true life-saver, it also opens up those office computers to unauthorized access.
In order to gain access to a Windows system with open RDP ports, a hacker would launch a brute force attack, using an automated tool to test out multiple username and password combinations.
If the password is weak or has been used elsewhere before, a hacker could very easily figure it out and gain access to the device, leaving them free to steal data from it or even install malware onto it.
The fact that RDP is used in enterprise environments makes it an attractive target for a hacker, and since it is often used for administrative purposes, compromising one computer can also mean gaining access to several other devices in the network.
What can you do?If you've had to start enabling RDP access on devices within your organization, it is crucial that you set strong and unique passwords for them. This will make the brute force attacks that a hacker might launch on one of these devices significantly less effective.
MYKI for MSPs makes it easy to generate strong passwords, securely store them offline, and easily share them among authorized team members. The MYKI desktop app can then be used to seamlessly autofill those passwords while conducting a remote session, saving you the trouble of copy-pasting your credentials in yourself.
Sign up for MYKI for MSPs today and start taking control of your digital identity.