WYNTK: Securing Remote Access

Steps:

Ensure account lockout enabled (Active Directory, Jump Cloud) after 'x' attempts
Enable Remote Desktop but restrict users
(Optional) Restrict user permissions on desktop (no admin rights)
Install, configure, and mandate Duo for Remote Access (or all logins, UAC, etc)
Install, configure RDPGuard (spank IP addresses) - or -
Port forward 65xxx to 3389 - direct to 192.168.yyy.xxx
(Optional) Restrict IP access to known networks - or -
(Optional) NordVPN Teams with dedicated server and whitelist NordVPN dedicated IP
Configure Pulseway to monitor RDPGuard service
Use TSPrint for remote printing
Use LucidLink for file storage (NAS) and send/receive scans

No results found