Center for Internet Security (CIS) releases remote desktop protocol guide

The Long and Winding Road to Cyber Recovery

December 7, 2020

With telecommuting and remote work on the rise as a result of the COVID-19 pandemic, Remote Desktop Protocol (RDP) usage has drastically increased. RDP allows end-users to connect to organizational systems remotely, ultimately increasing productivity and reducing the need to purchase additional hardware to support those who may work both in the office and at home. While the benefits are plenty, the increased usage has also resulted in an increase in the number of targeted attacks to poorly secured network protocols and services. To combat commonly exploited protocols, the Center for Internet Security, Inc. (CIS) has released guidance to help organizations mitigate these risks to protect and defend against the most pervasive cyber threats faced today that can be exploited through RDP.

CIS’s guide, Exploited Protocols: Remote Desktop Protocol, leverages best practices from the CIS Controls and secure configuration recommendations from the CIS Benchmarks to help organizations secure their RDP from attacks. Each section provides a high-level overview of the direct mitigation for securing RDP, followed by applicable CIS Controls and CIS Benchmarks. The CIS Controls include, and are ordered by their respective mapping to the NIST Cybersecurity Framework (NIST CSF).

“Remote environments have always been a desired target for attackers to conduct a cyberattack, and COVID-19 has increased that attack surface,” said Curtis Dukes, CIS Executive Vice President & General Manager, Security Best Practices. “The purpose of the CIS guide is to provide an overview of what RDP is, the attacks associated with this protocol, and how an organization can best protect itself against an RDP-based attack.”

Exploited Protocols: Remote Desktop Protocol addresses basic cyber hygiene and is intended to assist organizations that would like to start using RDP, or those already implementing it, secure their systems via a few low-cost, or no-cost mitigations. These are just a few of the most important recommendations for any organization using RDP:

Place RDP-enabled systems behind a Remote Desktop Gateway (RDG) or virtual private network (VPN)
Update and patch software that uses RDP
Limit access to RDP by internet protocol (IP) and port
Use complex, unique passwords for RDP-enabled accounts
Implement a session lockout for RDP-enabled accounts
Disconnect idle RDP sessions
Secure Remote Desktop Session host

RDP-based attacks can flourish not because their targets lack the most expensive software or applications, but rather because they lack basic cyber hygiene. The CIS Controls and CIS Benchmarks included in Exploited Protocols: Remote Desktop Protocol can help organizations effectively strengthen their basic cyber hygiene, and help protect against RDP-based attacks.

How can you advance your career in the security industry with the skills and competencies necessary to benefit your organization? What will the security executive and the security function of the future look like? Join us as we hear from veterans in the security industry about their experiences, their lessons learned, and best practices for advancing their careers.

Security measures today tend to focus on controlling access, albeit with limitations. Many organizations, for example, know how many people have entered a secure location, but not how many have left.

Center for Internet Security (CIS) releases remote desktop protocol guide

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

Center for Internet Security (CIS) releases remote desktop protocol guide

Related Articles

Related Products

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.