What is Remote Desktop?
Remote Desktop is a service that runs on your Windows workstation that allows you to connect and work as if you were sitting in front of the computer. This gives you access to all services and resources normally available to you while you are at work.
Why is this changing?
We have seen an uptick in brute force attempts at cracking passwords that use Remote Desktop as an attack surface. ITS has been working diligently to improve our security posture and we are now able to provide alternative means to using Remote Desktop without exposing the service to brute force attacks.
What is brute force/password cracking?
Brute force password cracking is simply referring to automated attempts to guess passwords. Remote Desktop forces users to enter their user name and password just like they were logging into their computer. Because of this, malicious actors (hackers) can keep guessing user name and password combinations until one works. There are tools out there that automate this process so that it can be attempted millions of times per day.
How will this affect me?
If you currently use Remote Desktop (or you are interested in using it) you will need to install our new VPN client and connect that before being able to use Remote Desktop. Once you have connected to the VPN service, you can use Remote Desktop exactly as you would before the VPN was required.
Why wasn’t this already in effect?
Due to a limitation of hardware we were using previously, we were unable to offer a VPN client to anyone using a client other than Windows. Though we wanted to improve security, we did not want to prevent users from performing their jobs. With recent changes, we are now able to offer VPN clients to Windows, Mac, Android and IOS users.