/
Securing RDP (Remote Desktop Protocol)

Securing RDP (Remote Desktop Protocol)

Owned by Former user (Deleted)
Last updated: Apr 05, 2024 by Jase T. English
2 min read

Securing RDP (Remote Desktop Protocol)

Hello IT Admin, 

CUIT has contacted IT Leaders around campus about reducing our RDP (Remote Desktop Protocol) exposure due to the increased activity of ransomware attacks. The CUIT Cybersecurity team is reaching out because you have been identified as a system administrator for your department. Our security monitoring has discovered machines under your ownership which has RDP open to the Internet. Attached is the list of hosts which require remediation. 

Leaving RDP vulnerable from the Internet puts the University at risk for potential ransomware attacks. CUIT is providing recommendations to restrict the RDP protocol to Columbia-owned networks only. Using the Windows built-in Firewall, an IP restriction should be implemented on Port 3389. It is also recommended to review all inbound configuration rules to implement the most restrictive configuration as possible. 

We understand that RDP is the primary way some users remotely interact with their campus desktops and servers. In order to balance security and function, we are requesting that you enforce the use of VPN for RDP connections. This provides a level of security with Duo multifactor authentication and reduces our attack surface. Information and user guides on the VPN are available on the CUIT website.



If you need assistance on how to configure the Windows Firewall, the Microsoft support site has detailed instructions

Overview of Recommendation 

  • Enable and configure the Windows firewall

  • Restrict the RDP Port to only CU IP addresses, deny the rest

  •  

    • Double-check your range restrictions before moving changes to production

  • Use the VPN first, then RDP to continue management of desktops or servers

  • Always test your configuration before implementing in production 

  • If your department does not have an anti-malware deployment please review the Malwarebytes webpage, this is another proactive security measure to prevent ransomware

  • Please direct any questions to cybersec@columbia.edu 


Thank you,
CUIT Cybersecurity

Related content

Securing SSH
Securing SSH
CUIT CyberSecurity
More like this
Configure your PC - Windows 10
Configure your PC - Windows 10
CLS IT Support Public
More like this
Configure your PC - Windows 11
Configure your PC - Windows 11
CLS IT Support Public
More like this
Remote Access Utilities
Remote Access Utilities
CUIT Desktop Support
More like this
Ensure that RDP access is restricted from the internet
Ensure that RDP access is restricted from the internet
CUIT CyberSecurity
More like this
Zuckerman Institute Research Computing: Computer and Data Security
Zuckerman Institute Research Computing: Computer and Data Security
Zuckerman Institute
More like this