Now that you’re settling into the new normal of abnormality, it’s time to review the insecurity you might have introduced into your organization in the rush to support a remote workforce. As a recent twitter post from Jake Williams, founder of RenditionSec, noted, we’ve totally changed our networks in the last few weeks, and it’s time to scan for vulnerabilities.
Scan for exposed ports
First, scan Remote Desktop Protocol (RDP) ports that are open to the internet. Use a tool like Nessus to scan your external IP address ranges to review what is now open and needs additional security or review. If you use external scanning tools you may need approval from management as well as your internet service provider.
Ensure that any exposed remote desktop ports are set to respond only to Network Level Authentication (NLA) and preferably are either protected behind Remote Desktop Gateway (and thus only respond over port 443) or protected with two-factor authentication.