androdz.com
Home / News / Make sure you follow these 4 security steps when using remote access apps

Make sure you follow these 4 security steps when using remote access apps

124
man enters two-factor authentication code on smartphone

Remote access apps are great for controlling your computer when you’re not sitting right in front of it. However, remote access apps are often a prime target for hackers, but you can stop their attempts by making a few security tweaks.



1 Enable two-factor authentication for remote access applications

“”>

tete_escape/Shutterstock

Powerful modern computers can crack a seven-character password in seconds. Using a password generator to create strong passphrases increases this time exponentially, making it resistant to a brute force attack.

Unfortunately, having a strong password is no longer enough, as attackers often compromise your credentials in other ways.

  • Persuasive phishing emails
  • Exploit weaknesses in the application’s password security design (VNC and Windows RDP have been notorious for this in the past)
  • Break into servers and steal credentials stored in company databases


There is one easy way make sure you’re not at the mercy of simple password authentication: two-factor authentication (2FA). Many remote access solutions, such as TeamViewer, make it easy to enable 2FA, which can send an email or message to your mobile device to check if Login. The second authentication method makes it much more difficult to crack than using a password alone.

2 Update your remote desktop software regularly

Of course, a password won’t stop attackers if the software itself is vulnerable to exploits. That’s why it’s so important to regularly install security updates for remote software.

Things move fast in the tech world, and if your apps haven’t been updated in over a year, you’re asking for trouble. If you’re still rocking NoMachine 8.02 when 8.14 is already out, the hacker will try any vulnerability listed in the old patch notes.


For peace of mind, enable automatic updates, but if that’s not possible, put it on your to-do list as something you’ll check regularly. This is important.

3 Restrict remote access via Whitelist

But why give bad actors the opportunity to pick the lock when you can remove the door entirely? Many remote access applications primarily allow you to limit who can connect.

You might think that unless you’re a celebrity or a tech giant, nobody’s eyes are on your humble computer. However, attackers regularly use port scans on entire IP blocks to look for easy tags. If you have a remote server exposed to the wider internet, it is not secure through obscurity.


Fortunately, you can use an IP whitelist to check who’s knocking. Remote control apps like AnyDesk let you set which devices you trust, while other remote access apps like Splashtop let you specify which IP addresses you want to recognize.

If you’re whitelisting via IP address, take precautions so you don’t accidentally block yourself.

Your client device may have a dynamic IP address that changes without warning. Suddenly it’s no longer whitelisted and you’re blocked. Here are a few ways to ensure you can edit your whitelist when needed:

  • Use the handy subnet calculator to enter a wider range of subnets to account for places you regularly access from, like your home or office.
  • Have physical access to the remote computer
  • Have web access to the provider’s portal (e.g. logmein.com)


4 Connect to a VPN before using the remote control

\/KT Photography<\/a>\/Shutterstock”>

vpn login woman using laptop
Deni Nandar Sukanwar/KT Stock photos/Shutterstock

If you’re using a public Wi-Fi hotspot—or any network other than your own—to connect to Remote Desktop, your activity isn’t secure. This is because your traffic is routed through someone else’s hardware.

One solution is to connect to a VPN before starting a remote session. VPN provides end-to-end encryption and protects eavesdropping on you. We recommend choosing one from our list of the best VPN services.

For those of you who self-host a server for remote access – such as RealVNC, Windows RDP or Chrome Remote Desktop – there is a better solution. This method allows you to take advantage of VPN’s excellent security standards to block strangers.


Here’s the gist of how to set it up:

  1. Limit your remote access software to only accept connections from your home network (or the network you use) and reject all others.
  2. Set up your own VPN on your home network with WireGuard, Tailscale, or a service built into your router.
  3. If you want remote access, tunnel into your home network by connecting to your VPN. You should now be able to connect to the remote computer as if you were coming from your local network.

The downside to using a VPN is that it usually slows down the stream and requires some setup work. But for some reason it is the gold standard for remote access to corporate and university networks.

By the way, you are not limited to just one technique. By combining several of the above security steps, your remote computer becomes a fortress surrounded by concentric moats.

Comments

Pen clip solid icon : edit at icomaker.