I’m wondering what the best Security practices are when using remote desktop applications. What measures would you implement when using tools like AnyDesk and RemotePC. These tools allow any one with a username and password to access remote computers via the internet. Perhaps these tools should only be open to the LAN so VPN is required to connect.
To emphasize my point we are seeing a lot of activity ever since using RemotePC.
The blocked entries would just be from the remotepc app. If you’re wanting it to work from outside your network you would need to add the domain to your whitelist.
Of course any remote access is a potential risk. It can be mitigated by things like 2fa as Victor mentioned. Also using strong passwords. TeamViewer seems to get attacked a lot and there are many reports of account being compromised.
My personal favourite options are Tailscale with RDP (much simpler than having to configure a traditional VPN) and Chrome Remote Desktop because it’s protected by a Google account which is much harder to compromise.