Operating system security

Remote access security in Windows 10

Greg Belding
September 24, 2019 by
Greg Belding

Introduction

One of the most ubiquitous forms of technology in the business world today is remote access technology. Just like other areas of IT, security for remote access technology is essential to keep attackers at bay and to protect sensitive information and organization network resources. Thankfully, the founding engineers of remote access wove security into this technology as a matter of course. 

This article will provide a high-level look at remote access security in Windows 10 environments. We will specifically address how to configure VPN in Windows 10, using secure protocols in Windows 10 and how to use Microsoft DirectAccess. 

Learn Windows 10 Host Security

Learn Windows 10 Host Security

Build your Windows skills with 13 courses covering Windows registry, services, processes, toolset and more.

What is remote access?

Remote access refers to the ability to remotely access a computer or network through a network connection remotely. A quick Google search will show you that there are countless proprietary solutions for remote access, but you should know that Windows 10 offers some in-built remote access solutions that are worth knowing about. 

Windows 10 features three remote access solutions: Virtual Private Network (VPN), Remote Desktop Protocol (RDP) and Microsoft DirectAccess. 

How to configure VPN

VPNs are near essential in many organizations. They allow users to connect to a private network from outside of the network. VPNs are used for different reasons, including allowing employees to connect to their organizations network from home and hiding internet activity, just to name a few. One of the best things about a VPN is they can turn an insecure connection into a secure one. 

Rumors have circulated for years about VPNs being hard to use — this is false. Premier VPN services make using their service easy, often with just one click (including configuration). Those who want to DIY with a VPN they get from either work, school or a friend will have to manually configure their VPN. This process is actually not that difficult and just takes a minute or two. 

Before you configure your VPN, you will need to determine the protocol to use for your connection. Always use the most secure protocol — if you are performing a VPN configuration on behalf of an organization, check with your organization’s IT administrator regarding which protocol to use.

Using secure protocols in Windows 10

Regarding remote access in Windows 10, the secure protocol we want to discuss is Remote Desktop Protocol, or RDP. RDP allows for remote display and input capabilities for network-connected Windows applications running on a server. 

RDP in Windows 10 uses the RC4 cipher, which is a stream cipher that efficiently encrypts small amounts of information. This encryption can be performed by using either a 56- or 128-bit key. 

Besides the inherent encryption feature offered by RDP, Windows 10 users can configure Network Level Authentication. This will force Windows users to authenticate when using RDP to remotely access a computer. 

The most crucial action to take to use RDP is to enable it in Windows 10. Don’t forget to check the box next to “Require computers to use Network Level Authentication to connect” for extra security.

How to use Microsoft DirectAccess

Microsoft DirectAccess is an interesting approach to remote access that stands apart from VPN, RDP, and other remote access technologies. DirectAccess uses authenticated, auto-initiated and encrypted ESP tunnels when connecting users to network resources. This technology is noted for several solid benefits including being always on and being transparent, bi-directional and (last but not least) secure. 

These benefits are really just symptoms of the end goal of DirectAccess — to provide seamless intranet connectivity to network users. Windows 10 users will find that once DirectAccess is properly set up and configured, their internet connection is automatically secured with DirectAccess. So unless DirectAccess is configured to run upon the opening of an application, DirectAccess will connect automatically as long as the system is connected to the internet. 

It should be noted that Microsoft is moving toward the Always-On VPN approach, with rumors circulating about an approaching end of life (EOL) announcement of DirectAccess. As of 2019, DirectAccess is still being supported by Microsoft.

Learn Windows 10 Host Security

Learn Windows 10 Host Security

Build your Windows skills with 13 courses covering Windows registry, services, processes, toolset and more.

Conclusion

Remote access is an incredibly useful feature of today’s computers that people 50 years ago would have considered fantastical. However, remote access is a viable technology that has security susceptible to compromise, risk and worse. Windows 10 offers different remote access methods for its users, but whichever way you choose, security will be attached to its belt loop.

Sources

  1. Securing Remote Desktop (RDP) for System Administrators, Berkeley Information Security Office
  2. Remote Desktop Protocol, Microsoft
  3. How to enable Remote Desktop on Windows 10, Pureinfotech
  4. Top 5 Reasons To Deploy Windows 10 With DirectAccess, Celestix
Greg Belding
Greg Belding

Greg is a Veteran IT Professional working in the Healthcare field. He enjoys Information Security, creating Information Defensive Strategy, and writing – both as a Cybersecurity Blogger as well as for fun.