What is RDP?

How secure is RDP? Is it still a good way for remote workers to connect to desktops?

RDP (Remote Desktop Protocol) is a network communications protocol developed by Microsoft, which allows users to connect to another computer from a remote location. It is an extension of the T.120 point-to-point communication protocols, which are standardized by the ITU (International Telecommunications Union).

RDP provides a graphical interface for remotely connecting one computer to another. To use RDP, the user originating the RDP connection request must be using a computer that has RDP client software installed and operating. The computer that the user is trying to access must be running RDP server software, which allows the client to connect remotely. Once connected, the user originating the request will be able to see the desktop of the computer to which they are connecting through RDP and access apps and data on that desktop.

Remote Desktop Protocol (RDP) Basics

The most broadly known RDP client software is the one provided by Microsoft, which is currently called “Remote Desktop Connection”. It was previously called “Terminal Services Client”, a name that may still be found in some older resources on the subject.

Once a device has client software that uses RDP installed, a user can connect to any computer that runs Windows or another compatible operating system. For instance, if you want to access your PC from a laptop or other device, you can connect to the remote PC using RDP, view the content from the remote display on your local screen, and interact with it as if you were working locally on that machine.

All current Windows operating systems, including Windows desktop and Windows server versions, come with a built-in RDP server for remote desktop connection. Many non-Microsoft RDP clients and RDP servers are available as well. Common operating systems that include RDP, in addition to Windows, include Linux, Unix, Mac, iOS, Android, and others. An open-source client called “rdesktop”, which is run through the command line, is available as well. Numerous graphical user interface clients are available that are built on top of the functionality provided by rdesktop.

In addition to being used to access computers that are located remotely, Microsoft uses RDP in its Azure cloud-computing solution to serve virtual computers to users.

Learn About Zero Trust Remote Desktop Access


How RDP Works

RDP transmits screen information from the remote terminal server to the client, and sends keyboard and mouse inputs from the client to the remote server. Communications between the client and the terminal server are highly asymmetric: A lot of data flows from the server to the client, while relatively little flows from the client to the server. This is because a much greater volume of data is required to represent the graphical screen information than is needed to describe keyboard and mouse inputs.

RDP relies on the X.224 protocol to set up the connection between the two devices, T.125 MCS to enable multiple channels and TPKT to enable the exchange of information units.

Remote Desktop Use Cases


When you travel for business or go on vacation, sometimes you will need access to your workplace computer. Using Remote Desktop Protocol makes it very easy for you to work from anywhere in the world.

System Admins

Remote Desktop Protocol allows you to perform administrative tasks such as PC tune up, computer troubleshooting, ID protection settings, software installation, printer set-up, and email set-up, as well as virus and spyware removal. Using RDP, software technicians and technical support agents can provide maintenance for a computer from afar.


You can easily use Remote Desktop Protocol for demonstrations of processes or software applications that are usually accessible only from your office. With RDP you can access the data from any private device. This means you can prepare the demonstration on your office computer, and display it on another device elsewhere, such as in a conference room, or in a client’s offices.

Computing power

With RDP you can access a powerful workstation in the office using a much less capable machine from home, or on the road.

Security Vulnerabilities

For many organizations, RDP is the default method of remote desktop access since it’s built into Windows. However, it has many known security issues. These vulnerabilities, combined with RDP’s huge user base, make it a popular target for hackers. RDP’s use in Microsoft’s cloud computing solution makes it even more attractive to cybercriminals looking to exploit vulnerabilities.

Open ports like those used in RDP are an attractive target for cybercriminals. Users often either reuse passwords or choose simple, easy to remember passwords that are also easy break with a brute force attack. The increased use of RDP associated with the pandemic-driven increases in remote work resulted in a huge increase in cyberattacks targeting RDP ports.

RDP attacks in 2021 have persisted at near record levels. New vulnerabilities continue to be discovered several times a year. These are just a few of the major known vulnerabilities in earlier RDP versions:

  • In May 2019 a patch was released to fix a major vulnerability known as “BlueKeep” which allowed for the possibility of remote code execution. According to Microsoft, the vulnerability was “wormable,” meaning it could be self-propagating, which could cause widespread problems.
  • Version 6.1 can reveal all the usernames and pictures of users on RDP servers.
  • In March 2012 a vulnerability that was fixed with a critical security update could have allowed computers to be compromised by worms and unauthenticated clients.
  • Version 5.2 was vulnerable to “man-in-the-middle” attacks, where a hacker can eavesdrop on or hijack sessions.


Remote Desktop Access That's Simple and Secure


Can RDP Be Secured?

Security experts recommend that users and admins take the following precautions to increase the security of their RDP use:

  • Follow strong password protocols, enable multi-factor authorization, and put lock-out policies in place to block brute force attacks.
  • Put RDP ports behind a firewall that can only be accessed using a VPN.
  • Don’t allow RDP to be used for administrator accounts.
  • Whitelist specific trusted hosts.
  • When RDP is not being used, secure the ports it uses.
  • Enable automatic updates for the client/server software you are using so that you can be sure you always have the latest version, in which known security vulnerabilities are fixed.

The best option for keeping RDP secure, however, is to not use RDP at all. Instead, switch to a different remote desktop connection mechanism that is inherently more secure.

Should VPNs Replace RDP?

Virtual Private Networks (VPNs) and remote desktops (whether using RDP or other connection mechanisms) are different ways to access computing resources remotely.

VPNs create a private network that connects via the internet. It provides a network connection that allows a computer in a remote location to access resources on the local network just as if it was in the office and connected via the physical network. The user can access files, programs, printers, and servers that are on the LAN.

A remote desktop provides a link between a remote device and an individual physical computer in another locations, such as the office. It allows the user to operate the remote computer as if they were sitting in the office. As such, if the remote computer is connected to the office LAN, the user could similarly access resources accessible to the in-office desktop.

One advantage of a remote desktop connection is the computing power is all on the machine in the office. A simple device such as a Chromebook can be used by a remote user to work on a powerful workstation located in the office. With a VPN, the computing is generally done on the local device, so it may need more capabilities.

As mentioned above, RDP is also used to access “virtual machines” that function similar to a desktop computer, but they are run on a server, not on a physical machine. RDP is used to access virtual machines on Microsoft’s Azure cloud service.

As is the case for RDP, there are security issues with VPNs, as demonstrated by a 2000% rise in cyberattacks on VPNs in the wake of the move to hybrid work environments because of COVID. VPNs are notorious prone to vulnerabilities and users who don’t update their software promptly may be subject to attack. VPNs also expose network IP address to the internet, and attackers can often succeed in breaching VPNs with stolen credentials or brute force attacks. As with RDP, once a hacker has penetrated the network, they can move laterally throughout.

Learn About Ericom Connect


Alternatives to RDP

More secure alternative remote access methods allow access to and use of remote desktops without relying on the RDP protocol. Look for a solution that supports multi-factor authentication (MFA) as well as security features including role-based administration, group-level access and policy management, and SSO support (SAML and oAuth), and which fully encrypts traffic between clients and terminal servers, even across public networks.

For a Zero Trust approach to network security, a Secure Access Service Edge (SASE) platform should provide secure remote desktop access as well as access to apps and other resources.

SASE typically bundles Zero Trust technologies such as Zero Trust Network Access (ZTNA), a Secure Web Gateway (SWG) with Remote Browser Isolation (RBI) capabilities, state of the art Identity and Access Management (IAM), and microsegmentation, which compartmentalizes access to resources, limiting the damage in the event a breach did occur.

Remote users should be authenticated using Identity & Access Management. Once authenticated, their access should be limited to only their own in-office desktop and network-connected applications and devices that they are explicitly authorized to use. Cloud-based microsegmentation should be in place to reinforce policy-based access limitations.

A robust remote desktop access solution should include Intrusion Prevention (IPS) and network monitoring since desktops are a favorite access point for hackers and criminals. The solution should also integrate with a secure web gateway (SWG) and remote browser isolation (RBI) since remote users might access the internet via either their local browser or the one on their desktop.

Do you have more questions about how to provide simple, secure remote desktop access for your users? Email our experts.

Read these related blog posts

Moving to a Zero Trust isolation-based security approach is faster and easier than you think.

Get a 1:1 Demo