NSA issues cybersecurity guidelines for remote desktop users
Guidelines underscore the importance of selecting a secure service for remote working
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
The number ofcyber attackshas steadily risen in recent months, as more and more businesses adopt work-from-home procedures in an attempt to maintain productivity while respecting quarantine orders and social distancing.
In response to this threat, the US National Security Agency (NSA) has released a series oftelework guidelines, emphasizing the importance of end-to-end encryption and other security measures.
The NSA is not the first to give guidance on dealing with security risks when using remote desktop software. In April,Microsoftposted instructionsfor protecting against cyber attacks when using its Remote Desktop Protocol (RDP), one of the most popular remote access solutions worldwide.
Remote desktop security
The NSA publication offers users criteria for both selecting and using secure remote desktop software. According to the guidelines, the most secure solutions will implement end-to-end encryption with well-tested standards, validate users’ identities through multi-factor authentication, and allow for controlling exactly who connects to collaboration sessions.
Additionally, users should take into consideration the privacy policy and transparency of any remote access tool being used. Businesses will want to double-check whether a vendor’s policy allows for the sale of information to third parties, and whether sensitive information can be securely deleted from its servers.
The NSA’s assessment of popular remote access tools like Cisco Webex, Signal, and Microsoft Teams show that no one service meets all the requirements. The two that come closest, Signal and Wickr, lost points for not having undergone third-party auditing, although both have released their source codes to the public.
Ultimately, businesses will have to decide for themselves which security features are most important, using the NSA guidelines as a starting point.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Christian is a freelance writer and content project manager with 6+ years' experience writing and leading teams in finance and technology for some of the world’s largest online publishers, including TechRadar and Tom’s Guide.
Windows PCs targeted by new malware hitting a vulnerable driver
Dangerous Android banking malware looks to trick victims with fake money transfers
Latest Google Pixel update includes surprise launch of Android 15’s best battery feature
