Avoid direct remote connections to servers
Remote connections to servers are used for technical interventions on remote machines. They allow off-site teams to effect interventions, but also allow on-site teams to carry out their duties without requiring physical access to secured IT rooms.
Remote connections pose an authentication problem adn to set up your own company hygiene on it, you can work around those questions :
- How do you ensure that the technician is the person they claim to be?
- Is their work station sufficiently secure?
It is also an additional open door for external attacks. Use a VPN and a password and check the access logs.