Control how to access to your servers
Avoid direct remote connections to servers
Remote connections pose an authentication problem and to set up your own company hygiene, you can use these questions as a starting point :
- How do you ensure that the technician is the person they claim to be?
- Is their work station sufficiently secure?
It is also an additional open door for external attacks. Use a VPN and a password and check the access logs.