Why RDP/RDS is not enough loughtecJuly 3, 2017Blog: IT support | Virtual Desktop | Cyber Security- Loughtec: NI / ROI / UK Contemporary companies need to provide access to their employees from anywhere: from home, on vacation, from a customer’s office or on the road. Employees need access that’s easy, fast, reliable and available from anywhere. On the other hand, management wants it to be secure, controlled, scalable and cost effective. If you’re just starting your research into possible solutions, you have probably come across what seems to be the most cost effective solution: Microsoft Remote Desktop access (RDP). While it’s true that a basic RDP setup is essentially free (or extremely inexpensive), chances are it won’t cover all your bases. Shortcomings of RDP The first issue you’ll encounter with RDP is the difficult deployment process. Assuming you’ll be providing remote access for more than a handful of individuals, it can take hours to install the various RDS server roles, applications and components. There are a lot of parameters to configure, which will require an expert in virtualization concepts. Deployment may well be beyond the capabilities of your current IT department. Moreover, you’ll need to install and configure an additional component in order to publish applications (once again, a lengthy procedure). Security is one of the biggest concerns of companies moving over to remote access. Sure, you can use a standard RD Gateway or VPN for security, but either option amounts to yet another component that must be installed and configured. Moreover, even the simpler, “browser-based” SSL VPN option it is not ultimately hassle-free, as it often requires the addition of a plugin or add-on like Java to do the job. Aside from the inherent risk of enabling the notoriously insecure browser plugin, this solution tends to be a burden on the IT department in the long-term. Help desks are inundated with requests for assistance with performing Java updates or complaints from employees whose browser or OS is blocking Java altogether. Speaking of the user’s OS—while there are RDP clients available nowadays for pretty much any device your users choose to work from, each device platform and OS comes with its own quirks and limitations. And not every employee is technical enough—or patient enough—to install, configure and maintain the necessary components that enable them to connect to their applications and desktops from their device. Thus, it can be extremely time-consuming for IT and help desk staff to address the variability in client devices inherent in today’s “BYOD” work environments. Microsoft’s RDP solution is also missing important management and reporting features such as resource usage monitoring, as well as fine grained user permissions for functionality such as clipboard functions (cut and paste), file downloads and remote printing. And features like high availability and TS load balancing typically require extra add-ons to reach a satisfactory level of performance. This makes a Microsoft-only solution extremely difficult to manage – or to scale up as needed. Due to these and other shortcomings, it’s no longer so clear that Microsoft RDP alone is truly cost effective for your business. In fact, it may be downright impractical. There are a number of alternative remote access solutions on the market, but it can be hard to know how to choose the right one for your business. Crucial Features for Remote Access Before you decide on a specific solution, take a good look at what each system offers. These are the crucial features for remote access in a business setting: Available on any device with a browser – Employees may be accessing applications from a variety of devices, including laptops, tablets, smartphones and home computers. Their remote access should be not limited to a specific platform and should encompass Macs, iPads, Chromebooks and more. Even locked down hotel computers should be able to connect to the applications an employee needs to do his job properly. No client installation or maintenance required – Your IT department has enough on its plate without having to spend extra hours installing and configuring remote access and VPN clients and plug-ins. And your help desk is busy enough without having to assist users with software updates and issues caused by RDP client installations. A solution that doesn’t require any client-side installation or maintenance may look more expensive at the outlay, but will be much more cost effective in the long run. Easy to use – If any of your employees are not very technical, you’ll need a solution that is easy to set up and run immediately, without any prior installation and configuration, or a long learning curve. Remote access should not be a burden to employees; it should be a tool that increases productivity as well as employee satisfaction. Built-in security – A good remote access solution will allow you to use your own IPsec or SSL VPN for security and also offer a security component of its own, so you can choose which you prefer to use. You should not have to install or configure client-side software, plugins or add-ons for secure remote access, as these pose an unnecessary burden for your IT department and make it harder for employees to comply with corporate security requirements. Monitoring and reporting features – Companies need the ability to monitor company-wide resource usage from a single central management system, and issue corresponding BI reports. A system that monitors usage will let you keep an eye on who is accessing which tools, and when they are doing so. This allows you to keep track of which applications are being widely used by your employees and which are not, facilitates troubleshooting and provides insight into any unexpected or suspicious looking activity. Knowledge is power, and your remote access solution should give you as much power as possible. Control – You may not want every employee to have the same access privileges. You’ll want to choose a remote access solution that lets you decide who will have access to what resources, and what they will be able to do with those resources. For instance, you may not want to allow all employees the ability to copy/paste sensitive data. You may want to limit downloading and printing capabilities in order to protect customer or company information. On the other hand, senior management may need the ability to save this data, so you should be able to assign different user roles to different people. Easily scalable – A Microsoft RDP solution that requires you to use many servers is less efficient and cost effective than a remote access solution that can handle the same workload using fewer servers. The latter is clearly going to provide a more scalable solution as well, ensuring that your remote access implementation can grow as large your organization does, with minimal hassle. Moreover, a solution with multi-site support will ensure that you can manage different server farms in different physical locations from a single admin console, for a truly enterprise-grade IT administrator experience. One end-to-end solution – You don’t want to have to deal with multiple vendors, multiple server-side installations and multiple admin consoles to set up and run remote access. Look for a solution that covers everything with one enterprise-wide admin console – ideally one that is also web-based, for added simplicity. Connect is just such an end-to-end solution, providing secure remote access that is fast, seamless, easy to use and extremely scaleable. It provides an excellent user experience and all of the management and monitoring features you’re likely to need in one convenient package, at a price point that more organisations can afford. Contact Loughtec for more information on how Connect can propel your business forward.