Background
Running Remote Desktop Protocols (RDP) open to the Internet has become a significant threat to campus and RDP access must be secured according to the “How can I secure my remote connection” section below. The Information Security Office will notify users through our ticketing system upon detection of RDP open to the Internet.
Who is affected:
-
People using personally-managed or -owned computers and who have no restrictions for remote access to the campus computer they are connecting to.
Who is not affected:
-
People using a university-managed Windows machine. How to tell if you have a managed machine
-
People using restricted access/secure connection protocols for connecting to virtual computers in the data center.
-
Sys Admins who have already configured MFA, Firewall restrictions, or other access security should not receive alerts.
How can I secure my remote connection:
Users running RDP open to the Internet will be notified through our ticketing system and will be given a window of time to do one of the following:
- Configure the service to use the Campus RDP Gateway servers
- Restrict RDP to Campus and use the Campus VPN
- Disable the service
- Apply for a Minimum Security Standard Exception
Additional Resources:
Campus VPN IP ranges:
How to secure RDP for Admin:
How to configure Microsoft Remote Desktop Connection for Mac:
- Contact IT Client Services if you are supported by ITCS, or your local IT Department.
- If you are not supported, this article can help guide you through set-up with one caveat: the gateway should be set to: gateway.berkeley.edu https://www.techrepublic.com/article/pro-tip-remote-desktop-on-mac-what-...
If you have questions on this process change, please contact: iso@berkeley.edu
If you need assistance with the Gateway Services contact: win-ticket@berkeley.edu