What is Remote Desktop Protocol (RDP)?

Remote Desktop Protocol (RDP) is a protocol that allows remote access from one computing device to another over a network connection. A proprietary protocol developed by Microsoft, RDP is available on most versions of Windows.

How RDP works

When RDP is set up between two computers, a person on one computing device (such as their laptop, smartphone, or tablet) can access and edit the files and applications of another. 

Two separate apps are required to enable RDP: an RDP server app and an RDP client app. 

The server app needs to be installed on the device you wish to connect to and control, while the client app should be installed on the device you want to control the server from. RDP server apps are available to Windows devices only, while the client apps are available for Windows devices, in addition to most Mac operating systems, Unix, Linux, and Android.

Once RDP is set up, a dedicated network channel is established between the client and the server via TCP (one of the main Internet protocols for most traffic online). All the data sent over this channel, from mouse clicks to the desktop display, are encrypted for added security. However, the network transfer combined with encryption can often make for a slow, laggy experience when using RDP.

What RDP is commonly used for

There are several uses for RDP, including:

• Remote work: If employees are working from home or traveling, they can set up RDP between their office device and their home device to access their work device as if they were there in person.
• Remote support: IT departments can connect to other computers on their company network via RDP, typically for software maintenance and troubleshooting purposes. 
• File sharing: RDP can also be used to access files on a company network.

Risks of RDP

Even if you’ve never heard of it, RDP is very common, particularly in companies that use Windows systems across the board. RDP is a very convenient protocol to set up for the reasons outlined above, but it also comes with some security risks. 

One of the RDP’s biggest weaknesses is that administrators may not always enable multi-factor authentication (MFA). In this case, the RDP connection is password-protected, and users often use the same password for their Windows login and perhaps numerous other logins. If the company doesn’t enforce a strong password policy, RDP connections may be susceptible to credential harvesting, stuffing, and brute force attacks. 

Many companies also use out-of-date software, which makes networks even more vulnerable to hacking. In this instance, hackers can potentially access the host computer or network and install malware such as ransomware. There have also been cases of hackers selling RDP access information on the dark web. 

These risks can be avoided by setting up MFA, strengthening password policies, and ensuring software is continually updated.

Alternatives to RDP

The main limitation of RDP is that you can only use it to connect to a Windows desktop. If you need to connect to another operating system’s desktop, you’re out of luck where RDP is concerned. Fortunately, similar tools are available to other operating systems that use different protocols to do the same thing. Some paid options include the cloud-based Solarwinds Dameware, and Screens for iOS, while some free options are TeamViewer and Chrome Remote Desktop.

Wrap up

RDP is a valuable tool, particularly for large enterprises that use Windows devices and companies with remote workers. However, the potential security risks coupled with the fact that not everyone uses Windows means that it isn’t an ideal option for everyone. Fortunately, there are numerous paid and free alternatives out there to make remote desktop access available to everyone, no matter what their device or operating system.