Inside Cybersecurity

January 27, 2023

Daily News

Center for Internet Security issues new remote desktop security guide, based on CIS Controls

By Charlie Mitchell / November 30, 2020

The Center for Internet Security has released a new guide on remote-work security grounded in the CIS Controls and intended to address the spike in cyber attacks targeting “Remote Desktop Protocol” usage during the COVID-19 pandemic.

Exploited Protocols: Remote Desktop Protocol (RDP) Guide” was released today and “leverages best practices from the CIS Controls and secure configuration recommendations from the CIS Benchmarks to help organizations secure their RDP from attacks,” according to a statement.

“Each section provides a high-level overview of the direct mitigation for securing RDP, followed by applicable CIS Controls and CIS Benchmarks,” CIS said in the release. “The CIS Controls include, and are ordered by their respective mapping to the NIST Cybersecurity Framework.”

The guide includes:

  • A high-level overview of the direct mitigation for securing RDP
  • Why it is important to secure RDP from an attack perspective
  • Related CIS Controls and/or CIS Benchmarks for securing RDP
  • Additional supportive controls for protecting against and detecting RDP-based attacks

The report “addresses basic cyber hygiene and is intended to assist organizations that would like to start using RDP, or those already implementing it, secure their systems via a few low-cost, or no-cost mitigations,” according to CIS.

CIS is a “community-driven nonprofit” that houses the industry-leading CIS Controls and CIS Benchmarks. It is also home to the Multi-State Information Sharing and Analysis Center and the Elections Infrastructure Information Sharing and Analysis Center. -- Charlie Mitchell (cmitchell@iwpnews.com)