Why Most Remote Connections Now Require a VPN Rather than Simple Remote Desktop
If you have had the ability to work remotely for several years, you may have noticed a shift in the way this is done more recently. When people worked remotely five+ years ago, they mostly connected to a machine at their office using the Windows Remote Desktop application. This allowed them to connect to their work computer from a computer off the network. The benefit of connecting to your work computer being that you can utilize all the specialized software applications, files stored on network drives and local to that work computer.
Over time, how we connect to devices remotely has changed. This post discusses why most remote connections now require a virtual private network (VPN) connection rather than simply using remote desktop.
Why Most Remote Connections Now Require a VPN Rather than Simple Remote Desktop
Windows Remote Desktop connection is an application that is built into Windows. This means it is easy to use between Windows devices which is why it is so easy to connect from a Windows device at home to one at your work. Unfortunately, because it is a widely-used application, it also comes with a decent amount of security risk.
If your computer at work is available to connect to via remote desktop from outside of the office, then it is accessible to the outside world in general. This introduces inherent security risks that most IT and network people will tell you to avoid.
This is why the way you access your remote device has been changing and most people are now connecting remotely via a VPN. A VPN is a secure way to connect to a different network. VPNs require you to authenticate to them and you cannot access any of the resources on that network directly. Instead, you connect to the secure VPN first which prevents each individual device from being directly accessible from outside the network.
A VPN can be an added step before using remote desktop which allows you to use the Remote Desktop application the same way you did before once you have connected to the secure VPN. Instead, you might connect to the VPN and have mapped network drives that allow you to access company files all while using a local machine.
There are benefits and drawbacks to both solutions.
VPN combo with Remote Desktop
- Users can experience lags in performance based on how robust the network you are connecting to is. This is noticed as visual lags where you scroll in a program or web browser and it takes a bit for the screen to catch up or it being difficult to click on the correct location at times.
- However, from a security perspective, this option is much easier to manage. You can control the security applications installed on the device as well as what programs are/can be installed, what the user can access and more.
VPN with mapped network drives
- Users may see a lag when opening a file as it is transferred from one network to the other, but once open, all the heavy lifting is being done by their local machine so responsiveness is as high as their device is with anything. The only other time users might notice a delay is when saving files back to the network.
- From a security perspective, if you provide the device and have appropriate security protocols in place, there is very little risk with this option.
NOTE: If users are supplying their own devices, both options present larger security risks. This is because users will likely have admin access to their own local machines. Additionally, it is harder to enforce endpoint protection applications on a device you do not administer. Lastly, there is less control over who uses the device which can introduce a much higher level of risk than one you manage.
As you can see, there are many more security controls when adding a VPN. Even if you are still allowing remote desktop, configuring devices not to be accessible outside your network greatly reduces your risk. Forcing all devices to connect through a VPN better manages traffic and reduces the number of endpoints openly accessible to attacks. Lastly, if you provide the device to your users, you are better protected because you can control and implement proper security protocols. This includes backing up files, active endpoint protection applications and controlling user accounts and access.
As always, knowing why and how new technologies are being used is key in reducing frustration over the constant changes tech brings to our lives!