- Utilize blocklisting and allowlisting to limit remote access to users with a verified business and/or operational need.
- Ensure that all remote access technologies have logging enabled and regularly audit these logs to identify instances of unauthorized access.
- Audit networks for systems using remote access services.
- Close unneeded network ports associated with remote access services (e.g., RDP – Transmission Control Protocol [TCP] Port 3389).
- When configuring access control for a host, utilize custom settings to limit the access a remote party can attempt to acquire.