My company is about to shift a large workload to a vendor that uses an RD Gateway hosted at Amazon to serve access to the front-end application. It’s open to the internet at 443. There’s no MFA. How worried should I be?
My company is about to shift a large workload to a vendor that uses an RD Gateway hosted at Amazon to serve access to the front-end application. It’s open to the internet at 443. There’s no MFA. How worried should I be?
Is there no conditional access for the rds portal?
Time for a CYA email to your manager, project manager, and legal voicing your concerns about the lack of security for an rds Gateway and lack of best practices.
Wide open to the internet.