We all hear the news: 'don’t use simple, easily guessed or researched passwords'. But what does that mean in a business context? Well, if your senior users don’t want to type in 9r2h9u(*&*(RFU892 as a password then you’re stuffed! Every time I try and implement strong password controls I get knocked back. The simple answer? Say yes, and book your next holiday!
I know this is my technical blog, but what do we think about football versus rugby here in the UK?
Well, here's what I think:
Rugby is a thug’s game played by gentlemen.
Football is a gentleman’s game played by thugs.
This in my mind is true. Also, at rugby games we can have shared stands but not at football. Crazy!
So I’m at work and its a typical day. Nothing new. But guess what... My boss decides he wants remote
access. This goes against every policy we’ve ever had (that I’ve written) to ensure we remain secure.
Anyway, lets just say I enjoy my bonus and skiing in France so I made it happen.
Naming convention. If you want remote access you don’t want users having to write down IP addresses and forgetting them. Also what about DHCP? If we don’t want to pay for a static address how can staff access IT remotely? We’re still handing out the IP address on a per-use basis to maintain security.
I ended up implementing a single Windows server which can be connected to via the Net. To avoid random worms, I changed the default RDP port from 3389 to 8877. Remember, if you’re going to change your ports from their defaults, you’ll need your users to ensure they’re not trying the default ports.
If you feel like you have something interesting to say then you can leave me a message here. I make no promises that I will ever respond or that these go anywhere but the ether.