My company is about to shift a large workload to a vendor that uses an RD Gateway hosted at Amazon to serve access to the front-end application. It’s open to the internet at 443. There’s no MFA. How worried should I be?

  • KingSlareXIV@infosec.pub
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Yeah, I hate it. I’d want some sort of SAML SSO auth in front of the actual RDS Gateway to allow you to use whatever identity provider and MFA you already have.

    You really don’t want to allow all manner of auth attempts able to be made against your actual workload servers, which is what it sounds like you are describing.