The traditional use case for reporting on Remote Desktop activity is to track the multitude of user sessions running simultaneously on a dedicated Terminal Server. However, monitoring and tracking Remote Desktop activity on a workstation in many ways is just as important.
In the modern workplace, more and more companies allow their employees and contractors to access their work computers from home and other locations. While there are numerous commercial solutions designed to allow employees to “take their desktop anywhere” – (Citrix’s XenDesktop immediately comes to mind) – not every organization has the extra budget to purchase additional software, so they instead rely on Microsoft’s built-in implementation of Remote Desktop on Windows workstations, paired up with a Firewall/VPN combo already protecting the corporate network.
In a typical setup, Worker X may need to work remotely for whatever reason (travel, flex time policies, etc), so they first connect into the corporate network using the a VPN connection across the firewall, and then fire up a Remote Desktop Client on their laptop or tablet to connect to their corporate workstation.
From here, an organization is very much in the dark unless they use a Terminal Services Logging and Reporting utility such as our Remote Desktop Reporter. For instance…
1.) What client device is Worker X using to connect to her corporate workstation? Is it the company approved laptop with approved endpoint security solutions and encryption in place, or is it a personal laptop or tablet that happens to have an aftermarket RDP client installed… Do you have any way of knowing?
2.) How much bandwidth is Worker X using during the Remote Desktop session? Is she streaming video across limited bandwidth over the firewall, using the highest quality color depth possible? Is she transferring large files to or from her machine? Does this jive with the network’s AUP (Acceptable Use Policy)?
3.) Are these remote work sessions fruitful for Worker X? Does the company have any way to audit or estimate the amount of time Worker X is actively working inside her session? More importantly, is it fair to force high performing employees to work in the office when they could be more productive working from home, solely because your organization doesn’t have a way to audit their level of productivity?
4.) Conversely, do you have employees who typically work 9-5 now suddenly accessing their systems outside of normal working hours (say between 12am and 3am at night)? Are these sessions coupled with larger than normal amounts of data transfer over the RDP protocol? Do you have an employee transferring sensitive data outside your network?
The above scenarios are just a few of the reasons why collecting and reporting on Remote Desktop session data from workstations is so vitally important. In our next blog post, we’ll discuss a few of the reports found in Remote Desktop Reporter that can track the activity mentioned above.