Home Forums Discussions General Discussion Need inexpensive secure remote access to AC

Hi,
Just found out that GoToMyPC prices are rising substantually [about 3 to 4 times my current yearly cost I thought about running remote desktop on my two servers [that are on the same local network] but not so sure about security and Hippa. Should I run a VPN along with remote desktop or instead or remote desktop? Any help would be appreciated as I am "semi-retired".
Thanks

Hi Jack,

Google's free remote desktop sets up quickly and works well, allows a few dozen target computers.

Handles dual screens, no remote printing, can copy clipboards back and forth, but not files.

If you need to copy files, free dropbox works well.

***

1) Create a google account, simplest to set up free gmail.com.

2) Install Google Chrome on target computer (just go to Google and popup will invite you).

3) Browse in chrome to remotedesktop.google.com on target computer and log on to gmail account.

4) Scroll to bottom to install Google's remote desktop on target computer.

5) Accept default target computer name (or pick an easy-to-remember name, can change later).

6) Create annoyingly all-numeric password to access the target computer.

7) On anything that runs Chrome, go to remotedesktop.google.com, log in, and run target computer.

8) The < tab on right side of screen expands options for full-screen, disconnect, etc.

Cheers,

Carl Fogel

Hi Carl,
Thanks. What about security and HIPPA--any problems with Google's free remote desktop ?

I use RemoteToPC much more reasonable price than GoToMyPC $99/yr but then again hard to beat free

Splashtop business, has remote printing, file transfer, etc.
$60/year 1 user, 2 computers
$99/year 1 user, 10 computers

I've found Google remote to be a little sluggish, and prefer the native Windows Remote Desktop.

To secure the connection, take a look at SoftEther VPN. It's Open Source, so if you run Windows Pro the whole setup won't cost a dime. You can restrict remote desktop connections to the LAN, and use Two Factor authentication (Duo Mobile) for extra protection.

Regarding HIPAA, I believe all of this is covered under the conduit exception rule, and so won't require a privacy agreement (much the same way that we don't all have privacy agreements with the US Postal service when we send medical records via snailmail.)

Remote Desktop is itself encrypted on new versions of Windows. HIPAA does not mandate any specific security protocols. The descriptions are quite general. But as with any security method, you want to encrypt the handshake (login) and the tunnel (data exchange).

Newer versions of Remote Desktop have this built-in. You have NLA (SSL/TLS) for the login/authentication and NTLM encryption for the tunnel/transport. I find many people say that VPN is a necessity don't actually know why it was required in the first place. Originally RDP didn't encrypt the handshake or the tunnel. Now it does both.

VPN was used because it did both. L2TP/IPSEC was the solution back then. In a similar manner, L2TP encrypted the handshake and IPSec encrypted the tunnel. Newer protocols like SSL VPN and OpenVPN have taken over but the same principles apply. Nowadays, VPN just adds another layer of security which is the primary benefit. It's not because RDP is unencrypted which wouldn't be HIPAA compliant.

You can configure RDP to force both and deny any connection that isn't encrypted and to force higher levels of encryption. There are additional RDP settings like account lockout policies that make it pretty difficult even if you were sitting in the office hooked up to an ethernet jack.

I use both RDP and Splashtop -- both very satisfactory, and RDP is free; splashtop about $60/year.
Also sometimes use VPN, but it is slower, doesn't work as well with Dragon.