Remote access you can turn off isn’t always the remote access that can hurt you
“Safer” is relative.
Yes, you are a little safer than not having turned those items off, but I don’t want this to lull you into a false sense of security thinking you are “safe.”
Remote access comes in many forms, and you’ve only turned off some of them.
Become a Patron of Ask Leo! and go ad-free!
Turning off the Windows Remote Desktop feature does disable the Remote Desktop Protocol (RDP), but does not prevent other types of remote access. Software installed on your machine, including both legitimate tools as well as malware, can still allow remote access to your machine. Make sure not to assume since RDP is off remote access is prevented, and always be aware of the tools you install on your machine.
Windows remote access settings
The setting you’re most likely to have altered is the Windows Remote Desktop feature.
Nifty — though you were probably already protected by your router, which disallows incoming connections anyway.
Besides, none of this disables the ability to access your machine remotely.
There is no setting to do that.
Scammers and remote access
This topic comes up most often when we discuss the so-called “tech support scam“, in which individuals call you on the phone, claiming they will fix your computer for you and need remote access to do so.
To make that happen, they’ll direct you to a website or a download, at which point you follow a few steps, perhaps enter a code of some sort, and — bingo! — they have the remote access they want.
You’ve just bypassed the remote desktop setting you so carefully set. In fact, remote desktop wasn’t even used. The scammers use any of a number of alternative services and protocols that have nothing to do with remote desktop.
The key to remote access
The common thread to the remote access scam, as well as to any legitimate remote access, is that you need to be running software on your computer that initiates the connection.
Your router prevents incoming connections. It’s software running on your computer that allows, or even invites, others to connect. That software comes in many forms:
- Remote access software you’ve installed, such as Team Viewer or Chrome Remote Desktop.
- Remote access software you run “on-demand”, such as conferencing software like GoToMeeting or others allowing you to display your desktop in a video conference or give control of your machine to one of the other participants.
- Remote access software you run when getting support from a trusted yet remote friend, relative, or service technician.
- Malicious software. Because malware can do anything.
The key is the software is running on your computer.
This allows us to make decisions to get safer still.
Choose what to run
The solution is fairly straightforward.
- Disable, or not, Remote Desktop. As I said, your router protects you from incoming connections.
- Choose not to install remote access tools, or choose not to leave them constantly running, loading them only as needed.
- In conferences and online video meetings, only give access to your computer to people you trust.
- Only run remote access software when requested by people you already know and trust.2
- Do everything you should already be doing to keep your computer safe on the internet and free of malware.
The bottom line is that remote access requires your participation, either explicitly, by running remote access tools, or implicitly, by having allowed malware on your machine.
The solution is simple: don’t participate.