fbpx Skip to main content
search

Remote Desktop &

Citrix Review

With remote working solutions becoming increasingly important in todays modern world, security issues are inevitable. Remote Desktop and Citrix Solutions are fantastic business enablers allowing secure remote access to company data from anywhere.

We have many years of experience deploying and maintaining Remote Desktop Services (RDS) and Citrix security technologies. We test the best practices for remote desktop security to ensure your environment remains secure and operational, wherever you are.

Find Out MoreFind Out More
CSIQ-Cyber-Consulting-Header

Who is it for?

Do you worry that your employees have access to sensitive company information while working remotely?

Our service provides reassurance that your remote desktop working solutions are enabling your staff to be efficient while your sensitive data is always protected.

What does it feature?

  • Bespoke testing based on the customer’s deployment of shared desktop environments
  • Privilege escalation and lateral movement testing
  • Industry best practice recommendations provided
  • Provides assurance that shared desktop environments are secure and segmented correctly
  • Test common data exfiltration techniques
  • Post support on any vulnerabilities identified

Have further questions about our Remote Desktop & Citrix Review? Read our FAQs, or contact us here.

csiq-square-with-circuit-cut-out
CSIQ-Active-Directory-and-Azure-AD-Review-who

What are the benefits of a Remote Desktop & Citrix Review?

It highlights any serious weaknesses and takes action before a real hacker exploits them

Ensure that your users are secure while working remotely

Provide reassurance that privileges in the shared environment aren’t too permissive

Provide recommendations on industry best practice

Ensure that company information assets are secure

csiq-background-breaking-squares-3
CSIQ-Remote-desktop-and-citrix-review-features-2

Features of Remote Desktop & Citrix Solutions

  • Company data is located on servers owned by the organisation
  • Control access to applications and data on a per-user basis
  • BYOD – any Windows, MAC or Linux device can use the remote desktop and Citrix ICA protocols to run apps and access hosted desktops. Staff can use their own devices to access resources without copying intellectual property or sensitive information from the network.
  • Access securely – both solutions can be protected with multi-factor authentication
  • Consolidation of server resources and licensing – users can share desktop resources creating highly dense servers, maximising return on investment
  • Scalability – with the templated nature of servers, adding additional servers is simple
  • Reduce support costs – a standardised environment ensures that support staff can support your users efficiently.
Get In TouchGet In Touch

Why choose us?

Remote Desktop and Citrix Environments are easier to install and set up than they are to effectively secure.

With the rise of remote working, the priority for cyber security has shifted significantly, with companies having an ever-growing need to ensure staff can work effectively without compromising company security.

Our service ensures effective implementation of remote working security, protecting your essential company data and minimising the risk of a security breach.

Find Out MoreFind Out More
csiq-square-with-circuit-cut-out
CSIQ-Excellent-Quality

Methodology

These are the common components which can be abused to allow the break out from shared “secure” desktop environments.

Our Remote Desktop and Citrix Review includes an assessment of the following break out opportunities;
  • Dialogue boxes
  • Help menus
  • Context menus
  • Internet Browsers
  • Microsoft OfficeMacros
  • ICA Files
  • MSPaint
  • Shortcut files
  • Command shell access
  • Scripting language Interpreters
  • DLL Injection
  • Living off the land binaries
  • And many more…
Additionally, our consultants will identify the following;
  • Users are accessing the system securely
  • If an attacker could gain access to the system through phishing
  • Could staff unintentionally run malicious code
  • Could an insider threat run malicious code
  • If Powershell is configured correctly
  • Can a user access other network resources they shouldn’t
  • If AppLocker and Software Restriction Policies are configured correctly
  • If a hacker gained access to a session, could they gain access to the system again
  • If malware and ransomware could spread across the network
  • Data exfiltration opportunities
  • If it is possible to gain access to the underlying operating system

CSIQ Insight: Risk Management Portal

All consultancy and managed services include access to our Risk Management Portal.

csiq-vigilance-single-pane-of-glass

A Single Pane of Glass

All risk types, including technical, human, residual and inherent, are allocated a score, allowing for a strategic approach to risk reduction.

csiq-vigilance-reporting

Monthly Reports

Monthly reports from our managed services detailing individual risk scores, a summary of events, detailed vulnerabilities, and security recommendations are all available from the platform.

csiq-vigilance-visual-attack-paths

Visual Attack Path

Multiple vulnerabilities are typically exploited to reach a target. Our platform visualises the attack path taken by your consultant to achieve the objective.

csiq-vigilance-trend-analysis

Trend Analysis

Track your exposure over time to ensure that your IT teams are tackling the vulnerabilities identified.

If you have our pre-pay contract, simply send us a message through the platform to assist with the remediation.

Flexible Pre-Pay Contract

With our Pre-Pay Contract, you can save 25% and get faster response.

Journey to Secure Desktop & Application Delivery

CSIQ-Journey-to-secure-desktop-and-application-delivery
1
Non-Disclosure Agreements
2
Define Scope
3
Review of Systems
4
Present Findings
5
Feedback & Evaluation
6
Post Engagement Support

Journey to Secure Desktop & Application Delivery

1

Non-Disclosure
Agreements
2

Define
Scope
3

Review of
Systems
4

Present
Findings
5

Feedback &
Evaluation
6

Post Engagement
Support
CSIQ-Footer-Logo-4

Cyber Consulting

Services

To learn more about the range of cyber consulting services we can help your business with, visit our cyber consulting page. 

Or get in touch to discover all of our available services.

Contact UsContact Us

Our Accreditations & Memberships

We are proud of our industry recognised certifications in Cyber Security and Service Delivery

Crest Approved
Crest Approved: Penetration Testing
Crest Approved: Incident Response
Crest Approved: Vulnerability Assessment
ISO 27001
Cyber Essentials Plus
IASME Governance: Gold
IASME Quality Principles Certified
IASME GDPR Certified
Offensive Security
CSIQ NCSC Assured Service Provider Cyber Advisor
Cyber Essentials Plus Certification Body
IASME Governance Certification Body
CSIQ IASME Cyber Baseline Certification Body
ISACA Professional Members
Ecologi - Climate Positive Workforce

FAQ

What are Remote Desktop Services (RDS) and Citrix Technologies?

Microsoft Remote Desktop Services (RDS) and Citrix are two popular Virtual Desktop Infrastructure (VDI) options. Both are cloud-based services that allow access to application resources from any device remotely.

These products deliver secure and robust desktop computing to employees on the road, at home, or in remote offices.

What are the risks of remote working solutions?

While remote working offers flexibility and convenience, it does come with some inherent security risks which your business must consider. These include:

  • Using public Wi-Fi networks to access sensitive company data
  • Using personal devices
  • Ignoring basic physical security practices in public places
  • Using weak passwords
  • Unencrypted file sharing
  • Cyber attacks on remote working infrastructure

CSIQ can help businesses of all sizes tackle these essential but often overlooked risks to remote workers.

How often should I test remote working solutions?

Because cyber threats are always evolving, it is advised that testing is performed at least annually or following the implementation of any infrastructure changes.

Have a question for us about our services?

Send us an enquiry to get a rapid response from a cybersecurity expert.

Telephone 03300430900

Call Us

03300 430 900

"*" indicates required fields

Name*
Hidden
Hidden
Consent
This field is for validation purposes and should be left unchanged.
Close Menu