Speaker
Description
For several years, CERN has provided access to Windows remote desktops through its Windows Terminal Infrastructure service. As the need for stronger security measures grew, particularly around connections using Microsoft’s Remote Desktop Protocol, we began exploring ways to integrate Two-Factor Authentication (2FA) into this critical service. This presented unique challenges in CERN’s academic environment, where Microsoft technologies are not the standard. After months of research, prototyping, and testing various approaches, we developed and deployed a custom Remote Desktop Access solution, leveraging existing CERN tools and services. The rollout was a success, adoption was high, and today, over 5,000 users benefit from a significantly more secure remote desktop experience.
In this presentation, we will discuss the challenges encountered with the different approaches explored and how these were overcome, sharing practical advice for other institutions facing similar security requirements.