Microsoft’s Remote Desktop Protocol (RDP) in-memory credential protection tool — called Remote Credential Guard (RCG) — has restrictions that do not work for all organizations. It also limits the types of credentials available for use, as well as some common IT tasks, such as account delegation or the use of service accounts in automation.
As such, the key question for organizations that use RCG is: How do we effectively protect RDP in-memory credentials, while also maintaining flexibility?
The answer is simple: Replace RCG with Devolutions Server, which features built-in PAM functionality.
In our new use case (which includes how-to steps), we explore how switching from RCG to Devolutions Server PAM enables organizations to:
- Strengthen Security: Passwords are rotated on every check-out, which means that bad actors cannot use old credentials to carry out attacks on privileged accounts or move laterally across the infrastructure.
- Increase Flexibility: Unlike RCG, Devolutions Server’s PAM module maintains the same processes and capabilities — but with the increased security of automatic password rotation.
- Reduce Maintenance: Save time and administrative burden by not having to rotate passwords when employees leave or are reassigned.
- Enhance Efficiency and UX: There is no interruption to existing processes that would otherwise lead to frustrated end-users and help desk tickets.
Click here to instantly download the Use Case [PDF].
Click here for a full list of Use Cases that are available for download.