Secure login to remote app

Hi,

How do I secure the user's initial login to azure? At the moment it seems quite exposed.

I've deployed a remote app in a Virtual Machine in Azure, which connects to an Azure database.

Users of the app have no 'onprem' - they are independent service providers under short contracts. At the moment I direct users to aka.ms/wvdarmweb where they sign in.

This is what I see in the latest announcement, which seems to address this issue, but I can find no further information:

"Direct RDP to session host: We are introducing a new capability that can be set at a host pool level and will take into account the type of network you are connecting from, and when possible, establish a direct peer-to-peer UDP connection to the session host rather than over the internal Windows Virtual Desktop gateways. By eliminating the intermediate hops and using a more efficient connection over a trusted network, you get a secure optimized experience with lesser connection latency and better performance."

Any pointers appreciated.

Thanks,

Jack