rdp and amendment to session times and security risks posed

Copper Contributor

Any security risks you can foresee with a server build that has RDS disconnection timeout of 3 days compared to 1 day (standard practice). Its just on the same domain and user account will be restricted to only have the ability to logon to that server. Proposed session times:

Active Session Limit : 3 Days - then disconnect / kill session
Idle session time : 2 hours - then disconnect / kill session

Context - data science team need more than one day to complete tasks that are being run on a rdp connection to new server being built.

Any advice greatly appreciated.

1 Reply
Not really a security risk, the session can be only reconnected/used with the correct credentials. If the RDS session is being accessed through a Gateway, you could check if users are prompted for MFA again when reconnecting.