S 3.81 Training on the secure use of terminal servers

Initiation responsibility: Head of IT

Implementation responsibility: Head of IT, Head of Specialised Department

Administrating the terminal server infrastructure is complex for administrators and some items must be explained to users who have no previous experience. For this reason, anyone who works with a terminal server system should receive training. This applies especially to administrators.

Training contents for administrators

The administrators require detailed knowledge of the application server technology used and the underlying administration tools and services. Moreover, experiences regarding the handling of the operating system, which form the basis for the respectively used solution are required.

The terminal server architecture separates input, output, and program execution. This abstraction makes it possible for the terminals to be based on a completely different operating system than the server. In this case, additional technical knowledge of the persons in charge regarding the client systems is required. Otherwise, it is easy to specify faulty configurations that may have a serious impact on security. It is therefore essential to provide administrators with training in this area, and especially on protective mechanisms in the terminal server environment.

The contents of training programs must be adapted to reflect how the persons to be trained actually use the system. Part of the training must address security-related subjects so that the trainees are aware of potential security issues when handling terminal servers.

It is recommended to refresh the awareness of security issues (security awareness programs) and to point out modified or new situations, mechanisms, or procedures at regular intervals. Within this framework, the security policies applicable within the organisation should be mentioned, the terminal server-specific subjects should be addressed, and possible ambiguities should be eliminated.

• Basic principles:
  • overview of the terminal server environment used
  • overview of the underlying network architecture
  • security administration and tools
• Application environment:
  • software installation
  • creation of a secure user environment
  • server dimensioning and load distribution
  • print scenarios
• Connection of users to terminal servers:
  • system and data access methods
  • perimeter protection
  • terminal device security
  • encryption
  • distribution of the client software
  • possible provision using a web portal
• Terminal server environment:
  • connection of administration servers and downstream services
  • migration and integration strategy
  • licensing
• Operation:
  • rights assignment and hardening of the terminal server environment
  • software update
  • restart cycles
  • security and data protection aspects when mirroring the session
  • monitoring and logging
• Contingency planning:
  • redundancy mechanisms
  • backup-relevant data of the terminal server environment
• Disposal:
  • deletion of critical data

Training contents users

Requirements deviating from the above-mentioned must be defined for user training courses. The users must first and foremost gain knowledge of the particularities and security aspects of remote user sessions. Above all, if the users have no previous experience whatsoever regarding the handling of the terminal server technology, this may easily result in errors during operation.

For example, file paths and printer names may differ from the information provided on the terminal server client for clients with a stand-alone operating system. Moreover, the deviation of the behaviour of the remote user interface from the client may easily cause confusion.

Therefore, anyone using terminal servers must be trained on the following subjects, as a minimum:

• explanation of the security safeguards used, including the express prohibition of disabling or trying to bypass these;
• admissible access routes and terminal devices;
• paths and drive links for file storage and printing;
• access to downstream services;
• admissible options for exchanging information between the client's operating system and the terminal server;
• behaviour in the event of interrupted connections;
• instructions for logout at the end of the time of use;
• instructions for blocking the client when leaving the room;
• admissible terminal servers users may establish a connection using the terminal software;
• ban on sending configuration data (e.g. .RDF or .ICA files);
• instructions regarding suspicious behaviour (such as a mouse pointer moving automatically).

If there are easy-to-understand training materials on terminal servers, the users can be requested to familiarise themselves with the documents instead of providing them with training. However, it is absolutely necessary that the users be provided with sufficient time to study the documents.

Review questions:

• Have all users, particularly the responsible administrators, been trained for working with terminal servers and have the training contents been adapted to the persons to be trained?
• Have they been shown how to handle all security mechanisms of the terminal server?
• Have the users received training regarding the secure handling of remotely executed applications on terminal servers?