an “Allowed List” in your firewall to only allow those static IP addresses to connect to your server. If that is not an option either and your terminal server is open to the outside world, it may be best to utilize remote desktop protection software or two-factor authentication software. Two examples are:
RDP Guard, a host-based intrusion prevention system that protects your Windows Server from brute-force attacks on various protocols and services, and
Duo Security, a two-factor authentication application for access to your network.
#6 Close Unnecessary Ports to your Network - close any open ports to your network in your network firewall, protecting it from the outside world and hackers.
#7 Train Employees on Virus Prevention in Email and on Websites - do not open email attachments from senders you do not trust. Look at who the email is from and confirm that the email address is correct. Be sure to assess whether an attachment looks genuine before opening it. If you’re not sure, contact the person you think has sent it and double check.