I'm interested in what you used to host the RDP sessions? Windows Server? A separate VM for each user? Something else? I'd like to apply that approach for my own personal uses and cloud computing but am having difficulties learning about the proper way to setup a thin-client architecture with RDP.
Doesn't even the relatively small amount of latency introduced over RDP make things like video/audio editing difficult and dealing with things like audio sync impossible?
Or were/are they doing something where the actual video/files/apps are on the local machine, but any outside access is via RDP only?
With those kind of stringent controls, how do you think they could have gotten in?
I only have experience with Visual effects, the post house that was "hacked" was an audio place.
They are much smaller, and have much less engineering staff to deal with this sort of thing.
If I was a hacker, I'd be targeting the FTP/aspera server, or the cinesync machine(its a way of showing what work you've done without having to move the data, like logmein, but colour correct, and with doodling features.)
Or they might have just walked in dressed as a runner and stole a bunch of drives.