Posted 23 April 2017 - 04:43 PM
Quite honestly, not using RDP is the best way. There are way more secure options for remote control over the internet such as TeamViewer with two-factor authentication, LogMeIn, etc. (assuming very strong passwords of course).
If you must use RDP, change the port from something standard (basic security through obscurity, but IMO it's better than nothing), use very strong passwords for all accounts with RDP rights, and whitelist IPs on the firewall (don't have it just open to the whole world). Even better, instead, use VPN on the firewall, and don't even expose the port outside or your LAN at all.
Also, make sure all security patches are applied, that should just be an overall security given.