When systems administrators need to configure a server, they often use standard remote administration protocols such as Remote Desktop Protocol (RDP) or Virtual Network Computing (VNC) to perform their administrative tasks. This access should be restricted to just your systems administrators. That is, you should apply access lists that only allow RDP and VNC to servers from administrative users and block these protocols for ordinary users. Why? Because attackers often use this administrative access to compromise servers and steal information from them. By blocking this access from general users (whose PCs are most likely to be compromised), you make it more difficult for attackers to steal your data, and make it easier for you to detect their presence.
Security Mistakes That Leave You Vulnerable to Compromise #9: Not Blocking Administrative Protocols.
NetCraftsmen®