Company requires VPN then remote desktop
Our company has a private system that is accessible from anywhere through the web. Meaning, technically, you can type in the web address, log in with your id and password, and you'd have full access to the information.
Our company makes it a security violation to log in without going through the following procedures:
We must sign into the VPN server.
We must then sign into remote desktop to connect to the website.
My question is, does connecting to the remote desktop make the connection any more secure than just connecting to the VPN server? Connecting to remote desktop makes it incredibly slow.
I've done work with other companies before where all you had to do was connect to the VPN server, and they were bigger companies that had an even greater need for security (needless to say, you could not even connect to the site without connecting to the VPN server first).