How can IT combat rogue RDP access?

How can IT combat rogue RDP access?