Remote Desktop Protocol (RDP) has its own vulnerabilities and needs to be appropriately secured.
Threat modelling is a set of techniques to identify the level of risk to assets from their interactions with their operating environment. Some threat modelling methodologies and tools are linked below for reference:
PASTA – Process for Attack Simulation and Threat Analysis. The link has details of an online banking use case.
DREAD – Damage [potential], Reproducibility, Exploitability, Affected users, Discoverability