Authentication required to prevent malicious remote control?

[lofidevops]

Steps to reproduce:

• Install and run Simple Computer Remote on my desktop machine
• Malicious user installs SCR on their Android device
• Malicious user scans our mutual network, where my desktop is visible as a potential connection
• Malicious user attempts to connects to my desktop and control it

What should happen:

• Malicious user should not be able to connect to my desktop
• (Also?) Malicious user should not be able to see my desktop

What happens instead:

• Malicious user can find, access and control my desktop

If I have missed the configuration steps required for a secure connection, please point me to the relevant link.