Go to my PC question

Hello, I have a "Go to my PC" question, and this the the gotomypc.com software one can try and/or purchase.
I have a small network with under 50 users, and I found one user with this software installed and when asking this user why, he just said he need to finish some work from home, which we have no problem with that, but we have a VPN for this very reason.

My question is what issues from the IT Department do I have to think about, do I now have an open hole to my network through this user's computer? Also, is this software safe to use in a company network controled by AD and with a VPN running. (I have uninstalled this software via the IT Admin, but went through a long debate on that software vrs a VPN connection ( (VPN) Which is much faster and safer for our network, and we can monitor all connections)

We have a DC with AD running, but I allow some users to admin their own machines, but as far the network goes, their access is controled through the DC and AD. Meaning some are company developers and need to install software to write controls for like, "Allen Bradley, Microstation, etc.

Thank You for your replies, comments, and suggestions.

Who is Participating?
aissimConnect With a Mentor Commented:
I wouldn't necessarily call it a huge hole - but as a network admin myself I don't like it! The less surface area of your internal network you have exposed to the Internet the better.
Gotomypc has a security doc that explains why it's safe in a corporate environment...but MS has documents explaing how safe their OS is as well =) I think if you already have an option in place for users to access their machines that should be enough. Personally, I would block outgoing traffic to Gotomypc's IP addresses as that would be sufficient - then you don't care if they install the software or not as it wouldn't work.

Of course, I know some battles are hard to win....if that's the case gotomypc will, upon request, filter connections made to your company's IP address block. So you can make sure that only company authorized PC's are accessed by company authorized users.

Either way - good luck with it all!
Lee W, MVPTechnology and Business Process AdvisorCommented:
I agree - reduce the attack surface.  VPN should be used and my recommendation is allow remote desktop to the user's workstation - it's the best remote control performance I've ever seen and over VPN, it doesn't require any additional holes in a firewall.
cedgdarbyAuthor Commented:
Thank You very much, as I was thinking the sameway, but I didn't want to be just a hard headed admin, know what I mean...

Definitely know what ya mean.....and I guarantee you that nobody will blame the developers if your network is compromised!!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.