Solved

Go to my PC question

Posted on 2007-03-21
4
362 Views
Last Modified: 2013-12-04
Hello, I have a "Go to my PC" question, and this the the gotomypc.com software one can try and/or purchase.
I have a small network with under 50 users, and I found one user with this software installed and when asking this user why, he just said he need to finish some work from home, which we have no problem with that, but we have a VPN for this very reason.

My question is what issues from the IT Department do I have to think about, do I now have an open hole to my network through this user's computer? Also, is this software safe to use in a company network controled by AD and with a VPN running. (I have uninstalled this software via the IT Admin, but went through a long debate on that software vrs a VPN connection ( (VPN) Which is much faster and safer for our network, and we can monitor all connections)

We have a DC with AD running, but I allow some users to admin their own machines, but as far the network goes, their access is controled through the DC and AD. Meaning some are company developers and need to install software to write controls for like, "Allen Bradley, Microstation, etc.

Thank You for your replies, comments, and suggestions.

0
Comment
Question by:cedgdarby
  • 2
4 Comments
 
LVL 19

Accepted Solution

by:
aissim earned 500 total points
ID: 18767985
I wouldn't necessarily call it a huge hole - but as a network admin myself I don't like it! The less surface area of your internal network you have exposed to the Internet the better.
Gotomypc has a security doc that explains why it's safe in a corporate environment...but MS has documents explaing how safe their OS is as well =) I think if you already have an option in place for users to access their machines that should be enough. Personally, I would block outgoing traffic to Gotomypc's IP addresses as that would be sufficient - then you don't care if they install the software or not as it wouldn't work.

Of course, I know some battles are hard to win....if that's the case gotomypc will, upon request, filter connections made to your company's IP address block. So you can make sure that only company authorized PC's are accessed by company authorized users.

Either way - good luck with it all!
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 18768140
I agree - reduce the attack surface.  VPN should be used and my recommendation is allow remote desktop to the user's workstation - it's the best remote control performance I've ever seen and over VPN, it doesn't require any additional holes in a firewall.
0
 

Author Comment

by:cedgdarby
ID: 18768251
Thank You very much, as I was thinking the sameway, but I didn't want to be just a hard headed admin, know what I mean...

0
 
LVL 19

Expert Comment

by:aissim
ID: 18768278
Definitely know what ya mean.....and I guarantee you that nobody will blame the developers if your network is compromised!!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question