Solved

Go to my PC question

Posted on 2007-03-21
4
388 Views
Last Modified: 2013-12-04
Hello, I have a "Go to my PC" question, and this the the gotomypc.com software one can try and/or purchase.
I have a small network with under 50 users, and I found one user with this software installed and when asking this user why, he just said he need to finish some work from home, which we have no problem with that, but we have a VPN for this very reason.

My question is what issues from the IT Department do I have to think about, do I now have an open hole to my network through this user's computer? Also, is this software safe to use in a company network controled by AD and with a VPN running. (I have uninstalled this software via the IT Admin, but went through a long debate on that software vrs a VPN connection ( (VPN) Which is much faster and safer for our network, and we can monitor all connections)

We have a DC with AD running, but I allow some users to admin their own machines, but as far the network goes, their access is controled through the DC and AD. Meaning some are company developers and need to install software to write controls for like, "Allen Bradley, Microstation, etc.

Thank You for your replies, comments, and suggestions.

0
Comment
Question by:cedgdarby
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 19

Accepted Solution

by:
aissim earned 500 total points
ID: 18767985
I wouldn't necessarily call it a huge hole - but as a network admin myself I don't like it! The less surface area of your internal network you have exposed to the Internet the better.
Gotomypc has a security doc that explains why it's safe in a corporate environment...but MS has documents explaing how safe their OS is as well =) I think if you already have an option in place for users to access their machines that should be enough. Personally, I would block outgoing traffic to Gotomypc's IP addresses as that would be sufficient - then you don't care if they install the software or not as it wouldn't work.

Of course, I know some battles are hard to win....if that's the case gotomypc will, upon request, filter connections made to your company's IP address block. So you can make sure that only company authorized PC's are accessed by company authorized users.

Either way - good luck with it all!
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 18768140
I agree - reduce the attack surface.  VPN should be used and my recommendation is allow remote desktop to the user's workstation - it's the best remote control performance I've ever seen and over VPN, it doesn't require any additional holes in a firewall.
0
 

Author Comment

by:cedgdarby
ID: 18768251
Thank You very much, as I was thinking the sameway, but I didn't want to be just a hard headed admin, know what I mean...

0
 
LVL 19

Expert Comment

by:aissim
ID: 18768278
Definitely know what ya mean.....and I guarantee you that nobody will blame the developers if your network is compromised!!
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question