Solved

Go to my PC question

Posted on 2007-03-21
4
348 Views
Last Modified: 2013-12-04
Hello, I have a "Go to my PC" question, and this the the gotomypc.com software one can try and/or purchase.
I have a small network with under 50 users, and I found one user with this software installed and when asking this user why, he just said he need to finish some work from home, which we have no problem with that, but we have a VPN for this very reason.

My question is what issues from the IT Department do I have to think about, do I now have an open hole to my network through this user's computer? Also, is this software safe to use in a company network controled by AD and with a VPN running. (I have uninstalled this software via the IT Admin, but went through a long debate on that software vrs a VPN connection ( (VPN) Which is much faster and safer for our network, and we can monitor all connections)

We have a DC with AD running, but I allow some users to admin their own machines, but as far the network goes, their access is controled through the DC and AD. Meaning some are company developers and need to install software to write controls for like, "Allen Bradley, Microstation, etc.

Thank You for your replies, comments, and suggestions.

0
Comment
Question by:cedgdarby
  • 2
4 Comments
 
LVL 19

Accepted Solution

by:
aissim earned 500 total points
ID: 18767985
I wouldn't necessarily call it a huge hole - but as a network admin myself I don't like it! The less surface area of your internal network you have exposed to the Internet the better.
Gotomypc has a security doc that explains why it's safe in a corporate environment...but MS has documents explaing how safe their OS is as well =) I think if you already have an option in place for users to access their machines that should be enough. Personally, I would block outgoing traffic to Gotomypc's IP addresses as that would be sufficient - then you don't care if they install the software or not as it wouldn't work.

Of course, I know some battles are hard to win....if that's the case gotomypc will, upon request, filter connections made to your company's IP address block. So you can make sure that only company authorized PC's are accessed by company authorized users.

Either way - good luck with it all!
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 18768140
I agree - reduce the attack surface.  VPN should be used and my recommendation is allow remote desktop to the user's workstation - it's the best remote control performance I've ever seen and over VPN, it doesn't require any additional holes in a firewall.
0
 

Author Comment

by:cedgdarby
ID: 18768251
Thank You very much, as I was thinking the sameway, but I didn't want to be just a hard headed admin, know what I mean...

0
 
LVL 19

Expert Comment

by:aissim
ID: 18768278
Definitely know what ya mean.....and I guarantee you that nobody will blame the developers if your network is compromised!!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now