Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Go to my PC question

Posted on 2007-03-21
4
Medium Priority
?
398 Views
Last Modified: 2013-12-04
Hello, I have a "Go to my PC" question, and this the the gotomypc.com software one can try and/or purchase.
I have a small network with under 50 users, and I found one user with this software installed and when asking this user why, he just said he need to finish some work from home, which we have no problem with that, but we have a VPN for this very reason.

My question is what issues from the IT Department do I have to think about, do I now have an open hole to my network through this user's computer? Also, is this software safe to use in a company network controled by AD and with a VPN running. (I have uninstalled this software via the IT Admin, but went through a long debate on that software vrs a VPN connection ( (VPN) Which is much faster and safer for our network, and we can monitor all connections)

We have a DC with AD running, but I allow some users to admin their own machines, but as far the network goes, their access is controled through the DC and AD. Meaning some are company developers and need to install software to write controls for like, "Allen Bradley, Microstation, etc.

Thank You for your replies, comments, and suggestions.

0
Comment
Question by:cedgdarby
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 19

Accepted Solution

by:
aissim earned 2000 total points
ID: 18767985
I wouldn't necessarily call it a huge hole - but as a network admin myself I don't like it! The less surface area of your internal network you have exposed to the Internet the better.
Gotomypc has a security doc that explains why it's safe in a corporate environment...but MS has documents explaing how safe their OS is as well =) I think if you already have an option in place for users to access their machines that should be enough. Personally, I would block outgoing traffic to Gotomypc's IP addresses as that would be sufficient - then you don't care if they install the software or not as it wouldn't work.

Of course, I know some battles are hard to win....if that's the case gotomypc will, upon request, filter connections made to your company's IP address block. So you can make sure that only company authorized PC's are accessed by company authorized users.

Either way - good luck with it all!
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 18768140
I agree - reduce the attack surface.  VPN should be used and my recommendation is allow remote desktop to the user's workstation - it's the best remote control performance I've ever seen and over VPN, it doesn't require any additional holes in a firewall.
0
 

Author Comment

by:cedgdarby
ID: 18768251
Thank You very much, as I was thinking the sameway, but I didn't want to be just a hard headed admin, know what I mean...

0
 
LVL 19

Expert Comment

by:aissim
ID: 18768278
Definitely know what ya mean.....and I guarantee you that nobody will blame the developers if your network is compromised!!
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question