Remote PC Access Software: Vendor Claims vs Corporate Computer Use Policies
Posted on 2007-10-16
Products such as GoToMyPC and PCNOW and being advertised (large newspaper ads in local papers) as allowing corporate workers to connect remotely to their work PC, and or connect to their home PC from work. There is no mention on the websites or in the ads that users may need to check their company's computer use policies before using the products. And if a user connects to a home PC from work, then no software may need to be installed on the work computer, so the user might feel that the use of the product is no different than connecting to a website. However, many corporate computer use policies may not support the use of these products, and corporate IT folks may have issues. Here are my questions:
1. Do these products pose any risks to a corporate network, assuming they only use existing open ports in the corporate firewall? If so, why? Does it matter if the connection is inbound or outbound on the corporate network?
2. How big of an issue are these products for most companies in terms of computer use policy? What typically happens to an employee if they use this product
3. If the company has issues with these products, are they able to block their use?
4. Do the vendors of these products (Citrux and others) face liability if they continue to encourage employees to use the products, without any warning about checking company policy first? It seems to me that either Citrix is out of bounds with their advertising campaign, or corporate use policies should be amended to allow for the use of these products? Which is it?
5. One company I am aware of has a specific issue with "tunneling software". Per below, Citrux mitigates this issue by states that "Remote users do not have tunneled access to the corporate network - only to a single desktop PC and its level of network access. " So would this mitigate the company's concern with respect to tunneling software?
Here is some info from the gotomypc website:
Maintains Firewall Integrity Both controlled and controlling computers receive all communications through an outgoing TCP connection using protocols and ports that can transparently transit almost all firewalls. No firewall changes are required, and you do not have to bypass or compromise your corporate or branch office firewall or the firewall at the computer where you are working.
Carefully Controlled Network Access GoToMyPC leverages the OS-level access controls already in place on your corporate LAN. Remote users do not have tunneled access to the corporate network - only to a single desktop PC and its level of network access.
Thanks for your responses