Google Chrome Remote Desktop VS. MSTSC

Greetings all,
I'm looking for some feedback on the security concerns (if any) of Chrome remote desktop versus RDP.  Typically, our users have needed to secure a VPN connection before RDP-ing into an onsite workstation they manage.  Otherwise, we would have to set up Network Address Translation to publish the workstations' IP addresses, and this was deemed a bit of a security risk.  

Now, Google Chrome Remote Desktop appears to bypass both the need to use VPN or set up NAT.  Anyone know specifics on exactly how this is accomplished, from the networking side of things?  I understand that users access their device through their Google account.  What are others' experience with Chrome Remote Desktop in a business environment?  And what security concerns should I be aware of?

Much Thanks-
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Kamal KhaleefaInformation Security SpecialistCommented:
Its an application as team viewer or logme in
For business environment i would not recommend it at all
You will not able to log those people or log what they actually did
Even if they connect or not
If you want to use this approach "with lose security environment " do it
But recommended is vpn + specify source address if thos who manage is company or v real ip registered to them
using this method you secure vpn and can log their activities
cuiincAuthor Commented:
Thanks for the feedback.  Do you typically lock down this activity through GPO?  If so, how would most companies accommodate the frequent webex, team viewer, or logmein conference meetings that users require?
Kamal KhaleefaInformation Security SpecialistCommented:
For me through gpo users dont v admin rights to install any so all handle by support team
as you said team viewer and etc for business require license so as it a cost you know who use it and if he authorized or not
I dont say you cannot use team viewer or any other app
It from my opinion more secure to v vpn for management
And if application usage you can publish it

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Remote Access

From novice to tech pro — start learning today.