Solved

Best Way to Give Third Party Access to My Network

Posted on 2016-07-19
5
60 Views
Last Modified: 2016-11-22
Our accounting department has contracted with Mosaic (http://www.mosaiccorp.com/) to perform various document management tasks for processing invoices.

The main item that Mosaic needs to implement its app, Eclipse, which uploads the documents from our LAN to Mosaic's server, is a machine to install Eclipse and some space on a drive to store the documents scanned from the various offices. This is all set up.

My problem is deciding upon the best way to give the Mosaic people access to that local machine to run their app.

The Mosaic engineer said that they routinely use GoToMyPC to manage their app on their clients' machines. Though I believe Mosaic to be trustworthy and to not muck up my machine, I can't think of a way to keep them from looking around my network if we use GoToMyPC. My only other idea is to set up RDP for them, though that doesn't really keep them from peeking, either. The engineer said that the access is just for checking on the app periodically and that .

The local machine in question is a Dell PowerEdge T310. It is a member server running Server 2008 Standard SP2. There is nothing on it but an FAQ app that we don't use. In fact, this box pretty much just sits there. I partitioned off 100GB for the files and set up the folder structure. We are ready to move except for granting Mosaic access to the machine/network.

Suggestions?
0
Comment
Question by:gbrooke
  • 2
  • 2
5 Comments
 
LVL 13

Accepted Solution

by:
Andy M earned 350 total points
ID: 41719508
You could setup an AD account for them which only allows access to that particular machine (deny logon rights to any other device on the network, don't make it a domain admin, don't allow access to shared folders, etc). That should prevent them from snooping. In addition you can also set the account to auto-disable at a particular length of time so that they have to call up to get access to the device when required.
1
 
LVL 11

Assisted Solution

by:Bryant Schaper
Bryant Schaper earned 150 total points
ID: 41719526
Andy said what I was going to, you could also control the gotomypc account, so you can disable and enable as needed so they dont have free reign to logon whenever they need to.  We use to use a product that required a unique pin each time for access to maintain our SOX compliance.  I believe it Bomgar.
0
 

Author Comment

by:gbrooke
ID: 41719582
Our remote access app is TeamViewer. I did think about checking with them to see if they had some way of limiting the third party's access but I kept going back to RDP and AD. Since you both recommend that, I believe I will do it that way.

One other thing: Should I use the server or dedicate a desktop to this? I chose the server mostly because it's not doing anything and wanted to get some mileage out of the hardware. I do have a couple of older Optiplexes on the shelf that I could rebuild, stick in a corner and dedicate to this.
0
 
LVL 11

Expert Comment

by:Bryant Schaper
ID: 41719620
You could use either, is it the only function of that server?  

Teamviewer can be setup so you provide the session id, then you can control the session access
0
 

Author Comment

by:gbrooke
ID: 41719770
Thanks, gents. I'm going to leave it on the server for now and set up RDP.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Resolve DNS query failed errors for Exchange
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now