A network manager's nightmare

What a time to be a network manager. Above, company execs are sanctioning all manner of telework. Below, employees are demanding anytime, anywhere access to the company network. Good thing you've got sophisticated technology in place so you can sleep well at night.

What, your tools aren't helping you sleep? In fact, when you're particularly sleep deprived worrying about the security of your network, you wonder whether technology is working against you.

Take the blasted VPN (virtual private network). It's difficult and costly to maintain, and the source of countless calls from remote workers who can't get past the logon. And now, some are raising questions that are making you wonder whether the VPN is the security end-all it's supposed to be.

While the technology provides an encrypted channel from a remote system to the network, by nature it also makes that system part of the network, a remote node, if you will - extending your corporate network way out beyond your scope of control. If that remote node gets into the wrong hands, or the employee goes on a rampage, you're dead. Great.

Then there's GoToMyPC. If you don't know about it, GoToMyPC is a Web-based service that lets you access a designated PC - whether it's the desktop in your corporate office, a laptop or a personal PC in your home office - from any PC with an Internet connection. Any of your users can access the Web site, download a file onto their "host" (corporate) system, and access that machine from any Web-enabled PC for about US$12 per month. Since the service debuted earlier this year, tens of thousands of individual users have signed up. Anybody on your network using it? Are you sure?

The telework community loves GoToMyPC because it enables quick and dirty - almost viral - telework at minimal cost. Workers can work at home ad hoc and keep all their work on one system - the one sitting back at the office. No need to swap the office desktop for a laptop, provide a home office PC or a VPN.

GoToMyPC is secure. The session between the host and remote PC is 128-bit encrypted. What's more, unlike a traditional VPN, GoToMyPC limits the remote worker's access to the host system only. All it's doing is receiving screen images of what's displayed on the host system. (There's a security white paper on the Web site worth checking out.) Of course, you're thinking: What's the point of even having a firewall when everybody can bust through it without my knowledge or permission? True enough. But don't go blaming the technology or your users' freedom to access it. What you're grappling with is a people problem.

If it helps any, access to GoToMyPC can be controlled. Since users need to access the GoToMyPC portal site to get into their host systems, you can simply block their access to the site altogether. An alternative is to buy Expert City's corporate product ($250 per month for 10 users), which includes administrative tools that let you block access to the public portal, as well as control individual users' access.

Join the newsletter!

Error: Please check your email address.
Show Comments