Security Basics mailing list archives
RE: GOTOMYPC Corporate?
From: "Graydon McKee" <graydon.s.mckee.iv () orcmacro com>
Date: Tue, 9 Mar 2004 09:12:00 -0500
We are using it here with pretty good results. One of the benefits is that the user can access their machine from any other machine without the need for special VPN software or hardware. We don't have any issues with HIPAA or PHI so that was never a factor for us. The only thing that causes a concern for me right now is that every machine that has it loaded is constantly connecting to the gotomypc servers via port 8200. gotomypc is rather closed mouthed about this and only indicates that they utilize "unused bandwidth" and this does not cause an issue. Granted that may be the case but I have been concerned when 18% of my current bandwidth consists of these machines connecting to gotomypc even when they are not in use. Since the decision to utilize this software was decided at paygrades above mine, I can only monitor the situation and gather information. When I find issues with its use then I'll make a move to re-evaluate the deployment of gotomypc. Aside from that one issue, our experience has been rather positive. Graydon S McKee IV - GSEC Firewall/Security Administrator ORC Macro - Macro International 11785 Beltsville Drive Calverton, Maryland 20705 301-572-0583 Fax: 301-572-0982 -----Original Message----- From: Scott.Swenka () sunhealth org [mailto:Scott.Swenka () sunhealth org] Sent: Friday, March 05, 2004 12:20 PM To: security-basics () securityfocus com Subject: GOTOMYPC Corporate? So what is the general consensus on GOTOMYPC Corporate? Personally, I don't have alot of trust or warm and fuzzy feelings about it, due to the risks it poses, and the possible potential of PHI (Private/Personal Health Information), and Financial data being leaked out. As well as the concerns with it pertaining to HIPAA compliancy. What is everyones elses feelings on it? Personally, I would rather have them come in on a VPN client, and use a internal VNC (or other remote desktop) solution. Scott C. Swenka Network Security Sun Health Corporation ******************************************************************************* The information contained in this transmission may be legally privileged and/or confidential information. Any dissemination, distribution or copying of this transmission by anyone other than the intended recipient is strictly prohibited. If you receive this in error, please inform the sender immediately and remove any record of this message. ******************************************************************************* --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Attachment:
Graydon McKee.vcf
Description:
Attachment:
smime.p7s
Description:
Current thread:
- GOTOMYPC Corporate? Scott . Swenka (Mar 08)
- RE: GOTOMYPC Corporate? Graydon McKee (Mar 09)
- <Possible follow-ups>
- Re: GOTOMYPC Corporate? pcannon9 (Mar 09)
- RE: GOTOMYPC Corporate? Mark Medici (Mar 09)
- RE: GOTOMYPC Corporate? Christopher Herrmann (Mar 10)
- Re: GOTOMYPC Corporate? Steve Marin (Mar 11)
- RE: GOTOMYPC Corporate? Graydon McKee (Mar 11)