Main Nav

For years we have prohibited the use/installation of remote access/remote control programs on our institutionally owned computers.  GoToMyPC was one of the first services that prompted us to declare a policy about this kind of service but with the onslaught of BYOD the number of these services and the interest that employees have in remote access has increased significantly.  Specifically, the convenience of being able to get the near-equivalent of your desktop on an iPad is very compelling for these kinds of users.

 

Originally, our concern was with third-party access potential (i.e. was the company behind GoToMyPC really ensuring that security best practices were being applied to the connections established through their infrastructure).  This concern has been addressed over the years by the service providers but we are still very skeptical about the practice of needing to have a computer “listening” for a connection to be established from a remote device over which we have no control from an end-point security perspective.

 

The services we have found some users installing include PocketCloud, GoToMyPC, LogMeIn, VNC etc.  Our institutionally owned desktop computer users do not have administrative privileges, so they typically do not install the server components for these services.  However, laptop users are administrative users because they are often the users who have legitimate reasons for administrative privileges – so it is with this group of users where we find the prohibited programs.  When we find these programs installed we require that they be uninstalled and remind the user that we do provide VPN connectivity and RDP access to a terminal server.  But that does not truly give the user access to the computer resources they have on the computer (in most cases a laptop) that they have while working from their desk.

 

My questions:

 

1.       Are we being overly restrictive to prohibit external connections to institutionally owned computers?

2.       Do other institutions typically prohibit the user of remote access programs like GoToMyPC, LogMeIn, PocketCloud or others that are essentially VNC products?

3.       Do any institutions permit (condone?) the use of any specific remote access programs and, if so, what policies or best practice statements are enforced to accompany these activities?

 

Thanks for any perspectives you can provide.

 

Jack

 

Jack Rutt
Director Information Systems
Eastern Mennonite University, 1200 Park Road, Harrisonburg, VA 22802
540-432-4478 (desk), 540-432-4444 (fax), 540-578-1782 (mobile)

Comments

Hi Jack,
Not certain if it were here or another list, but this topic has come up now and again.  Here at AU, we block access to those sites from the Administrative networks.   Our reasoning is that we do not want people to have access to the ERP system functions that are not web-based from off-campus, unless it is specifically authorized.  For very special users we allow VPN with two-factor authentication to access the ERP system directly. 

What with one thing and another (byod, so-called borderless networks), not certain how much longer this will make sense.
best,
Dennis Bohn
Manager of Network and Systems
Adelphi University
bohn@adelphi.edu
5168773327


Close
Close


Annual Conference
September 29–October 2
View Proceedings

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.