Business Software Alliance www.bsa.org <http://www.bsa.org/> these guys are the #1 software compliance and anti-piracy organization world-wide. They can come in and audit any organization for proper software use and licensing. They currently use Centennial Discovery software for their audits. They are out there to protect the rights of software companies like Microsoft get all the money from people who use their stuff.
________________________________ From: David Lum [mailto:david....@nwea.org] Sent: Tuesday, December 30, 2008 6:42 AM To: NT System Admin Issues Subject: RE: LogMeIn BSA? From: Dallas Burnworth [mailto:dallas.burnwo...@zones.com] Sent: Tuesday, December 30, 2008 6:35 AM To: NT System Admin Issues Subject: RE: LogMeIn Exactly. I would add to that list * Free to use, but how much does it cost you if it stops working correctly? * What will your auditors or the BSA think of the setup? (It would be very interesting to see their recommendation.) * Does the company actually have a paid and supported version? That is usually an indicator that the "free" version is for personal use only-not business/organizational use. ________________________________ From: Derek Lidbom [mailto:dlid...@trone.com] Sent: Tuesday, December 30, 2008 6:19 AM To: NT System Admin Issues Subject: RE: LogMeIn * What about the fact that it bypasses (using encrypted traffic even) any protections you have in place to filter/monitor/scan traffic passing through your gateway? * It introduces a new attack vector (files can get on that computer in ways they couldn't have before). * You are trusting logmein with credentials that allow access to your internal network. Companies bigger than them get usernames/passwords stolen. * You have less logging of intrusion attempts (to my knowledge) than if you were going through your own equipment * It is another piece of software to keep updated on your clients * How do you protect the usernames/passwords users use to access logmein? (hopefully any vpn solution would have two-factor auth so creds aren't a free path in to your network). I know they have some sort of two factor integration options, but I don't think it's at the first username/password prompt. From: John Cook [mailto:john.c...@pfsf.org] Sent: Tuesday, December 30, 2008 9:04 AM To: NT System Admin Issues Subject: RE: LogMeIn Is there some verbatim in the LogMeIn agreement that says for personal use only? This sounds like business use to me.... >;-) John W. Cook Systems Administrator Partnership For Strong Families 315 SE 2nd Ave Gainesville, Fl 32601 Office (352) 393-2741 x320 Cell (352) 215-6944 Fax (352) 393-2746 MCSE, MCTS, MCP+I,CompTIA A+, N+ From: David Lum [mailto:david....@nwea.org] Sent: Tuesday, December 30, 2008 9:02 AM To: NT System Admin Issues Subject: LogMeIn I work for a company with ~300 employees, is there a reason to discourage a few of our employees from installing LogMeIn Free on their systems so they can remote control their work machine and bypass the need to use a VPN license? I've used LogMeIn Free for years to connect to all my own business clients, but it's one thing to use it myself and small businesses, another to recommend it's use to a larger company with resources for VPN, etc. My kneejerk reaction is "no", but damned if I can come up with a viable excuse for that opinion. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ________________________________ CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Derek Lidbom Director of Technology and Interactive Development, Trone 336.812.2010 dlid...@trone.com <http://www.trone.com/> Confidentiality Notice: This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please notify me immediately by replying to this message and deleting it from your computer. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~