Our IT department uses TeamViewer to provide support to users at remote locations. More recently we've noticed that users are using TeamViewer to get support for their lab equipment from vendors.
Though I support the idea, it does bug me a little bit that someone could either accidentally or maliciously leave a session open, even though they're no local administrator, and thus create a hole in the firewall. In other words, this seems like a mayor security issue to me.
So my question is how do other organizations handle these type of tunneling applications (e.g. TeamViewer, WebEx, GoToMeeting, and TOR)? And has anyone suggestions as how one can regulate/govern these applications and still continue to use it for proper scenario's?