Solved

Security threat from IM use?

Posted on 2004-04-28
7
326 Views
Last Modified: 2010-04-11
I am trying to get a sense for the security threat my organization's network is exposed to by the use of IM clients such as AIM and Yahoo IM and what I can do about it.  This is a 2 part question:
1) What is the security threat to the network that arises from IM?
2) Are any IM clients available that contain or minimize the risks?

Thanks,

Greg
0
Comment
Question by:gregdaly
7 Comments
 
LVL 2

Assisted Solution

by:LeftofCool
LeftofCool earned 200 total points
Comment Utility
You should check out these two analyses:

Symantec's Analysis (PDF)
http://securityresponse.symantec.com/avcenter/reference/threats.to.instant.messaging.pdf

Security Focus' Analysis (Brief)
http://www.securityfocus.com/infocus/1657



0
 
LVL 38

Expert Comment

by:Rich Rumble
Comment Utility
As the articles state, it's really up to you to decide, every piece of software is a calculated security risk. We are a big Dot Com and we log every conversation, and users are well aware of this. No one has the time to go through them an see what's being said, but we have scripts that alert us to certain key words. We are able to detect and block the encrypted IM's- we do not allow IM file transfers (a very involved process) and we try to keep users on MSN and AIM. While both have been exploited in the past, and may again in the future, we feel the risk is minimal in our structure, as the users are segmented very well away from our critical network's. I'm not sure that any really minmize the risks...
Good links!
-rich
0
 
LVL 3

Author Comment

by:gregdaly
Comment Utility
Thanks for the comments and for the links to the articles.  Do you have any thoughts on the use of Enterprise versions of AIM or Yahoo IM?  Would they address most or all concerns? Are they worth the cost?
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 2

Expert Comment

by:Phill_upson
Comment Utility
As mentioned before, everything carries a risk, especially software designed to work over tcp/ip and open up ports.

The most important thing to bear in mind is keeping your IM clients and operating systems patched up to date to minimise the risk.

Do you need your IM clients to access the outside world or just as a communication tool within your organisation?

IRC is a good IM system where users log onto a network (made up of one or multiple interlinked servers) and can join chat rooms with many users, have private conversations and exchange files.  IRC has been in development for years and years and due to the basic nature of the protocol doesn't really have a lot of options for hacking it.  The biggest risks are your users accept files containing virii and run them manually or voluntarily start sending files out containing corporate data, by default, no file transfers are automatic and automating them requires a fair amount of effort.

The most popular irc client for windows is mIRC - www.mirc.co.uk and for linux/windows/apple systems - www.bitchx.org
As for server platforms most run under linux and are free (including source code) - find many linux server apps at www.ibiblio.org

Hope some of this helps
0
 
LVL 7

Expert Comment

by:shahrial
Comment Utility
You may want to consider IBM Lotus Sametime as a corporate IM solution...
http://www.lotus.com/products/lotussametime.nsf/wdocs/homepage

0
 
LVL 3

Author Comment

by:gregdaly
Comment Utility
Again, thanks.

The need is primarily for IM with the outside world, and the specific targets all use AIM.  It's a newspaper situation - and some of the story writers increasingly need to keep in contact with their sources of news using IM.

I recognize that we can't turn back the tide - but I have to get some control - logging, monitoring, etc..  That's why I am interested in an enterprise version - but I haven't found anyone who can testify to its value.

Any ideas?
0
 
LVL 2

Accepted Solution

by:
Phill_upson earned 50 total points
Comment Utility
Alas, I haven't used corporate AIM, however, if its a licensed product that you will be using on a scale of more than 5 users, i'd certainly contact the manufacturer, explain your interest and ask for a trial, if they stand to make some money, not many will say no, added to this their support during your trial will probably be second to none to ensure they get the business, best recommendations always come from testing yourself.

Good luck!!!
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now