Solved

Security threat from IM use?

Posted on 2004-04-28
7
331 Views
Last Modified: 2010-04-11
I am trying to get a sense for the security threat my organization's network is exposed to by the use of IM clients such as AIM and Yahoo IM and what I can do about it.  This is a 2 part question:
1) What is the security threat to the network that arises from IM?
2) Are any IM clients available that contain or minimize the risks?

Thanks,

Greg
0
Comment
Question by:gregdaly
7 Comments
 
LVL 2

Assisted Solution

by:LeftofCool
LeftofCool earned 200 total points
ID: 10943956
You should check out these two analyses:

Symantec's Analysis (PDF)
http://securityresponse.symantec.com/avcenter/reference/threats.to.instant.messaging.pdf

Security Focus' Analysis (Brief)
http://www.securityfocus.com/infocus/1657



0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10945146
As the articles state, it's really up to you to decide, every piece of software is a calculated security risk. We are a big Dot Com and we log every conversation, and users are well aware of this. No one has the time to go through them an see what's being said, but we have scripts that alert us to certain key words. We are able to detect and block the encrypted IM's- we do not allow IM file transfers (a very involved process) and we try to keep users on MSN and AIM. While both have been exploited in the past, and may again in the future, we feel the risk is minimal in our structure, as the users are segmented very well away from our critical network's. I'm not sure that any really minmize the risks...
Good links!
-rich
0
 
LVL 3

Author Comment

by:gregdaly
ID: 10945303
Thanks for the comments and for the links to the articles.  Do you have any thoughts on the use of Enterprise versions of AIM or Yahoo IM?  Would they address most or all concerns? Are they worth the cost?
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 2

Expert Comment

by:Phill_upson
ID: 10954105
As mentioned before, everything carries a risk, especially software designed to work over tcp/ip and open up ports.

The most important thing to bear in mind is keeping your IM clients and operating systems patched up to date to minimise the risk.

Do you need your IM clients to access the outside world or just as a communication tool within your organisation?

IRC is a good IM system where users log onto a network (made up of one or multiple interlinked servers) and can join chat rooms with many users, have private conversations and exchange files.  IRC has been in development for years and years and due to the basic nature of the protocol doesn't really have a lot of options for hacking it.  The biggest risks are your users accept files containing virii and run them manually or voluntarily start sending files out containing corporate data, by default, no file transfers are automatic and automating them requires a fair amount of effort.

The most popular irc client for windows is mIRC - www.mirc.co.uk and for linux/windows/apple systems - www.bitchx.org
As for server platforms most run under linux and are free (including source code) - find many linux server apps at www.ibiblio.org

Hope some of this helps
0
 
LVL 7

Expert Comment

by:shahrial
ID: 10954727
You may want to consider IBM Lotus Sametime as a corporate IM solution...
http://www.lotus.com/products/lotussametime.nsf/wdocs/homepage

0
 
LVL 3

Author Comment

by:gregdaly
ID: 10959325
Again, thanks.

The need is primarily for IM with the outside world, and the specific targets all use AIM.  It's a newspaper situation - and some of the story writers increasingly need to keep in contact with their sources of news using IM.

I recognize that we can't turn back the tide - but I have to get some control - logging, monitoring, etc..  That's why I am interested in an enterprise version - but I haven't found anyone who can testify to its value.

Any ideas?
0
 
LVL 2

Accepted Solution

by:
Phill_upson earned 50 total points
ID: 10960213
Alas, I haven't used corporate AIM, however, if its a licensed product that you will be using on a scale of more than 5 users, i'd certainly contact the manufacturer, explain your interest and ask for a trial, if they stand to make some money, not many will say no, added to this their support during your trial will probably be second to none to ensure they get the business, best recommendations always come from testing yourself.

Good luck!!!
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
NAS - HP DataVault X510 and Windows Home Server 14 46
Should One Always Sign Out Of Admin User A/C 5 66
User Level Security 6 38
IPSec Site to Site VPN Topology 6 23
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
The 21st century solution to antiquated pagers.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question