?
Solved

Security threat from IM use?

Posted on 2004-04-28
7
Medium Priority
?
336 Views
Last Modified: 2010-04-11
I am trying to get a sense for the security threat my organization's network is exposed to by the use of IM clients such as AIM and Yahoo IM and what I can do about it.  This is a 2 part question:
1) What is the security threat to the network that arises from IM?
2) Are any IM clients available that contain or minimize the risks?

Thanks,

Greg
0
Comment
Question by:gregdaly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 2

Assisted Solution

by:LeftofCool
LeftofCool earned 400 total points
ID: 10943956
You should check out these two analyses:

Symantec's Analysis (PDF)
http://securityresponse.symantec.com/avcenter/reference/threats.to.instant.messaging.pdf

Security Focus' Analysis (Brief)
http://www.securityfocus.com/infocus/1657



0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10945146
As the articles state, it's really up to you to decide, every piece of software is a calculated security risk. We are a big Dot Com and we log every conversation, and users are well aware of this. No one has the time to go through them an see what's being said, but we have scripts that alert us to certain key words. We are able to detect and block the encrypted IM's- we do not allow IM file transfers (a very involved process) and we try to keep users on MSN and AIM. While both have been exploited in the past, and may again in the future, we feel the risk is minimal in our structure, as the users are segmented very well away from our critical network's. I'm not sure that any really minmize the risks...
Good links!
-rich
0
 
LVL 3

Author Comment

by:gregdaly
ID: 10945303
Thanks for the comments and for the links to the articles.  Do you have any thoughts on the use of Enterprise versions of AIM or Yahoo IM?  Would they address most or all concerns? Are they worth the cost?
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 2

Expert Comment

by:Phill_upson
ID: 10954105
As mentioned before, everything carries a risk, especially software designed to work over tcp/ip and open up ports.

The most important thing to bear in mind is keeping your IM clients and operating systems patched up to date to minimise the risk.

Do you need your IM clients to access the outside world or just as a communication tool within your organisation?

IRC is a good IM system where users log onto a network (made up of one or multiple interlinked servers) and can join chat rooms with many users, have private conversations and exchange files.  IRC has been in development for years and years and due to the basic nature of the protocol doesn't really have a lot of options for hacking it.  The biggest risks are your users accept files containing virii and run them manually or voluntarily start sending files out containing corporate data, by default, no file transfers are automatic and automating them requires a fair amount of effort.

The most popular irc client for windows is mIRC - www.mirc.co.uk and for linux/windows/apple systems - www.bitchx.org
As for server platforms most run under linux and are free (including source code) - find many linux server apps at www.ibiblio.org

Hope some of this helps
0
 
LVL 7

Expert Comment

by:shahrial
ID: 10954727
You may want to consider IBM Lotus Sametime as a corporate IM solution...
http://www.lotus.com/products/lotussametime.nsf/wdocs/homepage

0
 
LVL 3

Author Comment

by:gregdaly
ID: 10959325
Again, thanks.

The need is primarily for IM with the outside world, and the specific targets all use AIM.  It's a newspaper situation - and some of the story writers increasingly need to keep in contact with their sources of news using IM.

I recognize that we can't turn back the tide - but I have to get some control - logging, monitoring, etc..  That's why I am interested in an enterprise version - but I haven't found anyone who can testify to its value.

Any ideas?
0
 
LVL 2

Accepted Solution

by:
Phill_upson earned 100 total points
ID: 10960213
Alas, I haven't used corporate AIM, however, if its a licensed product that you will be using on a scale of more than 5 users, i'd certainly contact the manufacturer, explain your interest and ask for a trial, if they stand to make some money, not many will say no, added to this their support during your trial will probably be second to none to ensure they get the business, best recommendations always come from testing yourself.

Good luck!!!
0

Featured Post

Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
What we learned in Webroot's webinar on multi-vector protection.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question