Best of 2006: Instant messaging

In today's communication-needy world, instant messaging (IM) is used by millions. Analysts believe that instant messaging traffic will exceed email traffic by the end of this year. And this means cybercriminals are likely to use IM to orchestrate attacks on a scale not yet seen in the security world.

And the IM headache is further compounded by the fact that it can be used on virtually all platforms, including handheld devices. A growing number of business users are taking advantage of unsecured consumer IM services and exposing their organizations to technical, business and legal risks.

As a rule, corporate policies are the best way to prevent employees using IM. At the very least, companies should implement appropriate guidelines for use. The SANS Institute recommends that administrators run routine audits of firewall and proxy logs to enforce IM usage policy. Security pros should also ensure that any installed messenger software is up to date with all vendor patches.

To clamp down on IM use, administrators could restrict the users' ability to install software on their workstation. Correctly configuring intrusion detection systems to alert on any file transfers that use IM programs, can also harden the network. Additionally, filtering all HTTP traffic through an authenticating proxy server will let administrators filter IM traffic.

Best Buy
Enterprise Instant Messenger
Vendor: MessageLabs  
Verdict: Very intuitive, yet comprehensive IM security solution. An excellent offering.  

FaceTime Enterprise Edition 
Vendor: FaceTime
Verdict: An extremely configurable instant messaging security appliance.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.