Wednesday, September 08, 2010      


QUESTION

We are a small company, and have recently installed IM. Should I be worried about security risks, if so, what can I do to combat these, and ensure the safety of our information?


Asked by:   Kellie Gage ? Antalis Ltd


  Mike Smart, European Product Marketing Manager, Secure Computing

I would advise that you only allow IM if you have you have an efficient security practices in place, and able to scan all IM traffic in terms of security, data leakage and compliancy. At worst, you should ensure that your desktops and laptops using IM have up to date AV installed, as well as anti-malware to provide a more succinct level of protection.

By its very nature, and unlike email, IM bypasses standard parameter security defences, as the message pops directly onto the desktop without the need to open a messaging application - promiscuous Trojan worms and viruses alike, are then able to infect via IM without even a ?click? from the user, as was the age-old caveat with email based malicious code, such as spam.

If you are also worried about information leaking, then you should look for a remedy that can detect for unstructured data (such as Word documents containing complex text patterns and paragraphs) across all common IM clients.

As for liability, I would recommend that you also use a system that monitors conversations and can also rebuild conversations in the event of the need to delve deeper into forensic audit trails, to track if confidential material has indeed exited your network without the proper authentication.

Crucially, a careless use of IM poses serious long-term security and compliance vulnerabilities, so forming policy decisions early in preparation for every IM eventuality is paramount.



  Tim Eades, Senior Vice President of Sales and Marketing, Sana Security

Instant Messenger opens doors and windows into an organization that few security companies can do anything about. With all products such as this there is a trade off between productivity of the organization and the security posture required to maintain operations. IM does have employee productivity benefits.

To combat the risks of allowing IM inside an organization and to protect the information of the company I would recommend you leverage products from Facetime or Barracuda Networks that can track messages, prohibit content and the distribution of malicious code.



  Mikko Hypponen, Director of Anti-Virus Research, F-Secure Corporation

AWAITING ANSWER