How to Provide Protection Against Instant Messenger Vulnerabilities on a Network

Instant Messaging is becoming a widely accepted method of communication for business use. While email has made communications significantly easier, many organizations are authorizing use of Instant Messaging to decrease the amount of time it takes to send communication from one user to another.

Instant Messaging Security Risks

The increased use of Instant Messaging has also increased the security risks for both organizations and individual users. Malicious attacks that enter the network from the Internet also include attacks on Instant Messaging which can trap users into revealing sensitive information. The malicious attacks can include malware that can enter the system through applications vulnerabilities and denial of service attacks. Information confidentiality can be at risk when passing through multiple points during the communication process.

How to Provide Protection Against IM Vulnerabilities

There are several Instant Messaging security measures that organizations can use to provide protection against Instant Messaging Vulnerabilities:

  • Commercial Grade Proxy: It is a good idea to implement a commercial grade Instant Messenger proxy server. This is an internal server that does not have to rely on an external server for IM service.
  • Block Access: Block access to public instant messaging servers that are not authorized by the organization, as well as all popular instant messaging ports.
  • Restrict Software Downloads: Restrict the ability to download software to one or two administrators. If for some reason, a user requires administrator privileges, the system administrator can create an isolated account for that user to perform daily work functions.
  • Update Patches: Make sure vendor patches for recent vulnerability discoveries are installed and applied to Instant Messaging software, as well as the other applications IM uses and the operating system.
  • Intrusion Detection: Configure the intrusion detection system to include Instant Messaging applications which detect a program that may be disguising itself as legitimate traffic. Set up a monitoring system to prevent intruders from creating tunnels that bypass proxy servers.
  • Security Products: Install applications that are specifically designed to monitor and protect Instant Messaging security.
  • Use an Authenticating Proxy Server: An authenticating proxy server allows you to filter all Internet traffic including filtering and monitoring Instant Messaging traffic.
  • Encourage Shared Files Deletion: Train the organization to delete shared files before terminating an Instant Messaging session. Shared files left on the server can be intercepted by intruders.
  • Use Passwords: Employ passwords that help to protect group sessions and business presentations. You can also supplement it with a Non-Disclosure Responsibility Agreement.

Although Instant Messaging security provides an added responsibility for organizations, IM attacks are following the same path as other attacks on email and other applications that business people are using to speed up the communication process. The attacks are also faster due to the real-time capability of Instant Messaging.

(0 Comments)
Log in or sign up to comment.

Post a comment

Log in or sign up to comment.
Identity theft comes in many forms.

A person\92s identity can be 'borrowed' for the purpose of creating fictional credit cards or a person\92s entire identity can be usurped to the point where they can have difficulty proving that they really are who they claim to be.

Up to 18% of identity theft victims take as long as four years to realize that their identity has been stolen.

There are many ways to protect your personal identity and many steps you can take to prevent your identity from being stolen:

*Never give out unnecessary personal information
*Never provide bank details or social security numbers over the Internet
*Always remain aware of who is standing behind you when you type in your personal credit codes at ATM machines and at supermarket checkout swipe machines.