• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

Security Management

Extracts from this document...


Security Management: Instant Messaging Perspective Executive Summary Nowadays, Instant messaging (IM) is used in the corporate environment which is rising rapidly, as organizations welcome to accept IM as a business communications tool. IM promotes cooperation and real-time communication among employees, business partners, and customers. It also brings new threats to local area network security and makes organizations to have a potential risks when employees share illegal or inappropriate content over the internet. Organizations are also faced with reduced employee productivity when IM is used arbitrarily and for personal communications. When use of IM is unmonitored and uncontrolled, it can lead to a significant drain on IT resources, as the IT staff attempt to identify which IM applications are being used and by whom. Moreover, when instant messaging is used to send and receive files, not only can the resulting drain on bandwidth negatively impact network performance, but the files themselves can pose a serious security threat. This report provides information to better understand threats of IM and mitigate its impact to business. The threats of IM are investigated. The trend in growing targets and number of cases are related to IM threats are analyzed. The impacts to business are assessed to identify areas of security management require great concern. Finally, measures are introduced to improve security management such that IM threats become manageable and their impact is reduced. 1. Introduction Today, Instant Messaging (IM) applications have rapidly become accepted by businesses as viable employee communications tools. IM is more instant than email, obviously easy-to-use, and provides the real-time collaboration organizations need to ensure quick judgments and decisions. Using Instant Messaging, organizations and their business partners can make a conference, share files and information easily over the Internet. ...read more.


A targeted Skype user will receive a chat message with the text "Check up this" and a link to a malicious executable called file_01.exe on a website. Once infected, a computer will be at the beck and call of the attacker and the Trojan horse will start sending messages to the victim's Skype contacts to propagate.' Status: Skype warned users against opening the malicious file, take caution in general when opening attachments, and also recommends using antivirus software to check incoming files. Case 3: AIM bot creates "fight combos" to spread (Published date: 18 Sep 2006) Affected: Online attackers have created an instant-messaging bot program for AOL instant messaging that chains together a number of executable files, similar to the combination moves in fight games. Threat type: Worm and Bot Description: 'The software, dubbed the AIM Pipeline worm, uses modular executable files to infect machines with different functionality but also to make the bot network's growth more robust: if a Web site hosting one of the components gets shutdown, the other pieces of the worm can still spread.' Status: America Online has blocked the URLs used in the messages sent by the AIM Pipeline worm. 2.3 Trends l Increase in IM threats 'IM Security Center researchers tracked 33 malicious code attacks over IM networks during the month of September, bringing the 2007 total to 297. This is a 20% increase in IM threats compared with the same time period last year.' (SAN DIEGO -- Akonix Systems, Inc 2007) 'Research also indicates that there are more targets affected by IM threats' (SANS Institute 2006) l New type of IM worms 'New IM worms identified include Agent-GCG, Ataxbot, Exploit-VcardGadget, Focelto, MSNFunny, IMBot, MsnSend, MSN-WhoBlocked, Neeris, Pykse, Skipi, STRATION and Yalove. ...read more.


5. Conclusion Instant messaging has clearly taken off as a means of communication. The ability to communicate in real-time makes it an ideal medium for both business and personal communication. Unfortunately, threats that affect instant messaging already exist today, including worms and vulnerabilities that can give hackers remote access to vulnerable computers and can replicate in seconds can affect more than just instant messaging. Therefore, end users and corporations should employ basic security countermeasure. However, update the patch of product can mitigate the occurrence of threats, but these measures are not enough to prevent the network security. Corporations should have other measures for security such as prevention, detection and incident response. Furthermore, management controls are available to less the impact of IM threats. Once these measures get implement, IM threats must become manageable as a result of reducing the damage of business. Reference 1. Michael E. Whitman and Herbert J. Mattord (2004) Management of Information Security, Boston, Mass.; London: Thomson/Course Technology 2. Joris Evers (2007) New IM worm targets Skype users, Cnet, Available: http://www.zdnet.com.au/news/security/soa/New-IM-worm-targets-Skype-users/0,130061744,339274904,00.htm (17 Apr 2007) 3. Joris Evers (2007) Next-generation Skype Trojan hits web, Silicon, Available: http://software.silicon.com/malware/0,3800003100,39166534,00.htm (26 Mar 2007) 4. (2006) AIM bot creates "fight combos" to spread, Security Focus, Available: http://www.securityfocus.com/brief/305 (18 Sep 2006) 5. San Diego (2007) Akonix Intros IM Security Appliance, Dark Reading, Available: http://www.darkreading.com/document.asp?doc_id=125041&WT.svl=wire_2 (29 MAY, 2007) 6. San Diego (2007) Akonix's Threat Center tracks 33 IM attacks , Dark Reading, Available: http://www.darkreading.com/document.asp?doc_id=135045 (28 Sep 2007) 7. SANS Institute (2006) SANS Top-20 Internet Security Attack Targets, Available: http://www.sans.org/top20/ (15 Nov 2006) 8. Symantec (2006) Protect Your Business from Instant Messaging Threats, Available: http://www.symantec.com/business/library/article.jsp?aid=instant_messaging_threats (11 Jul 2006) 9. Symantec (2007) Internet Security Threat Report 2007, Avalable: http://tc.imlogic.com/threatcenterportal/pubIframe.aspx (13 Jun 2007) Word Count: 2750 ?? ?? ?? ?? Jennifer Sanders 1 ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our AS and A Level Design and Technology section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related AS and A Level Design and Technology essays

  1. Jared Diamond versus Charles Mann on the Sophistication of Metalwork in Native America

    The reader is naturally inclined to choose the Europeans as the superior workers in metal because of their exposure to other cultures' advancements and favorable geography; however, Diamond's underestimation of the Natives takes away from his argument because he dismisses anthropological evidence.

  2. Were developing a shoe removal detector which identifies and notifies a person entering the ...

    Risks recording our own voice could be harder should play the appropriate messages. Time finish it before week 10. Need to put more effort on it. (Estimated time: 25 hours) Preparation of Final report and demonstration The final report to be completed by 16th October 2009 Preparation for the Final

  1. Light & artificial lighting systems

    To help prevent this, double glazing and adequate ventilation would be required and to be installed throughout. Whilst in the summer and hotter months, the heat of the sun may give rise to heat gain and may overheat the building causing suffering to the occupants, during the evening the building may loose the heat gained during the day.

  2. Robotics.There are many different types of robots used to do many different types of ...

    Also what is more important is that the robot load capability includes the weight of the end-effecter, which is sometimes considered as well as the maximum total weight of the actual work piece. The first industrial robot was created by Unimat and was purchased by the Ford Company in 1961.

  1. Science Behind F1 Aerodynamic Features.

    _______________________________________________________________________________________ Figure 3: Comparison of unconstrained fluid flow behaviors over a pointed, circular and teardrop shape The final type of drag is Induced Drag. It is noted as such because it is caused by or "induced" by the lift on the wings.3 Induced drag is an unfavorable and unavoidable byproduct of lift (or downforce).

  2. How do you use ergonomics?

    This awareness of people's requirements resulted in the discipline of ergonomics. Size and shape Some years ago, researchers compared the relative positions of the controls on a lathe with the size of an average male worker. It was found that the lathe operator would have to stoop and move from side to side to operate the lathe controls.

  1. My aim for this project is to design and construct a fully functioning alarm ...

    Hu As Integer Dim Ht As Integer Dim C As Integer Dim Settime As Integer Out $34 , $ff Out $3a , $ff Do For Ht = 0 To 2 For Hu = 0 To 9 If Ht = 2 And Hu = 4 Then Ht = 0 Hu =

  2. The proposed design project is to design, produce and evaluate an innovative recycled clock, ...

    Conclusion: - I am going to use the machine for cutting the plywood to shape. This will allow me a greater degree of accuracy. Test # 5 (i) Aim: - Test stapling of plywood to back supporting piece, hopefully it will be a success.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work