Jennifer Sanders

Security Management: Instant Messaging Perspective

Executive Summary

Nowadays, Instant messaging (IM) is used in the corporate environment which is rising rapidly, as organizations welcome to accept IM as a business communications tool. IM promotes cooperation and real-time communication among employees, business partners, and customers. It also brings new threats to local area network security and makes organizations to have a potential risks when employees share illegal or inappropriate content over the internet.

Organizations are also faced with reduced employee productivity when IM is used arbitrarily and for personal communications. When use of IM is unmonitored and uncontrolled, it can lead to a significant drain on IT resources, as the IT staff attempt to identify which IM applications are being used and by whom. Moreover, when instant messaging is used to send and receive files, not only can the resulting drain on bandwidth negatively impact network performance, but the files themselves can pose a serious security threat.

This report provides information to better understand threats of IM and mitigate its impact to business. The threats of IM are investigated. The trend in growing targets and number of cases are related to IM threats are analyzed. The impacts to business are assessed to identify areas of security management require great concern. Finally, measures are introduced to improve security management such that IM threats become manageable and their impact is reduced.

1. Introduction

Today, Instant Messaging (IM) applications have rapidly become accepted by businesses as viable employee communications tools. IM is more instant than email, obviously easy-to-use, and provides the real-time collaboration organizations need to ensure quick judgments and decisions.

Using Instant Messaging, organizations and their business partners can make a conference, share files and information easily over the Internet. Furthermore, within the organization, IM conversations among project team members can resolve issues and questions in an instantsomething that might have taken a series of emails, telephone calls, or face-to-face meetings to carry out. IM can be used to provide immediate replies to requests. It can also help promote personal relationships with customers and remote employees, and assist customers in completing transactions with Web-based businesses. This report is shown the concern of security of IM and gives some countermeasure to deal with IM threats.

2. Findings and Analysis

2.1 What threats are related to Instant Messaging?

l  Worms

A worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes and it may do without any user participation. In case of instant messaging, antivirus software does not currently monitor traffic at OSI Model-network layer. If a worm starts to spread via instant messaging, it cannot be stopped before it reached the remote's computer. Dissimilar a virus, it does not need to attach itself to an existing application or program. Worm almost always causes damage to the network when it drains the network bandwidth. On the contrary, virus almost always corrupt or modify files on a targeted computer.

The number of instant messaging worms is rising steadily. This is made clear when one considers the list of recent IM worms:

n dubbed Pykse.A (16 April 2007)

n W32/Rbot-GRS (26 June 2007)

However, a few antivirus applications can plug in to instant messaging clients for scanning files when they are received. The lack of applications scanning instant messaging network traffic is partly due to the difficulty in monitoring instant messaging traffic so that the antivirus product running at the desktop level can catch the worms.

Join now!

l Backdoor Trojan Horses

Instant messaging clients allow peer-to-peer file sharing, the instant messaging client to share all files on the system with full access to everyone can be configured by a Trojan Horse and in this way gain backdoor access to the computer. Moreover, the victim computer is on-line; a notification will be send to hacker automatically. So hacker can keeps track and accesses the infected computer easily. Besides, the hacker does not need to open new suspicious ports for communication in that hacker can instead use already open instant messaging ports.

Classic backdoor trojans open an outgoing ...

This is a preview of the whole essay