• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

Security Management

Extracts from this document...


Security Management: Instant Messaging Perspective Executive Summary Nowadays, Instant messaging (IM) is used in the corporate environment which is rising rapidly, as organizations welcome to accept IM as a business communications tool. IM promotes cooperation and real-time communication among employees, business partners, and customers. It also brings new threats to local area network security and makes organizations to have a potential risks when employees share illegal or inappropriate content over the internet. Organizations are also faced with reduced employee productivity when IM is used arbitrarily and for personal communications. When use of IM is unmonitored and uncontrolled, it can lead to a significant drain on IT resources, as the IT staff attempt to identify which IM applications are being used and by whom. Moreover, when instant messaging is used to send and receive files, not only can the resulting drain on bandwidth negatively impact network performance, but the files themselves can pose a serious security threat. This report provides information to better understand threats of IM and mitigate its impact to business. The threats of IM are investigated. The trend in growing targets and number of cases are related to IM threats are analyzed. The impacts to business are assessed to identify areas of security management require great concern. Finally, measures are introduced to improve security management such that IM threats become manageable and their impact is reduced. 1. Introduction Today, Instant Messaging (IM) applications have rapidly become accepted by businesses as viable employee communications tools. IM is more instant than email, obviously easy-to-use, and provides the real-time collaboration organizations need to ensure quick judgments and decisions. Using Instant Messaging, organizations and their business partners can make a conference, share files and information easily over the Internet. ...read more.


A targeted Skype user will receive a chat message with the text "Check up this" and a link to a malicious executable called file_01.exe on a website. Once infected, a computer will be at the beck and call of the attacker and the Trojan horse will start sending messages to the victim's Skype contacts to propagate.' Status: Skype warned users against opening the malicious file, take caution in general when opening attachments, and also recommends using antivirus software to check incoming files. Case 3: AIM bot creates "fight combos" to spread (Published date: 18 Sep 2006) Affected: Online attackers have created an instant-messaging bot program for AOL instant messaging that chains together a number of executable files, similar to the combination moves in fight games. Threat type: Worm and Bot Description: 'The software, dubbed the AIM Pipeline worm, uses modular executable files to infect machines with different functionality but also to make the bot network's growth more robust: if a Web site hosting one of the components gets shutdown, the other pieces of the worm can still spread.' Status: America Online has blocked the URLs used in the messages sent by the AIM Pipeline worm. 2.3 Trends l Increase in IM threats 'IM Security Center researchers tracked 33 malicious code attacks over IM networks during the month of September, bringing the 2007 total to 297. This is a 20% increase in IM threats compared with the same time period last year.' (SAN DIEGO -- Akonix Systems, Inc 2007) 'Research also indicates that there are more targets affected by IM threats' (SANS Institute 2006) l New type of IM worms 'New IM worms identified include Agent-GCG, Ataxbot, Exploit-VcardGadget, Focelto, MSNFunny, IMBot, MsnSend, MSN-WhoBlocked, Neeris, Pykse, Skipi, STRATION and Yalove. ...read more.


5. Conclusion Instant messaging has clearly taken off as a means of communication. The ability to communicate in real-time makes it an ideal medium for both business and personal communication. Unfortunately, threats that affect instant messaging already exist today, including worms and vulnerabilities that can give hackers remote access to vulnerable computers and can replicate in seconds can affect more than just instant messaging. Therefore, end users and corporations should employ basic security countermeasure. However, update the patch of product can mitigate the occurrence of threats, but these measures are not enough to prevent the network security. Corporations should have other measures for security such as prevention, detection and incident response. Furthermore, management controls are available to less the impact of IM threats. Once these measures get implement, IM threats must become manageable as a result of reducing the damage of business. Reference 1. Michael E. Whitman and Herbert J. Mattord (2004) Management of Information Security, Boston, Mass.; London: Thomson/Course Technology 2. Joris Evers (2007) New IM worm targets Skype users, Cnet, Available: http://www.zdnet.com.au/news/security/soa/New-IM-worm-targets-Skype-users/0,130061744,339274904,00.htm (17 Apr 2007) 3. Joris Evers (2007) Next-generation Skype Trojan hits web, Silicon, Available: http://software.silicon.com/malware/0,3800003100,39166534,00.htm (26 Mar 2007) 4. (2006) AIM bot creates "fight combos" to spread, Security Focus, Available: http://www.securityfocus.com/brief/305 (18 Sep 2006) 5. San Diego (2007) Akonix Intros IM Security Appliance, Dark Reading, Available: http://www.darkreading.com/document.asp?doc_id=125041&WT.svl=wire_2 (29 MAY, 2007) 6. San Diego (2007) Akonix's Threat Center tracks 33 IM attacks , Dark Reading, Available: http://www.darkreading.com/document.asp?doc_id=135045 (28 Sep 2007) 7. SANS Institute (2006) SANS Top-20 Internet Security Attack Targets, Available: http://www.sans.org/top20/ (15 Nov 2006) 8. Symantec (2006) Protect Your Business from Instant Messaging Threats, Available: http://www.symantec.com/business/library/article.jsp?aid=instant_messaging_threats (11 Jul 2006) 9. Symantec (2007) Internet Security Threat Report 2007, Avalable: http://tc.imlogic.com/threatcenterportal/pubIframe.aspx (13 Jun 2007) Word Count: 2750 ?? ?? ?? ?? Jennifer Sanders 1 ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our AS and A Level Design and Technology section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related AS and A Level Design and Technology essays

  1. Science Behind F1 Aerodynamic Features.

    Resultantly, aerodynamicists typically find it sufficient to estimate an overall coefficient of drag for these cars. The following equation4, which incorporates the effects of all three drag types, is used to determine this data. F = 0.5CdAV2, where F - Aerodynamic drag Cd - Coefficient of drag D - Air

  2. Light & artificial lighting systems

    It is possible to use these features as beneficial aspects when in the design build process of the building; however these elements do not come cheap. A more than common procedure to overcome the uncomfortable heat caused by solar gain is to install air conditioning and air handling units for the larger building.

  1. Free essay

    Buiklding service

    The pipe work for water based systems may be arranged as either a one pipe or two piped system. In my dwelling a two pipe system is used. The two pipe system, which is shown above is more efficient than the single pipe loop.

  2. Free essay

    Systems Case Study

    The information, which I have processed and explained on the page before, will be gathered and collected using a number of sources, both primary and secondary. My main source of information will be through an interview with the head of the I.T.

  1. Jared Diamond versus Charles Mann on the Sophistication of Metalwork in Native America

    The Natives knew about the European technique of "pouring molten alloys into shaped molds" (2), but they "vastly preferred to hammer metal into thin sheets, form the sheets around molds, and solder the results" (2). The Incas employed metallurgical processes such as "alloying, casting, cloisonn´┐Ż, hammering, incrustation, inlay, repouss´┐Ż, riveting, smelting, and soldering" (2).

  2. Research in the uses of silicon

    Silicon is commonly doped, or mixed, with other elements, such as boron, phosphorous and arsenic, to alter its conductive properties1 . In its elemental crystalline form, silicon has a gray color and a metallic luster which increases with the size of the crystal.

  1. It is important that Sarah is blind having access to speech and Braille output ...

    Braille has been essential in her professional life. Not only has her ability to read and write allowed her to mix skilfully and confidently in different work and intellectual environments, but it has helped her express herself in written form and perform any number of tasks, ranging from drafting the minutes, reports, and all other documents associated with

  2. In this part of the evaluation I have commented the good points about each ...

    It's only supposed to be quick and easy. Generation of idea's This I think is one of the best pieces of work I have done the in the folder because it is neat and tidy but full. The drawings are good and the annotation is thorough.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work