AT&T Tech Support 360
- Related Stories
-
AOL clarifies IM privacy guarantee
March 14, 2005 -
RIM to bring AOL, Yahoo IMs to BlackBerry
March 14, 2005 -
Microsoft to punch up corporate IM
March 6, 2005 -
Triple threat: IM viruses get big jump on 2005
February 14, 2005 -
MSN Messenger hit by double-whammy worm
February 3, 2005
A report released Wednesday by SurfControl contends that a sizeable number of U.S. businesses have yet to formulate or put into practice any official guidelines for dictating how workers may use IM on their networks. A recent survey conducted by the IT security company found that 90 percent of the 7,500-plus businesses it spoke with have established policies to manage the use of e-mail, but 49 percent have no official rules in place to govern IM and peer-to-peer software usage.
Companies that fail to address the issue are increasingly susceptible to attacks, as a new crop of threats delivered via IM has appeared over the last several months.
"Instant messaging may be viewed as convenient to end users, but the business costs are too great to leave IM usage unchecked by security policy," Jim Murphy, director of product marketing for SurfControl, said in a statement. "Numerous IM-borne viruses, worms, spyware applications and blended threats can all jeopardize network security and cost companies hundreds of thousands of dollars in clean-up costs."
In the past month alone, multiple new variants of existing IM threats have appeared, looking to take advantage of people's ignorance of the method of attack. The vast majority of the threats--in particular, the Bropia worm variants that use Microsoft's MSN Messenger to spread--are hidden in IM messages that appear to have been sent by a known contact. The missives encourage people to click on a Web link or to download an attachment enclosed in an IM, but in reality, the messages hide some form of malicious code.
Since January, antivirus researchers have identified more than a dozen such threats, which typically are Trojan horses rather than flaw-exploiting viruses. That's more than three times the number of similar attacks seen on public IM networks in the same period last year, according to figures from IM security company Akonix Systems.
Respondents to SurfControl's survey ranked confidential data protection as one of their top security goals, with 83 percent of the companies interviewed citing it as a major concern. Murphy said it is ironic that companies claiming to be tightly focused on securing their systems have let IM usage slip through the cracks.
"Left ungoverned, instant-messaging applications are an easy vehicle for accidental or malicious disclosure of sensitive corporate data, including company financials, personnel records and customer data," he said. "Clearly, companies must combine detailed acceptable-use policies with effective technology to manage instant messaging at work."
See more CNET content tagged:
SurfControl plc,
IM,
P2P,
threat,
usage
- trillian and GPO
- this is why we only allow trillian and use of other IM clients is locked down via group policy. trillian connections also have to go through a socks5 proxy. not 100% secure but about as close as you can get without any real investment.
- Reply to this comment
-
- group policy
- http://www.analogstereo.com/amp_mcintosh_mc2105.htm
- trillian and GPO
- this is why we only allow trillian and use of other IM clients is locked down via group policy. trillian connections also have to go through a socks5 proxy. not 100% secure but about as close as you can get without any real investment.
- Reply to this comment
-
- group policy
- http://www.analogstereo.com/amp_mcintosh_mc2105.htm
