Security Risks of Instant Messaging in the Workplace - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

Security Risks of Instant Messaging in the Workplace

Description:

Security Risks of Instant Messaging in the Workplace Imtiaz Paniwala Instructor: Dr. Yang Date: March 24, 2004 Introduction Instant messaging is an Internet service ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 13
Provided by: Paniw
Learn more at: http://sce.uhcl.edu
Category:

less

Transcript and Presenter's Notes

Title: Security Risks of Instant Messaging in the Workplace


1
Security Risks of Instant Messaging in the
Workplace
  • Imtiaz Paniwala
  • Instructor Dr. Yang
  • Date March 24, 2004

2
Introduction
  • Instant messaging is an Internet service that
    allows the user to communicate in real time with
    other users who have the same instant messaging
    application.
  • EIM is an abbreviation for "enterprise instant
    messaging." Instant messaging applications are
    generally categorized as either being public or
    enterprise. AOL's instant messenger (AIM), Yahoo
    Messenger and Microsoft .NET Messenger are
    examples of public IM services. Anyone on the
    Internet can sign up, download the software and
    begin messaging.
  • Sun ONE Instant Messaging, IBM Lotus Instant
    Messaging Web Conferencing (formerly called
    Sametime) and Microsoft Office Live
    Communications Server 2003 (formerly called
    Greenwich) are examples of enterprise IM
    services. Access to the IM server is restricted
    and security precautions, such as encryption, are
    put in place to protect the enterprise network.

3
Who is using instant messaging?
  • 90 of businesses will use IM by end of 2004.
    (Gartner IM Trends)
  • Corporate IM is expected to replace 65 of e-mail
    usage by 2004. (Information Week)
  • 65 million workers are already using instant
    messaging, and that number is expected to grow to
    350 million by 2005. (IDC Research)
  • Corporate IM usage is expected to account for
    nearly 60 of all online traffic by 2005.(Ferris
    Research)
  • As more IT departments become convinced of
    the value of IM as a business communications tool
    and begin looking for ways to exert control,
    implement security measures and integrate instant
    messaging with other groupware components,
    unmanaged IM use in the enterprise is likely to
    become a thing of the past.

4
What's Hot , What's Not ?
  • AIM (AOL Instant Messenger)www.aim.com.59.7
    million users
  • ICQwww.icq.com 6.2 million users
  • .net Messengerwww.messenger.msn.com 23.1
    million users
  • Yahoo! Messengerwww.messenger.yahoo.com.19.5
    million users
  • Source comScore Media Metrix

5
Did you know?
  • IM worms do not need to scan the internet for the
    IP addresses of vulnerable systems, a process
    that greatly slows the spread of traditional
    worms. Instead, IM worms simply use the infected
    user's buddy list to find new targets. Even with
    a scenario in which the buddy lists of infected
    and target machines were identical except for
    just one IM user, an IM worm could infect 500,000
    machines in just 31 seconds.
  • The packet sniffing software 'dsniff' (available
    at http//www.monkey.org/dugsong/dsniff/) is
    able to decipher AIM passwords on the fly.
  • One or two clicks in .net messenger allows a
    remote user to control your computer
  • Yahoo! Messenger has the weakest security
    features of the major messaging platforms. Its
    protocol does not encrypt usernames and
    passwords, making it risky to even log into the
    system.
  • ICQ has been the target of many DoS bugs and at
    least one remote buffer overflow.

6
Common threats
  1. Weakened security settings. During installation,
    instant messaging software may change browser
    security settings, placing the computer at risk.
  2. Readability by intruders. Instant messaging
    sessions are conducted in plain, unencrypted
    text, and are an open book to a reasonably
    skilled intruder.
  3. Intrusion on privacy. By design, instant
    messaging software runs continuously as a
    background task and broadcasts the computer's
    presence online even if the interface is closed.
    (A separate "exit" action is needed to stop it.)
    In addition, instant messaging software may store
    the content of an instant messaging session in a
    log-file that could be read by others.
  4. Hijacking and impersonation. Instant messaging
    accounts are vulnerable to hijacking or spoofing,
    allowing an intruder to impersonate someone in
    conversations with others.

7
Common threats contd.
  1. Malicious code. Instant messaging establishes an
    open communications channel to the computer that
    can be exploited by malicious code such as worms,
    viruses, and Trojan horses.
  2. Unauthorized access. Instant messaging users can
    potentially access each others hard drives and
    files during a session, placing the computer at
    the disposal of would-be hackers.
  3. Poor password security. Instant messaging
    software typically stores passwords in a manner
    that is highly vulnerable to hackers.
  4. No virus protection. Instant messaging sessions
    are not virus protected and can freely spread
    virus-ridden files.

8
INSTANT MESSAGING BEST PRACTICES
  • Establish a corporate instant messaging usage
    policy
  • Properly configure corporate perimeter firewalls
  • Deploy desktop antivirus software
  • Employ personal firewalls to ensure policy
    compliance
  • Deploy corporate instant messaging servers
  • Install all instant messaging patches as soon as
    possible
  • Use vulnerability management solutions to ensure
    policy compliance

9
Recommended instant messaging client settings
  • If a corporation chooses to use an external
    instant messaging systemone whose servers are
    operated by the instant messaging providerthe
    following security practices should be kept in
    mind
  • For the best security, do not use any external
    IM system that does not employ a certified
    encryption system.
  • Configure all IM clients so that they will
    accept chat requests only from users specified in
    employees buddy lists. This prevents attackers
    from connecting to computers on the network and
    sending malicious code. Only those users
    explicitly specified by employees should be able
    to contact them.
  • Configure the IM system to either block file
    transfers or allow such transfers only from users
    specified on the buddy list. If this is not
    feasible, configure the IM software to prompt the
    employee before all file transfers.
  • Configure the IM system to use antivirus software
    to scan file transfers, if supported.
  • Configure IM accounts so they are not listed on
    public servers. This further prevents unsolicited
    chat requests.

10
Some security products
  • Top Secret Messenger Top Secret Messenger (TSM)
    is product developed by Encryption Software, Inc.
    It provides a powerful public-key encryption
    platform, TSM provides integrated add-on for
    popular instant messengers thus integrating the
    new IM technology with existing system
    applications
  • Vayusphere Managed IM Gateway Vayusphere MiG
    provides controlled employee access to Public IM.
    It uses relational database to store public IM
    conversation. This feature allows enterprises to
    archive and search thereby satisfying the
    document retention and compliance requirements.
    Vayusphere MIG supports all major public IM
    networks . Vayursphere MIG allows creation of
    usage and traffic reports to dynamically track IM
    usage12.
  • A.I.M. Frame A.I.M. Frame runs on top of AOLs
    AIM. A.I.M. Frame records and logs all
    conversations with date/time stamp. IM logs can
    be integrated into enterprise databases via ODBC
    connection. A.I.M Frame also supports encrypted
    instant messaging to other A.I.M. Frame users.

11
Conclusion
  • Due to the efficiency and convenience of their
    communications, instant messaging systems are
    rapidly becoming very important tools within
    corporations. Unfortunately, many of the current
    instant messaging systems are inadequately
    secured and in turn are exposing some enterprises
    to serious security and economic breaches.
  • Ideally, corporations looking to leverage instant
    messaging should deploy a secure,
    corporate-focused IM solution within the company
    network, and then layer suitable security systems
    on top of this solution (firewalls, vulnerability
    management, antivirus, etc.) However, many
    companies continue to permit employees to use
    popular free IM services. These organizations
    need to understand the associated security risks
    and plan accordingly.
  • Clearly, the growth of instant messaging systems
    will bring greater efficiencies to the global
    workplace. Only by appropriately securing these
    systems will businesses be able to reap their
    full economic benefits.

12
Thank you !!!
The intent is not to persuade you NOT to use IM.
Just be aware of how you use it.
Write a Comment
User Comments (0)
About PowerShow.com