Skip Links

IM threats are still very real - what are your options for protection?

Four choices when faced with security threats via IM and P2P traffic

By Michael Osterman, Network World
December 06, 2007 12:04 AM ET
Michael Osterman
  • Print

Last week, Akonix issued an instant messaging threat report that showed that the company tracked nine new malicious code attacks directed against IM systems during November, in addition to 12 new attacks on peer-to-peer (P2P) file-sharing networks. While this number is lower than the monthly average for 2007, the threats reveal greater criminal intent on the part of their authors. Similarly, FaceTime announced that in the third quarter of 2007, the company detected 279 IM and P2P threats, down slightly from the second quarter's total of 317 incidents.

These reports reveal the still very dangerous nature of unfettered IM and P2P use in most organizations. While an increasing number of IT managers are cognizant of the consequences of doing nothing about the widespread use of consumer-oriented IM in the workplace, not enough are aware of the risks or are doing anything about it.

So, what should you do? There are actually four things you can do, each of which has various benefits and costs:

1. Do nothing. Clearly, this has the advantage of the lowest cost, but also has the greatest risk, since your networks are still very much at risk from IM and P2P threats.

2. Deploy policies that prevent IM use. Again, the cost is virtually zero, but the benefits will be approximately the same.

3. Implement an IM hygiene solution that will scan network traffic for IM and P2P and take appropriate action, such as preventing file-sharing, scanning for malicious code, etc. The cost is much higher than doing nothing, but so are the benefits.

4. Implement a true enterprise IM system. The cost is likely to be higher still, but the benefits will be that IM threats are minimized because of the built-in security of these solutions, and your company will be standardized on a single, enterprise-grade solution.

The bottom line is that IM and P2P threats are real and they must be addressed.

Read more about software in Network World's Software section.

  • Print

Videos

rssRss Feed