Maximizer In the News                                  | Home | Camsoft Solutions | Articles | Case Studies | Useful Links | Contact us

 

Johannesburg, 18 May 2005
Security threats of instant messaging

Instant messaging applications offer so many advantages in so many different fields that they're fast becoming the preferred communication tool for a number of different professional scenarios. However, in many cases, these public applications are downloaded straight from the Internet on an ad hoc basis and are not being provided or authorised by IT administrators. This situation has serious implications for IT policy enablement, storage procedures, liability and above all, network security.

Gartner forecasts that instant messaging (IM) will represent 50% of all business-to-client communication during 2005. In many organisations, employees are individually choosing and installing their own choice of IM, leading to variations across the business. It is therefore important for all businesses to reflect on the growing status of IM by acknowledging, managing and securing it. Sybari Software Inc, a global provider of anti-virus, anti-spam and content-filtering security software products and a company that is currently being purchased by Microsoft, recently released results from a pan-European survey of 340 IT managers concerning IM in the enterprise.

Sybari's survey revealed that the majority of companies questioned are extremely aware of the benefits that instant messaging can bring to their business with over 81% listing real-time communication as a main advantage. On average, those questioned estimated that IM would decrease their phone bills by approximately 11%.

Just under 90% understood that IM should be managed at server level, with 77% expressing concern over potential security threats attached to IM communication. However, in spite of the fact that their employees may be installing their own choice of IM applications (ie Skype, MSN, Yahoo), more than 56% had no plans to install an IM solution at a managed server level.

Three-quarters of businesses saw the threat of viruses and worms through instant messaging as a primary concern. This was closely followed (68%) by those who were worried about information theft and loss of sensitive data or information that would have an 'extreme impact' on their business, especially those who are aware of compliance with government and industry regulations and legislation. Moreover, 54% of the companies surveyed were concerned with making sure that their employees' computers were not vulnerable to remote controlling 'hijackers', and 40% were concerned about IM conversation spying.

Surprisingly, only 13% of those surveyed cover IM usage in their current corporate e-mail usage guides. Over 55% do not include IM and 28% do not currently have a corporate messaging policy of any kind.

"There's no doubt that instant messaging is a beneficial communication tool that's use is growing worldwide. Our survey indicates that the majority of businesses recognise this. However, security is becoming more complicated, with viruses, worms and spam causing concern for a number of reasons. The response to this is not to ignore IM, but to manage it in the interests of the enterprise. Making management-level decisions to install a corporate IM solution and taking control of it will have far better consequences for any business than to let employees make their own choices and leave themselves and their company exposed to attack," explains Sasa Radosevic, Product Manager at Sybari Software.

Sybari's survey results have been welcomed by Roger Dean, head of special projects at EEMA, the independent, European not-for-profit association for e-business, who said: "IM provides great opportunities for increased collaboration and productivity. The ease of installation and its ubiquity makes IM attractive to users. However, its deployment frequently circumvents corporate IT usage policies and controls. Sybari's survey results reflect the immediate need for businesses to centrally manage IM, document its usage and maintain its security, which, unfortunately, is still considered as an afterthought."

Recognising the need to protect organisations against the threats posed by IM, Sybari has released Antigen 8.0 for instant messaging, a product that is fully supported in production environments. The new version includes support for Microsoft Live Communication Server 2005 and has the ability to perform content scanning within documents and includes enhanced scan engine update technology.

As business rapidly adopt IM technology for its real-time communication and collaboration benefits, IM viruses and spam have kept pace, encompassing the fastest growing segment of malcode development. IM's peer-to-peer nature also makes it all too easy for users to find loopholes in corporate content policies, since these messages bypass the enterprise content management solutions. Antigen for Instant Messaging blocks IM viruses and malicious content in real-time. Using its powerful content-filtering capabilities, companies can close security gaps by enforcing company-wide IM usage policies. One of the most immediate threats posed by IM is the transferring of documents between users and with Antigen 8.0 for IM's document scanning technology these threats can be averted. Antigen for instant messaging supports both Microsoft Live Communications Server (LCS) and IMLogic IM Manager for securing enterprise and public IM clients.

"We have seen a tremendous increase in the usage of instant messaging. Students, teachers and administrators have found that IM allows them to communicate quickly and easily; however, it also presents huge security threats to our network. For the past four years we have been using Sybari's Antigen for Exchange to protect our e-mail from viruses and worms. Since it has worked so well for us, it only made sense to extend that protection to our IM applications with Antigen for instant messaging. Antigen for IM allows us to scan attachments for potential security threats and reduce the amount of spam coming in," said Martin Patrick, community college network administrator.

"Antigen 8.0 for IM is a comprehensive solution for securing public and corporate IM networks. Now with support for Microsoft Live Communications Server 2005, Antigen 8.0 provides corporations with content filtering and policy enforcement features in addition to Sybari's advanced anti-virus scanning technology," said Teney K Takahashi, market analyst at The Radicati Group.

"As instant messaging systems are increasingly targeted by viruses and other malicious code, security solutions such as Antigen 8.0 are becoming essential to protect corporate networks."

ull details of Sybari's survey results can be found at www.sybari.com/emeaim_surveyresults.

For further information on Sybari's security solutions, visit Camsoft Solutions at the Futurex exhibition at the Sandton Convention Centre from 17 to 20 May, at Stand F9, in Hall 2.