IT organisations must recognise that instant messaging (IM)
is no more or less secure than any internet-facing application. It
is really just one of the issues to consider when developing a
comprehensive solution that will protect organisations from all
types of Web2.0/internet threats, writes Peter
Firstbrook, research director at Gartner.
The web and the internet are the most common sources of malware
infections, so IT teams must have malware filtering in the internet
gateway regardless of whether they allow IM or not. As malware
attacks can also be directed at vulnerabilities in the IM software
itself IT organisations must constrain IM client choices and ensure
that IM clients are patched and maintained.
IM file attachments can be risky. Best practice is to block IM
attachments and force them through a secure file transfer solution
or email, where there is typically more malware filtering, file
type and content controls. Also, user education is a good idea to
dissuade users from the notion that the 'buddy list' makes IM more
trustworthy than email.
In addition to malware protection, organisations should have the
ability to select which IM networks can be used and who can use
them. Like any communications channel IM can be used to distribute
private, secret or unacceptable content. If the organisation uses
data-loss prevention (DLP) on other channels to enforce corporate
or regulatory compliance they should extend those tools to cover
IM.
Unlike e-mail, archiving of IM is not mandated for most
industries (US financial organisations being a notable exception).
It is best practice not to archive IM and in cases where archiving
is necessary, it should be archived in the same place as e-mail for
easy discovery.
A combination of a good secure web gateway and network firewalls
should address the IM security needs of most organisations.
Read more expert advice from the Computer Weekly Security Think
Tank >>