How to Protect against IM Vulnerabilities and Unauthorized IM Usage

Dec 04

How to Protect against IM Vulnerabilities and Unauthorized IM Usage

9 views

Establish policies for acceptable use of instant messaging and ensure that all users are aware of those policies and clearly understand the potential risks.
Establish policies for Mobile device usage, including password and encryption requirements.
Create proper configuration standards for IM products that restrict file transfers.
In general, users should not be permitted to install software. Restrict Administrative and Power User level privileges to support personnel acting in their support capacity. If a user must have Administrative or Power User privileges, create a separate account to be used for his/her daily office functions, Internet surfing and on-line communication.
Ensure that vendor patches are promptly applied to instant messaging software, interrelated applications, and the underlying operating system.
Employ anti-virus and anti-spyware products.
Do not rely on external IM servers for internal use of instant messaging; Provide a commercial grade IM proxy or internal IM server.
Create secure communications paths when using instant messaging with trusted business partners.
Appropriately configure intrusion detection/prevention systems. Understand that many instant messaging applications are capable of enabling associated communications to masquerade as otherwise legitimate traffic (e.g. http).
Deploy products specifically designed for instant messaging security.
Filter all http traffic through an authenticating proxy server to provide additional capabilities of filtering/monitoring instant messaging traffic.
Block access to known public instant messaging servers that have not been explicitly authorized. (Note: Offers only partial protection due to the number of potential external servers.)
Block popular instant messaging ports. (Note: Offers only partial protection, due to the number of potential protocols and associated ports, and the ability of applications to bypass port restrictions.)
Monitor using an Intrusion Detection/Prevention system for users creating tunnels for IM or bypassing proxies.
Educate partners with whom you share files, and teach them to delete shared files after the IM session.
Establish “Memorandum of Understanding” agreements with partners with whom you must share confidential documents, specifying non-disclosure responsibilities.
Use access control such as passwords to protect group sessions and presentations.

Tags:acceptable use, anti virus, business partners, external servers, file transfers, instant messaging software, internet surfing, intrusion detection prevention, legitimate traffic, line communication, masquerade, mobile device, office functions, ports, prevention systems, proper configuration, proxy server, secure communications, spyware products, vendor patches

Bookmark This

Liked this article? To continue getting our latest free Howtos and Tutorials,
you can also grab the RSS feed or Subscribe to Techgurulive by Email

Not Getting

Related posts
How to Protect against P2P Software Vulnerabilities
How to Protect against the vulnerabilities
How to configure the PIX/ASA Firewall to block IM services
How To Monitor for Unauthorized User Access in Windows Servers
In Websense reports, what information is available about bandwidth usage?
How to Disable Unnecessary and Unauthorized Services in Linux
Howto: Protect account against a password cracking attack
How does Websense deal with public proxies?
Best Practices for User Profiles Windows 2003
How to Configure your DNS to protect against DoS attacks and Cache Poisoning

Leave a Reply

Name (required)

Mail (will not be published) (required)

Website

This Howtos posted under" Articles

How to Protect against IM Vulnerabilities and Unauthorized IM Usage

Find Free Howtos and tutorials on apache, Linux, windows, php, Networking, MySQL, Cisco, open source, Nas, Virtualization, voip, vpn, email,send mail, lamp, security, SEO, squid, Anti virus, Backup, Database and many more

Translator

By N2H

Recent Searches

how to install mysql on linux

pfsense

openvpn windows

trixbox

trixbox

Squid proxy server in Ubuntu

not in the sudoers file

configure zimbra

Popular Searches

stop and restart websense

CONFIGURE ZIMBRA

disable IP forwarding

ubuntu virtual host

how to copy files in linux

setting up snmpd.conf

trixbox

set up time server linux

To continue getting our latest Howtos, Tutorial
Enter your email address:
Delivered by FeedBurner

Most Viewed

How to Add Static route in Windows XP/2000/Vista - 4,041 views
How to Configure Routing and Remote Access Service in Windows Server 2003 - 3,022 views
How to test UDP Connectivity - 3,005 views
How to install and Configure Smoothwall Express 3 Firewall - 2,971 views
How To Install PHPMyAdmin on Fedora 9 - 2,599 views
How to Install and Configure pfSense - A free, open source firewall and router - 2,518 views
How To Install FreeNas - 2,505 views
How to enable ActiveX Controls in Internet Explorer? - 1,970 views
How to Install RoundCube WebMail - 1,760 views
How to install dimdim on ubuntu linux - 1,740 views

Recent Forum Posts

"Who knows where to download XRumer 5.0 Palladium?" by CocoChanels on July 2, 2009 at 4:28 pm in Promote Websites

"Want to download XRumer 5.0 for free!" by MagicOPromotion on May 3, 2009 at 10:03 am in Promote Websites

"How to See MAC Addresses" by gishore on April 12, 2009 at 10:10 pm in Reference Material

"How to Configure IP Forwarding in Linux" by gishore on April 12, 2009 at 10:07 pm in Reference Material

"How to Add Permanent Static Routes" by gishore on April 12, 2009 at 10:06 pm in Reference Material

"How to Add Temporary Static Routes" by gishore on April 12, 2009 at 10:05 pm in Reference Material

"How to Determining Your IP Address" by gishore on April 12, 2009 at 10:03 pm in Reference Material

"How to Activate/Shut Down Your NIC" by gishore on April 12, 2009 at 10:01 pm in Reference Material

More »
Login

Username:

Password:

Remember me

Register

Lost your password?

Spam Blocked

11,520 spam comments

blocked by
Akismet

Recent Posts

How to Add a permanent static route to Mac OS X

How to measure network throughput on Linux machines

How to Change timestamp in nagios logfiles to readable dates

How to Configure cron jobs on Windows -Drupal

How to Backup And Restore Email In Gmail Account Easily

How to Set Gmail as Firefox Default Email Client

How to retrieve Yahoo Mail using email programs such as Microsoft Outlook, Eudora, Outlook Express, etc

How to Delay Sending of Email Message in Microsoft Outlook

How to Create a limited user account on a Cisco Pix Firewall

How to Send an Email (Mail Message) from Linux Command Line Shell

Hot Search : ubuntu linux suselinux mandriva linux cisco vpn vista cisco asa cisco adler cisco vpn router cisco vpn client cisco switch cisco vpn client vista vista vpn vista cisco vpn cisco vpn ubuntu cisco asa vpn cisco anyconnect vpn iphone ubuntu vpn openvpn open source wiki open source mac open source dvd open source windows windows vista windows live msn windows live messenger windows live openvpn windows ubuntu apache apache php apache 2.2 php ajax joomla mysql php mysql vista backup backup iphone backup windows windows 2008 clustering sql 2005 clustering

About Us | Contact Us | Privacy Policy | Forums | Sitemap | Directory | Friends|Copyright © 2008 - 2009 Techgurulive