How to Protect against IM Vulnerabilities and Unauthorized IM Usage

• Establish policies for acceptable use of instant messaging and ensure that all users are aware of those policies and clearly understand the potential risks.
• Establish policies for Mobile device usage, including password and encryption requirements.
• Create proper configuration standards for IM products that restrict file transfers.
• In general, users should not be permitted to install software. Restrict Administrative and Power User level privileges to support personnel acting in their support capacity. If a user must have Administrative or Power User privileges, create a separate account to be used for his/her daily office functions, Internet surfing and on-line communication.
• Ensure that vendor patches are promptly applied to instant messaging software, interrelated applications, and the underlying operating system.
• Employ anti-virus and anti-spyware products.
• Do not rely on external IM servers for internal use of instant messaging; Provide a commercial grade IM proxy or internal IM server.
• Create secure communications paths when using instant messaging with trusted business partners.
• Appropriately configure intrusion detection/prevention systems. Understand that many instant messaging applications are capable of enabling associated communications to masquerade as otherwise legitimate traffic (e.g. http).
• Deploy products specifically designed for instant messaging security.
• Filter all http traffic through an authenticating proxy server to provide additional capabilities of filtering/monitoring instant messaging traffic.
• Block access to known public instant messaging servers that have not been explicitly authorized. (Note: Offers only partial protection due to the number of potential external servers.)
• Block popular instant messaging ports. (Note: Offers only partial protection, due to the number of potential protocols and associated ports, and the ability of applications to bypass port restrictions.)
• Monitor using an Intrusion Detection/Prevention system for users creating tunnels for IM or bypassing proxies.
• Educate partners with whom you share files, and teach them to delete shared files after the IM session.
• Establish “Memorandum of Understanding” agreements with partners with whom you must share confidential documents, specifying non-disclosure responsibilities.
• Use access control such as passwords to protect group sessions and presentations.

• Bio
• Latest Posts

Editor

Latest posts by Editor (see all)

• How to Show files by size, biggest last- Linux Commands - January 21, 2011
• How to test for unreadable blocks on disk- Linux Commands - January 21, 2011
• How to Do a read speed test on disk sda – Linux Commands - January 21, 2011

acceptable use, anti virus, business partners, external servers, file transfers, instant messaging software, internet surfing, intrusion detection prevention, legitimate traffic, line communication, masquerade, mobile device, office functions, ports, prevention systems, proper configuration, proxy server, secure communications, spyware products, vendor patches

Articles