No One Can Afford an Attack - Find the best Cybersecurity Pros to Protect Your Business Data
Welcome Guest | Sign In

IM at Work, Part 2: Tools for Locking Down

By Jack M. Germain E-Commerce Times ECT News Network
Jul 6, 2007 4:00 AM PT

Letting employees have unbridled access to free, consumer-level instant messaging applications running on their workplace computers is a security disaster waiting to happen.

IM at Work, Part 2: Tools for Locking Down

Instant messaging applications are easy targets for hackers taking advantage of vulnerabilities. It is critical for businesses to pay attention to their employees' use of instant messaging during work hours, warn security pros.

Security firm Akonix tracked 36 malicious code attacks over instant messaging networks in June, an 80 percent increase over May. This brings the total number of threats for the first half of 2007 to 206, which is 79 percent more than the same time period last year.

In Part 1 of this series, we looked at the threat potential of consumer IM products in the workplace. In this part, we'll take a look at the growing arsenal of enterprise-strength secure IM tools available. Many small and medium size businesses, along with many enterprise companies, however, have not rushed to implement them.

"We are seeing slow deployment as enterprises take their time to find out that the security tools actually work. It is still early in the days of federated Instant Messaging. But the tools are there for security," David Marshak, senior strategy and product manager for IBM Lotus Sametime, told the E-Commerce Times.

Necessary Evil

A few years ago, the question for enterprise network managers was, will the organization allow IM use? Rather than allow it, some network managers continue to attempt blocking installations of consumer-grade instant messaging applications such as Yahoo Messenger, AOL Instant Messenger (AIM), Skype and Windows Live Messenger. In some enterprise offices, IT managers run automatic sweeps every night to remove IM clients installed by workers. The next day, workers reinstall their favorite IM applications.

"Real-time communications like instant messaging have now penetrated approximately 90 percent of organizations. As e-mail has replaced the interoffice envelope over the past 10 years, IM is beginning to replace the desktop phone. Many companies embrace this trend because they realize the benefits. It can keep workers both happy and productive," Frank Cabri, vice president of marketing and product management at FaceTime Communications, told the E-Commerce Times.

Instant messaging today it is pretty well regarded as an accepted communications tool for business, agreed David Finger, product marketing manager for TrendMicro. "There are different approaches to securing IM," he said.

These approaches are based on management decisions to monitor IM traffic and set rules for IM use within the network or control IM traffic from the network's endpoints.

Securing IM

Security firms use two approaches to harden the use of instant messaging on corporate computers. One way places security appliances at the gateway to inspect content. The other way uses an enterprise IM solution.

This second approach brings inspection from the gateway to a server which functions as an IM hub for all IM messages at the enterprise server level, explained Finger. One of the newest threats piggybacking on instant messaging is embedded URLs, according to Finger.

Another problem in making the popular free consumer IM clients safe to use at work is legal restrictions. Only certain security vendors can legally intercept an IM vendor's product.

"Akonix, Symantec and FaceTime are the only three certified and licensed to legally intercept their traffic for security programs," said Don Montgomery, vice president of marketing for Akonix.

Consumer IM clients use protocols that change on a continuing basis. These companies have a legal contractual relationship that allows them to add this security and tap into the message stream, confirmed Trend Micro's Finger. Microsoft now also is included in this relationship with the common IM consumer product vendors, he said.

Security Challenge

"Free consumer IM clients used throughout samll and medium-sized business offices need to address security, compliance and management of these deployments," cautioned Cabri. FaceTime tracked over 600 threat incidents over public IM and peer-to-peer (P2P) applications in the first half of this year alone, he noted.

Applications such as IM, Skype and Web conferencing can deliver significant business value to business users. However, they can also introduce three main kinds of business risks: inbound threats, outbound leakage and regulatory and e-discovery non-compliance.

The challenge is that these organizations have a mix of both public IM usage and enterprise IM usage, according to Cabri. They require a single solution to manage policies, archive requirements, security and reports for the entire set of IM activity in their environment.

Product Roundup

Following are some of the leading instant messaging security products available for enterprise. This list does not rank or evaluate the performance or merits of the security solutions. Rather, the catalog of products reflects a sampling of what is available today.

Akonix Enterprise IM

Akonix uses an appliance system that runs its proprietary OS (AkOS), which is a Linux derivative. Akonix offers all three components -- security, monitoring and inspecting content. The measures are applied through corporate directory by user, by group or by time of day.

Two applications reside in the Akonix box. L7 Enterprise is the gateway application, and the L7 Enforcer reads content via keywords and natural expressions to filter corporate information.

The product offers various responses to IM traffic on the network. It can block the communication, allow it, block it and alert IT administrators, allow it and alert IT administrators, or archive the content and tag it as potential policy issue.

FaceTime Suites

FaceTime's two leading product suites are FaceTime Enterprise Edition and FaceTime Internet Security Edition. Research firm IDC ranked FaceTime No. 1 in IM Management Market share for three years.

The Enterprise Edition provides a comprehensive solution for secure instant messaging management, P2P control, and other real-time communications compliance requirements. Enterprise Edition consists of IMAuditor and RTGuardian. Pricing starts at US$7,500.

Internet Security Edition enables the safe and productive use of the Internet including Web browsing, IM, P2P, Skype and other real-time communications applications. Internet Security Edition consists of the RTGuardian gateway appliance and GEM (Greynet Enterprise Manager) software. Pricing starts at $7,125.

IMAuditor allows IT staff to set user policy, manage and control usage, protect against malware, and archive and log IM for corporate and regulatory compliance. It is sold as software or an appliance. Pricing starts at $5,000.

CommuniGate Systems

CommuniGate Systems offers an Internet communications solution based on Adobe Flash and Adobe Flex 2 technology that combines Rich Media and IP Communications. Pronto unifies e-mail, IM, chat, rich media and groupware into a easy-to-manage client interface.

Pronto scales to support any deployment size and is flexible to meet the requirements of business or consumer subscribers. It provides a Rich Media interface for the CommuniGate Pro Internet Communications platform, a scalable performance-driven platform that combines VoIP (Voice over Internet Protocol), data communications and collaboration services. Pronto features include an e-mail application, calendaring, contacts management, secure IM and voicemail management and calling preferences.

Licensing for up to 25 users starts at $849.

Lotus Sametime

The Lotus Sametime software is an enterprise-level instant messaging product that connects with AIM, Google Talk and Yahoo Messenger. A companion product, the IBM Lotus Sametime Gateway, acts as an intermediary between Lotus Sametime and each public IM community by receiving instant messages, translating them into the proper protocol and delivering them to recipients regardless of platform.

The gateway provides IT administrators with policy management features to provide customized access based on a user's business need. Users can add their AIM, Google Talk and Yahoo Messenger contacts directly to their Lotus Sametime client, removing the need to manage multiple instant messaging clients.

SameTime Version 7.5.1 includes point-to-point video, integration with desktop productivity applications, a tabbed chat interface, client support for Macintosh users and server support for the Linux operating system.

Pricing is $56 per user.

Trend Micro IM Security for Microsoft Office LCS

Trend Micro's IM Security for Microsoft Office Live Communications Server (LCS) sits on the Microsoft communications server and inspects for security. It runs on a range of platforms. It can be centrally managed and administered and runs with minimal performance impact to LCS.

Incident-based archives support quick and easy searches for content violations. Complete with instant notification through LCS and comprehensive real-time reporting, IM Security helps administrators deploy and maintain a virus-free IM environment with secure content.

Check Point Enterprise Security

Check Point offers two product lines that can be used individually or in tandem. VPN1 is a gateway application that detects IM clients and locks them out or monitors them. It uses Intrusion Prevention System (IPS) standards, according to Bill Jensen, product marketing manager for Check Point.

"The gateway protects corporate networks but not remote users. Integrity provides that added security," said Gaurav Marwaha, product manager at Check Point.

Check Point Integrity is an end point solution that provides granular control over IM public clients. System managers can set rules to allow specific features such as video and file transfers. Integrity sits inside the company's network and is also installed on remote users' computers.

VPN1 starts at $300 for up to 75 users. Pricing based on higher bandwidth ranges to $12,000. The Integrity Suite is priced based on the number of seats protected starting at $1,670.

IM at Work, Part 1: Idle Chatter, Serious Risk

Facebook Twitter LinkedIn Google+ RSS
What is the most consequential impact of social media on society today?
It has opened up valuable new channels for civil discourse.
It has destroyed the meaning of "truth" and "fact."
It has made people stronger by facilitating grass roots activism.
It has deepened divisions among groups with opposing views.
It has made it easier for people to support and help each other.
It has made it easier for people to humiliate and hurt each other.