Letting employees have unbridled access to free, consumer-level instant messaging applications running on their workplace computers is a security disaster waiting to happen.
Instant messaging applications are easy targets for hackers taking advantage of vulnerabilities. It is critical for businesses to pay attention to their employees’ use of instant messaging during work hours, warn security pros.
Security firm Akonix tracked 36 malicious code attacks over instant messaging networks in June, an 80 percent increase over May. This brings the total number of threats for the first half of 2007 to 206, which is 79 percent more than the same time period last year.
In Part 1 of this series, we looked at the threat potential of consumer IM products in the workplace. In this part, we’ll take a look at the growing arsenal of enterprise-strength secure IM tools available. Many small and medium size businesses, along with many enterprise companies, however, have not rushed to implement them.
“We are seeing slow deployment as enterprises take their time to find out that the security tools actually work. It is still early in the days of federated Instant Messaging. But the tools are there for security,” David Marshak, senior strategy and product manager for IBM Lotus Sametime, told the E-Commerce Times.
A few years ago, the question for enterprise network managers was, will the organization allow IMuse? Rather than allow it, some network managers continue to attempt blocking installations ofconsumer-grade instant messaging applications such as Yahoo Messenger, AOL Instant Messenger(AIM), Skype and Windows Live Messenger. In some enterprise offices, IT managers run automatic sweeps every night to remove IM clients installed by workers. The next day, workers reinstall their favorite IM applications.
“Real-time communications like instant messaging have now penetrated approximately 90 percent oforganizations. As e-mail has replaced the interoffice envelope over the past 10 years, IM is beginning to replace the desktop phone. Many companies embrace this trend because they realize the benefits. It cankeep workers both happy and productive,” Frank Cabri, vice president of marketing and product management at FaceTime Communications, told the E-Commerce Times.
Instant messaging today it is pretty well regarded as an accepted communications tool for business,agreed David Finger, product marketing manager for TrendMicro. “There are different approaches to securing IM,” he said.
These approaches are based on management decisions to monitor IM traffic and set rules for IMuse within the network or control IM traffic from the network’s endpoints.
Security firms use two approaches to harden the use of instant messaging on corporate computers.One way places security appliances at the gateway to inspect content. The other way uses anenterprise IM solution.
This second approach brings inspection from the gateway to a server which functions as an IM hubfor all IM messages at the enterprise server level, explained Finger. One of the newest threatspiggybacking on instant messaging is embedded URLs, according toFinger.
Another problem in making the popular free consumer IM clients safe to use at work is legalrestrictions. Only certain security vendors can legally intercept an IM vendor’s product.
“Akonix, Symantec and FaceTime are the only three certified and licensed to legally intercepttheir traffic for security programs,” said Don Montgomery, vice president of marketing forAkonix.
Consumer IM clients use protocols that change on a continuing basis. These companies have alegal contractual relationship that allows them to add this security and tap into the messagestream, confirmed Trend Micro’s Finger. Microsoft now also is included in this relationship withthe common IM consumer product vendors, he said.
“Free consumer IM clients used throughout samll and medium-sized business offices need to address security, compliance and management of these deployments,” cautioned Cabri. FaceTime tracked over 600 threat incidents over public IM and peer-to-peer (P2P) applications in the first half of this year alone, he noted.
Applications such as IM, Skype and Web conferencing can deliver significant business value to businessusers. However, they can also introduce three main kinds of business risks: inbound threats, outbound leakage and regulatory and e-discovery non-compliance.
The challenge is that these organizations have a mix of both public IM usage and enterprise IM usage,according to Cabri. They require a single solution to manage policies, archive requirements, security andreports for the entire set of IM activity in their environment.
Following are some of the leading instant messaging security productsavailable for enterprise. This list does not rank or evaluate the performance or merits of thesecurity solutions. Rather, the catalog of products reflects a sampling of what is availabletoday.
Akonix Enterprise IM
Akonix uses an appliance system that runs its proprietary OS (AkOS), which is a Linux derivative.Akonix offers all three components — security, monitoring and inspecting content. The measuresare applied through corporate directory by user, by group or by time of day.
Two applications reside in the Akonix box. L7 Enterprise is the gateway application, andthe L7 Enforcer reads content via keywords and natural expressions to filter corporateinformation.
The product offers various responses to IM traffic on the network. It can block thecommunication, allow it, block it and alert IT administrators, allow it and alert ITadministrators, or archive the content and tag it as potential policy issue.
The Enterprise Edition provides a comprehensive solution for secure instant messagingmanagement, P2P control, and other real-time communications compliance requirements. EnterpriseEdition consists of IMAuditor and RTGuardian. Pricing starts at US$7,500.
Internet Security Edition enables the safe and productive use of the Internet including Webbrowsing, IM, P2P, Skype and other real-time communications applications. Internet SecurityEdition consists of the RTGuardian gateway appliance and GEM (Greynet Enterprise Manager)software. Pricing starts at $7,125.
IMAuditor allows IT staff to set user policy, manage and control usage, protect against malware,and archive and log IM for corporate and regulatory compliance. It is sold as software or anappliance. Pricing starts at $5,000.
CommuniGate Systems offers an Internet communications solution based on Adobe Flash and AdobeFlex 2 technology that combines Rich Media and IP Communications. Pronto unifies e-mail, IM,chat, rich media and groupware into a easy-to-manage client interface.
Pronto scales to support any deployment size and is flexible to meet the requirements ofbusiness or consumer subscribers. It provides a Rich Media interface for the CommuniGate ProInternet Communications platform, a scalable performance-driven platform that combines VoIP (Voice over Internet Protocol),data communications and collaboration services. Pronto features include an e-mail application,calendaring, contacts management, secure IM and voicemail management and callingpreferences.
Licensing for up to 25 users starts at $849.
The Lotus Sametime software is an enterprise-level instant messaging product that connects withAIM, Google Talk and Yahoo Messenger. A companion product, the IBM Lotus Sametime Gateway, actsas an intermediary between Lotus Sametime and each public IM community by receiving instantmessages, translating them into the proper protocol and delivering them to recipients regardlessof platform.
The gateway provides IT administrators with policy management features to provide customizedaccess based on a user’s business need. Users can add their AIM, Google Talk and YahooMessenger contacts directly to their Lotus Sametime client, removing the need to manage multipleinstant messaging clients.
SameTime Version 7.5.1 includes point-to-point video, integration with desktop productivityapplications, a tabbed chat interface, client support for Macintosh users and server support forthe Linux operating system.
Pricing is $56 per user.
Trend Micro IM Security for Microsoft Office LCS
Trend Micro’s IM Security for Microsoft Office Live Communications Server (LCS) sits on the Microsoft communications server and inspects for security. It runs on a range of platforms. It can be centrally managed and administered and runs with minimal performance impact to LCS.
Incident-based archives support quick and easy searches for content violations. Complete with instantnotification through LCS and comprehensive real-time reporting, IM Security helps administrators deploy and maintain a virus-free IM environment with secure content.
Check Point Enterprise Security
Check Point offers two product lines that can be used individually or in tandem. VPN1 is a gateway application that detects IM clients and locks them out or monitors them. It uses Intrusion Prevention System (IPS) standards, according to Bill Jensen, product marketing manager for Check Point.
“The gateway protects corporate networks but not remote users. Integrity provides that added security,”said Gaurav Marwaha, product manager at Check Point.
Check Point Integrity is an end point solution that provides granular control over IM public clients.System managers can set rules to allow specific features such as video and file transfers. Integrity sitsinside the company’s network and is also installed on remote users’ computers.
VPN1 starts at $300 for up to 75 users. Pricing based on higher bandwidth ranges to $12,000. The Integrity Suite is priced based on the number of seats protected starting at $1,670.