Actiance
Instant Messaging Security
Today's Internet Creates New Challenges
IM networks are an increasingly common channel for the spread of malware such as viruses, worms and spyware. IM and other real-time communication applications, representative of what FaceTime has termed greynets - are network-enabled applications that operate outside the control of the corporate IT department. These not so secure channels are increasingly becoming the vectors of propagation for malicious applications and code. This highlights the dilemma facing both IT staff and security vendors - how to manage the greynet 'spectrum' to enable business productivity from good greynet applications such as IM while preventing malware and lowering risks to the business.
Controlling IM Security Risks
IM usage in business – whether sanctioned or not - is growing rapidly. IM and other real-time communications are network-enabled applications that often operate outside the control of the corporate IT department. While they offer business value, these not-so-secure channels are increasingly becoming the vectors of propagation for malicious applications and code leaving IT to address how to enable business productivity from IM while also controlling risk.
IM security risk falls into three main categories:
- Inbound threats
IM creates new vectors for the distribution of malware (viruses, worms, spyware, rootkits, and more) and SpIM (Spam over IM) which can cause a major drain on productivity and resources. Read about malware and spyware prevention.
- Outbound threats
IM opens new 'holes' through which information can leak or be leaked, leading to user privacy concerns and the potential loss of intellectual property
- Non-compliance with corporate and regulatory requirements
IM creates invisible communications channels that operate below the radar of conventional information security measures, exposing the organization to regulatory compliance breaches. Read more about IM compliance and e-Discovery.
Technical Challenges of IM Security
Real-time communication and Web 2.0 applications are largely invisible to existing information security infrastructure such as firewalls, intrusion prevention and detection devices, and proxies because they are specifically designed to evade detection and provide ubiquitous access. Existing security measures do not adequately address the protocols and behaviors used by these applications.
Blocking IM is no longer an option:
- IM clients use port crawling - the ability to exploit
any open port on the firewall - so blocking the 'usual'
port for the particular application doesn't work.
- Every IM network provider has its own unique set of
IP addresses to which clients can connect. These IP addresses
change frequently or at random without notice, so firewalls
and proxies cannot apply blocking policies using the typical
black list of IP addresses.
- IM protocols are proprietary and constantly evolving
to deliver new and more advanced features to users; firewalls
and proxies do not evolve at this pace, nor do IT organizations
want to be constantly updating protocol signatures on the
firewall.
- The synchronous nature of real-time connections is much different from the asynchronous web browsing and email traffic; firewalls and proxies were not designed to inspect and analyze real-time communication traffic, so network performance suffers.
Beyond the technical considerations, blocking IM will also result in unhappy employees who will attempt to bypass controls, which may cause more problems than it solves.
The Leader in IM Security
Ranked #1 in IM market share by IDC for five consecutive years, FaceTime is the acknowledged leader in IM security and compliance management with almost five million seats under management, and an industry-spanning customer list that includes nine of the top ten US banks. FaceTime offers the only comprehensive IM and Web application security solutions that prevent malware and secure IM use, providing full visibility and granular control for all major real-time and Unified Communications applications:
- Public IM Networks (AIM, Yahoo, MSN, GoogleTalk, ICQ, and more)
- Enterprise IM Networks (OCS, LCS, Sametime, Antepo, Jabber, Parlano MindAlign)
- Professional Community Networks (Bloomberg, Communicator Inc., PivotSolutions)
- Web Conferencing (WebEx)
FaceTime offers comprehensive IM security:
- Protection against inbound threats from viruses, worms, spyware, SpIM, and more by monitoring and managing real-time communication, Unified Communications and Web application channels
- Prevention information leakage through content filtering, logging and archiving for all text conversations and file attachment content
- Ensuring compliance through TrueCompliance™ strict policy enforcement and user/group level access controls
By integrating seamlessly with existing IT and information security infrastructure such as Active Directory, storage systems and anti-virus, FaceTime also enables maximum return on your existing technology investments.
Learn more about IMAuditor, the leading enterprise-class solution for the security, compliance, management and control of IM and other real-time communication applications.
Learn more about Unified Security Gateway, an all-in-one appliance that enables and enforces safe and productive use of real-time communications applications to protect the network against inbound malware, mitigate information leakage risks, and ensure compliance with corporate, regulatory and e-discovery requirements.