Instant messaging manager
Encyclopedia
Companies that provide instant messaging management products and services include Akonix, Barracuda Networks
, CSC, Global Relay, FaceTime Communications, Presensoft, ScanSafe
, Smarsh, SurfControl
and Symantec
.
All of these risks exist for organizational entities, regardless of whether their employees are using company-provided instant messaging (e.g. IBM Lotus Sametime
or Microsoft Office Live Communications Server
) or unsanctioned access to the public IM networks (e.g. AOL Instant Messenger
, Google Talk
, Windows Live Messenger
, or Yahoo! Messenger
).
, CSC, FaceTime Communications, Global Relay, ScanSafe, Surfcontrol, and Symantec. All of the leading products and services perform the following functions:
(1) Antivirus scanning of IM attached files, utilizing antivirus software
.
(2) Identification of typical "signature" strings in hostile IM messages that use social engineering (security)
to fool the recipient into clicking a poison URL, which in turn, downloads malware
to the unsuspecting recipient's computer.
(3) Filtering of content within messages, typically scanning for keywords and regular expression phrases (e.g. the phrase "hot stock tip" might trigger a security alert if found in a message sent by an employee at a stock brokerage. Likewise a string of numerals in the format xxx-yy-nnnn, might trigger a block or alert due to the likelihood that it is a Social Security number
.) IM managers also typically block the transmission of the seven dirty words
.
(4) Archiving of IM chats according to organizational policy. Archiving of IM is typically integrated with email archiving systems that provide for effective storage, retrieval, indexing, and destruction of electronic messages.
The emergence of IM as a legitimate, productivity-enhancing communications medium in business is a relatively recent trend. As a result, IM management systems are only utilized in an estimated 10% to 25% of companies (with some estimates being even grimmer, such as the 2007 study by industry analyst The Burton Group, which found IM policy in only 10% and IM security in only 5% of organizations surveyed), while IM is estimated to be used by employees in 85% to 90% of companies. The gap between the need for protection and the implementation of protection is a significant concern, as over 1300 attacks using IM networks to deliver malware have been identified by security companies and tracked at the IM Security Center as of the middle of 2008.
Barracuda Networks
Barracuda Networks, Inc. is a privately held company providing security, networking and storage solutions based on appliances and cloud services. The company’s security products include solutions for protection against email, web surfing, web hackers and instant messaging threats such as spam,...
, CSC, Global Relay, FaceTime Communications, Presensoft, ScanSafe
ScanSafe
ScanSafe was a privately held company backed by investors Benchmark Capital and Scale Venture Partners, it was a provider of Web security-as-a-service for organizations. Co-founded in 1999 by brothers Eldar and Roy Tuvey, its services block malware and secure the use of the Web and messaging...
, Smarsh, SurfControl
SurfControl
SurfControl Plc., was a British software company based in Cheshire, England. The company provided website filtering, e-mail filtering and desktop security software for both enterprise and home users....
and Symantec
Symantec
Symantec Corporation is the largest maker of security software for computers. The company is headquartered in Mountain View, California, and is a Fortune 500 company and a member of the S&P 500 stock market index.-History:...
.
Typical Reasons that IM Management Systems are Implemented
As instant messaging becomes more prevalent in business, corporations and organizations must apply the same rigor to the use of IM as they have previously done for email. In particular, there are four categories of risk or liability that companies face as a result of their employees' day-to-day use of IM:- Risk of infection by virus, spyware, or other malwareMalwareMalware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
installed surreptitiously over an IM network or in an IM-attached file. - Risk of employees using IM to communicate trade secrets (proprietary, confidential, or restricted information) to parties outside the organization. This category is often called "data leakage" or "information leakage".
- Risk of employees using IM to harass or threaten other employees. For example, the persistent use of IM by one employee to send messages to another employee that are sexual and/or unwanted in nature may create a hostile environment sexual harassmentHostile environment sexual harassmentIn employment law, hostile environment sexual harassment refers to a situation where employees in a workplace are subject to a pattern of exposure to unwanted sexual behavior from persons other than an employee's direct supervisor where supervisors or managers take no steps to discourage or...
liability for the employer. A March 2007 survey by Akonix Systems identified that over 30% of employees had been harassed over IM in the workplace. - Risk of being out of complianceCompliance (regulation)In general, compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that corporations or public agencies aspire to in their efforts to ensure that personnel are aware of and take steps to comply with relevant laws and...
with governmental laws and regulations governing electronic communications. This category typically involves the need to create and manage an archive of instant messages in order to comply with such regulations as the Sarbanes-Oxley ActSarbanes-Oxley ActThe Sarbanes–Oxley Act of 2002 , also known as the 'Public Company Accounting Reform and Investor Protection Act' and 'Corporate and Auditing Accountability and Responsibility Act' and commonly called Sarbanes–Oxley, Sarbox or SOX, is a United States federal law enacted on July 30, 2002, which...
, the Gramm-Leach-Bliley ActGramm-Leach-Bliley ActThe Gramm–Leach–Bliley Act , also known as the Financial Services Modernization Act of 1999, is an act of the 106th United States Congress...
, electronic discoveryElectronic DiscoveryElectronic discovery refers to discovery in civil litigation which deals with the exchange of information in electronic format . Usually a digital forensics analysis is performed to recover evidence...
, or the Federal Rules of Civil ProcedureFederal Rules of Civil ProcedureThe Federal Rules of Civil Procedure govern civil procedure in United States district courts. The FRCP are promulgated by the United States Supreme Court pursuant to the Rules Enabling Act, and then the United States Congress has 7 months to veto the rules promulgated or they become part of the...
in the United States, and similar legislation and policy in other countries. Sixty-eight percent of IT managers have archiving and retrieval methods for corporate email. About half that many — 31 percent — store IM communications.
All of these risks exist for organizational entities, regardless of whether their employees are using company-provided instant messaging (e.g. IBM Lotus Sametime
IBM Lotus Sametime
IBM Sametime is a client–server application and middleware platform that provides real-time, unified communications and collaboration for enterprises. Those capabilities include presence information, enterprise instant messaging, web conferencing, community collaboration, and telephony capabilities...
or Microsoft Office Live Communications Server
Microsoft Office Live Communications Server
Microsoft Lync Server is an enterprise real-time communications server, providing the infrastructure for enterprise instant messaging, presence, file transfer, peer-to-peer and multiparty voice and video calling, ad hoc and structured conferences and, through a 3rd party gateway or SIP trunk, PSTN...
) or unsanctioned access to the public IM networks (e.g. AOL Instant Messenger
AOL Instant Messenger
AOL Instant Messenger is an instant messaging and presence computer program which uses the proprietary OSCAR instant messaging protocol and the TOC protocol to allow registered users to communicate in real time. It was released by AOL in May 1997...
, Google Talk
Google Talk
Google Talk is a freeware voice over Internet protocol client application offered by Google Inc. The first beta version of the program was released on August 24, 2005...
, Windows Live Messenger
Windows Live Messenger
Windows Live Messenger is an instant messaging client created by Microsoft that is currently designed to work with Windows XP , Windows Vista, Windows 7, Windows Mobile, Windows CE, Xbox 360, Blackberry OS, iOS, Java ME, S60 on Symbian OS 9.x and Zune HD...
, or Yahoo! Messenger
Yahoo! Messenger
Yahoo! Messenger is an advertisement-supported instant messaging client and associated protocol provided by Yahoo!...
).
Functions Performed by IM Management Systems
To mitigate risks and satisfy the need to reduce liability and adhere to regulation, companies and government agencies install IM management systems. Examples of leading companies providing IM management products or hosted services include Akonix, BrosixBrosix
Brosix is a secure instant messenger that is designed to help users connect to each other. It uses 256-bits AES encryption in order to encrypt messages, thus ensuring their security...
, CSC, FaceTime Communications, Global Relay, ScanSafe, Surfcontrol, and Symantec. All of the leading products and services perform the following functions:
(1) Antivirus scanning of IM attached files, utilizing antivirus software
Antivirus software
Antivirus or anti-virus software is used to prevent, detect, and remove malware, including but not limited to computer viruses, computer worm, trojan horses, spyware and adware...
.
(2) Identification of typical "signature" strings in hostile IM messages that use social engineering (security)
Social engineering (security)
Social engineering is commonly understood to mean the art of manipulating people into performing actions or divulging confidential information...
to fool the recipient into clicking a poison URL, which in turn, downloads malware
Malware
Malware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
to the unsuspecting recipient's computer.
(3) Filtering of content within messages, typically scanning for keywords and regular expression phrases (e.g. the phrase "hot stock tip" might trigger a security alert if found in a message sent by an employee at a stock brokerage. Likewise a string of numerals in the format xxx-yy-nnnn, might trigger a block or alert due to the likelihood that it is a Social Security number
Social Security number
In the United States, a Social Security number is a nine-digit number issued to U.S. citizens, permanent residents, and temporary residents under section 205 of the Social Security Act, codified as . The number is issued to an individual by the Social Security Administration, an independent...
.) IM managers also typically block the transmission of the seven dirty words
Seven dirty words
The seven dirty words are seven English language words that American comedian George Carlin first listed in 1972 in his monologue "Seven Words You Can Never Say on Television". The words include: shit, piss, fuck, cunt, cocksucker, motherfucker, and tits...
.
(4) Archiving of IM chats according to organizational policy. Archiving of IM is typically integrated with email archiving systems that provide for effective storage, retrieval, indexing, and destruction of electronic messages.
The emergence of IM as a legitimate, productivity-enhancing communications medium in business is a relatively recent trend. As a result, IM management systems are only utilized in an estimated 10% to 25% of companies (with some estimates being even grimmer, such as the 2007 study by industry analyst The Burton Group, which found IM policy in only 10% and IM security in only 5% of organizations surveyed), while IM is estimated to be used by employees in 85% to 90% of companies. The gap between the need for protection and the implementation of protection is a significant concern, as over 1300 attacks using IM networks to deliver malware have been identified by security companies and tracked at the IM Security Center as of the middle of 2008.