Many security-conscious IT managers view real-time communication applications, such as IM and P2P, as potential entry points for virus infections and unauthorized access to corporate data. On the other hand, organizations are increasingly embracing real-time communication applications, which are percolating up from use by individual employees to the entire business operation.
Whether or not you officially allow instant messaging and peer-to-peer applications into your networks, organizations should consider tools for controlling and monitoring their infrastructures for threats from these applications.
Virus protection is a great concern with these applications because, unlike e-mail applications, files transferred via IM or P2P can arrive directly to the users desktop, bypassing firewalls and anti-virus scanners.
For this reason, most sites should disallow file transfers among IM clients and P2P clients by using tools such as FaceTime Communications Inc.s IM Guardian (see review) or IM proxy products such as IMlogic Inc.s IM Manager and Akonix Systems Inc.s L7 Enterprise.
Enterprises that deploy a secure internal IM solution, such as WiredRed Software Corp.s E/pop or Microsoft Corp.s Office Live Communications Server 2003 (see review), are protected as long as client messages are restricted within the firewall.
IT managers should also look for anti-virus scanning integration when evaluating IM security products.
Products such as IM Manager provide virus scanning through integration with Network Associates Inc.s McAfee anti-virus engine. And companies such as Sybari Software Inc. are targeting anti-virus products at IM applications. Sybari Antigen for IM, which works with Live Communications Server and IM Manager, allows IT managers to apply content and file filtering policies in addition to providing anti-virus capabilities. Antigen for IM will be available this month.