IM Gateway and Security Implications

Does anyone have any data, studies, or analysis related to the use of the Wildfire and/or Jabber toolset with external IM gateway functionality? Specifically, I am looking for any knowledge, analysis, or indications about the security risks and/or implications upon an enterprise who chooses to extend IM functionality outside of its firewall.



Message was edited by: jadestorm

I hope you don’‘t mind but I’'m adjusting the title of this thread to try to attract more responses. =)

Interesting topic! I’‘d like to see if anyone knows of any such data. From my own standpoint, I could definitely think of some scenarios that having communication outside your organization could pose some security risks. I mean even I have accidentally pasted something into my IM windows that I didn’‘t want others to see. I could see something getting accidentally “leaked” that way or something along those lines. I mean obviously there’'s the thought that someone could chat about internal matters with external friends, but then they could do that via in person communication.

I don’'t know of any studies but I can tell you what we do here. We restrict who has access to the IM gateways so that only certain people that will need to use them can. In addition to that we store all chats in our SQL server (internal or external.) Both of those items combined satisfy our security requirements.

I agree that there are issues around mis-use, specifically sending propriatary information or abusive communication (sexually explicit, etc.).

However, at a larger level, my questions surround tru security issues. I am curious if there are significant levels of attacks, viruses, trojan horses, etc. that are distributed / received via IM in organizations that aren’'t found in traditional e-mail environemtns.

Is this a reason to restrict external IM usage?



‘‘To date’’, I have never heard of trojans, viruses, etc coming through im channels. The exception being file transfer, where you receive a file that you blindly open. That said, the IM Gateway plugin doesn’‘t support file transfer yet. When it does, file transfer will be disabled by default. The only other thing I can think to mention would be that sometimes there can be spam in IM land. Typically I’'ve only seen that in ICQ when you have web presence turned on.

I would have to agree. The only way you are going to be open to an attack is by file transfer (in which the user must accept the transfer) and possibly through a spam link (in which the user must accept to click or copy the link to a browser.)