Instant Messaging
Instant Messaging (or IM) is the ability to easily see whether those in your "buddy list" are connected to the internet and, if so, to exchange messages with them. It's faster than e-mail, less intrusive than a phone call.
IDC predicts that there will be 255 million worldwide users of consumer and business IM products in the workplace by the end of 2006, up from 80 million in 2002. More concerningly, Gartner research indicates that approximately 70% of enterprises are encountering unsanctioned consumer IM in their networks.
While IM can play a valuable part in corporate communications, unsanctioned use carries high risks.
The proliferation of IM is exposing organisations by providing an unsecured opening to the internet for virus infection, the leaking of confidential information and liability for defamation.
Richard Stiennon, research director of security and privacy for Gartner, warns that ability of public IM applications – i.e. those that can be downloaded free by staff – to search for unblocked ports to the internet, has "created a huge misconception that IM can be easily blocked by the enterprise firewall."
The major developers offer corporate IM packages – with appropriate security additions, including means of recording the messages. The risk exists when the public packages are used without control in the workplace.
IM use is something that should be addressed in an organisation's communications policy. In addition, network security specialist Blue Coat Systems offers a means of securing and controlling popular public IM applications on the corporate network.
It claims to be the first package that lets IT administrators apply granular access control, centralised management, and logging of AOL, MSN and Yahoo! IM with the content filtering and anti-virus security that companies expect.
For more information, see: www.bluecoat.com
KaZaA
KaZaA is the current champion of peer-to-peer (P2) computing. The company claims that its software has been downloaded around 197 million times. With the software and an internet connection, users can exchange files of all kinds - including music, movies and software - with anyone else connected to the massive KaZaA network.
If any of your staff have installed KaZaA on their desktops to share files using your organisation's network, you face several potential liabilities.
The most obvious is copyright infringement. In April 2002 the recording industry entered into a $1 million settlement with an Arizona company whose employees accessed and distributed thousands of songs using company equipment.
The entertainment industry has cited estimates that up to 2.6 billion copyrighted files are illegally swapped each month. It is not hesitant about taking action – and a company makes a more lucrative target than an individual.
Security should be another major concern. There are computer viruses deliberately disguised as media files to entice KaZaA users to download and run them. Plus the KaZaA program itself is loaded with spyware.
Additionally, downloading and storage of large files add strain to system resources. Many individuals use the company system for large downloads rather than their home PCs because bandwidth tends to be much better at work.
Executive Software International offers a means of detecting KaZaA and getting rid of it from a network without going through a laborious, machine-by-machine manual process.
The developer is offering Management Software that can be used to easily scan and detect KaZaA and other similar software programs across an organisation in a matter of minutes (as well as MP3 files).
Details are available at:
www.execsoft.com/eletter/current/eletter.asp#2
