Home page logo

basics logo Security Basics mailing list archives

Re: Survey: Chat and IM
From: "Chris Berry" <compjma () hotmail com>
Date: Tue, 26 Nov 2002 11:20:28 -0800

From: "tony toni" <tony572001 () hotmail com>
We currently are allowing web based chat and instant messaging. I know that there are lots of security issues involved with its usage. The IT folks are telling me that it is a common practice in the industry. I have a hard time believing this and this is one battle I would like to take on.

First question, is this capability adding to your employees ability to conduct business? If it is, you may have to allow it regardless of the implications. For example, a company without web access is very secure, but who can afford not to have web access nowadays?

QUESTION: DOES YOUR COMPANY ALLOW WEB BASED CHAT AND INSTANT MESSAGING? If this was a battle you fought, could you please give me some ideas on how you won the battle. Any good articles/white papers that could support my position?

We do not allow it here because it would not enhance our productivity. While there are a few exploits related to certain applications like AIM, I'd be more worried about the social engineering aspect. Honestly though, I'm not sure why you're so worried about this particular feature, just inspect the chat clients they're using and lock them down or forbid the least secure ones.

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"And here in our server room you can see our Beowolf Cluster of C64's that keeps our enterprise on the very cutting edge of technology."

Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]