If you need to monitor and control IM traffic across an entire network, consider using an application layer firewall, such as Cisco's IOS Firewall, which controls the traffic to and from a user-defined list of Instant Messaging Server hostnames. You can also try a gateway specifically tuned to detect IM and P2P use, such as FaceTime Communications Inc.'s IM Guardian RTG500 network appliance (www.facetime.com/solutions/security.aspx)...
or Akonix Systems Inc.'s L7 Enterprise, a software proxy gateway that allows you to secure and control access to public IM. To learn more visit www.akonix.com/. These products allow you to set access-control policies, enforce encryption, limit who can communicate with whom and require a minimum client version and standardized screen names. If you want to reduce impersonators and IM spam, you can use a standardized naming convention for IM handles that contains your organization's name. You should also ensure that network users choose a different IM account password to their network one, and let them know that password or account information will never be requested over IM by your IT department.
If you simply want to limit who can contact you via IM, most IM programs will let you create a contact list or "buddy list." A buddy list is similar to an email program's address book. You can block incoming messages from those not on your contact list or restrict who can add you to their list. Some applications, like Cerulean Studios' Trillian chat client, for example, use encryption. You may want to consider using encrypted programs if available.
Dig deeper on Social media security risks and real-time communication security
Related Q&A from Michael Cobb
A reported 43% of Microsoft XML users are running vulnerable versions of the software. Security expert Michael Cobb discusses how to mitigate the ...continue reading
Security expert Michael Cobb explains what Open Authorization or OAuth 2.0 is, its pros and cons, and how it is different from bring your own ...continue reading
While the fundamentals of securing an e-commerce website haven't changed in a few years, there are new threat vectors and security risks to be aware ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.