The security implications of using IM through a dedicated port

I'm the security administrator in my organization and am debating one issue with our development manager.

On his PC, he has a VPN link to one of our partner's systems (warranty system). He wants to have MSN messenger on his PC through a dedicated port so it allows only text messages. I'm worried about security implications since this will allow his PC to have a direct link to the Internet without going through our firewall or proxy. Is there a safe way to satisfy this need without the risk, or is it risky enough to reject his request?

I understand your concerns. MSN Messenger, as well as other instant messenger services, could open security holes. If there isn't a pressing business need, I always block them. However, sometimes users actually require these services for business purposes. I'd make sure that he has a personal firewall (such as Zone Alarm or BlackICE) and an antivirus program on his computer. Also, he should keep his system patched, running the Windows Update feature on a regular (say weekly) basis. That should mitigate much of the risk.

For more information on this topic, visit these other SearchSecurity.com resources:
  • Best Web Link: Secure messaging
  • Article: IM putting enterprises at risk to viruses, attack
  • Web Security Tip: Prevent hackers from sneaking in through IM

  • This was first published in May 2003

    Dig Deeper on Social media security risks and real-time communication security



    Find more PRO+ content and other member only offers, here.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.



    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: