Q

The security implications of using IM through a dedicated port

I'm the security administrator in my organization and am debating one issue with our development manager.

On his PC, he has a VPN link to one of our partner's systems (warranty system). He wants to have MSN messenger on his PC through a dedicated port so it allows only text messages. I'm worried about security implications since this will allow his PC to have a direct link to the Internet without going through our firewall or proxy. Is there a safe way to satisfy this need without the risk, or is it risky enough to reject his request?


I understand your concerns. MSN Messenger, as well as other instant messenger services, could open security holes. If there isn't a pressing business need, I always block them. However, sometimes users actually require these services for business purposes. I'd make sure that he has a personal firewall (such as Zone Alarm or BlackICE) and an antivirus program on his computer. Also, he should keep his system patched, running the Windows Update feature on a regular (say weekly) basis. That should mitigate much of the risk.


For more information on this topic, visit these other SearchSecurity.com resources:
  • Best Web Link: Secure messaging
  • Article: IM putting enterprises at risk to viruses, attack
  • Web Security Tip: Prevent hackers from sneaking in through IM

  • This was last published in May 2003

    Dig Deeper on Social media security risks and real-time communication security

    PRO+

    Content

    Find more PRO+ content and other member only offers, here.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

    Please create a username to comment.

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close