What you will learn from this tip: Three ways to reduce unsolicited instant messages, including how to configure AOL, MSN and Yahoo IM clients to only accept messages from people on users' buddy lists.
As if spam wasn't bad enough, security and network administrators now have to deal with spim -- unsolicited instant messages. At its best, spim is a productivity hog. At its worst, spim is a vector for malware. Short of prohibiting instant messaging applications in your organization, there are steps you can take to limit the spim that finds its way on to your end-users' desktops.
Unlike e-mail, spim pops up and demands immediate attention, interrupting other activities (like work) with its message. Some of these messages drive traffic to Web sites offering porn, drugs, mortgage refinancing, or some other product or service. Other spim entices users to click on URLs for sites that install worms, Trojan horses or other malware on vulnerable systems. Phishers use spim to trick users into revealing account and financial information.
Here are three steps organizations can take to reduce spim and the risks it poses.
1.) Start by understanding how IM is being used in your organization, and establish policies and infrastructure for its safe use. For example, if your staff needs internal chat, but does not need to chat with people outside your organization, you might set up an internal, closed IM server. By doing so, you avoid the spim problem all together. If your users need to connect with customers or business partners, consider using an extranet or business-oriented provider rather than a consumer product. If you do decide to use a consumer service, inform users of what types of corporate information and communications may be sent over IM and which may not.
2. Configure your users' IM clients to accept messages only from people on users' buddy lists. While this is not a foolproof safeguard, it is a good step to take to reduce advertising spim.
AOL Instant Messenger:
- Choose "My AIM" on the main menu
- Go to "Edit options," then "Edit Preferences."
- Select "Privacy"
- Scroll to "Who can contact me"
- Choose "Allow only users on my buddy list"
- Choose "Tools" from the MSN Messenger Menu
- Click on the "Privacy" tab
- Use the "Allow list" to select who can send you IMs and whether they can see your status
- Choose the "Login" menu and then "Preferences"
- Select "Privacy"
- Choose the option to ignore anyone not on your Friend list
- On the iChat menu, select "Preferences..."
- Click on the "Privacy" icon in the toolbar. You'll be presented with choices regarding who can send you IMs.
3. Finally, train your users to use common sense and not to click on Web links sent to them by IM, even if they appear to originate from known IM buddies. Like many e-mail-based worms, IM Trojans use forged origin addresses to mask their true nature.
- Visit our resource center for more expert advice and tips on securing IM applications.
Al Berg, CISSP, CISM is Information Security Director of New York City-based Liquidnet (www.liquidnet.com). Liquidnet is the No. 1 electronic marketplace for block trading and the fifth fastest growing private company in America according to /Inc./ Magazine's 23rd annual Inc. 500 list of the fastest growing privately-held companies in America. You can reach Al at email@example.com.