If you need to monitor and control IM traffic across an entire network, consider using an application layer firewall, such as Cisco's IOS Firewall, which controls the traffic to and from a user-defined list of Instant Messaging Server hostnames. You can also try a gateway specifically tuned to detect IM and P2P use, such as FaceTime Communications Inc.'s IM Guardian RTG500 network appliance (www.facetime.com/solutions/security.aspx) or Akonix Systems Inc.'s L7 Enterprise, a software proxy gateway that allows you to secure and control access to public IM. To learn more visit www.akonix.com/. These products allow you to set access-control policies, enforce encryption, limit who can communicate with whom and require a minimum client version and standardized screen names. If you want to reduce impersonators and IM spam, you can use a standardized naming convention for IM handles that contains your organization's name. You should also ensure that network users choose a different IM account password to their network one, and let them know that password or account information will never be requested over IM by your IT department.
If you simply want to limit who can contact you via IM, most IM programs will let you create a contact list or "buddy list." A buddy list is similar to an email program's address book. You can block incoming messages from those not on your contact list or restrict who can add you to their list. Some applications, like Cerulean Studios' Trillian chat client, for example, use encryption. You may want to consider using encrypted programs if available.
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Michael Cobb
Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading
Shellcode is a set of instructions that executes a command in software to take control of or exploit a compromised machine. Read up on the malware ... Continue Reading
The popular port scan is a hacking tool that enables attackers to gather information about how corporate networks operate. Learn how to detect and ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.