Q
Problem solve Get help with specific problems with your technologies, process and projects.

The security implications of using IM through a dedicated port

I'm the security administrator in my organization and am debating one issue with our development manager.

On his PC, he has a VPN link to one of our partner's systems (warranty system). He wants to have MSN messenger on his PC through a dedicated port so it allows only text messages. I'm worried about security implications since this will allow his PC to have a direct link to the Internet without going through our firewall or proxy. Is there a safe way to satisfy this need without the risk, or is it risky enough to reject his request?


I understand your concerns. MSN Messenger, as well as other instant messenger services, could open security holes. If there isn't a pressing business need, I always block them. However, sometimes users actually require these services for business purposes. I'd make sure that he has a personal firewall (such as Zone Alarm or BlackICE) and an antivirus program on his computer. Also, he should keep his system patched, running the Windows Update feature on a regular (say weekly) basis. That should mitigate much of the risk.


For more information on this topic, visit these other SearchSecurity.com resources:
  • Best Web Link: Secure messaging
  • Article: IM putting enterprises at risk to viruses, attack
  • Web Security Tip: Prevent hackers from sneaking in through IM

  • This was last published in May 2003

    Dig Deeper on Email and Messaging Threats-Information Security Threats

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly.com

    Close