IM Security

Here's a press release I got today: Akonix Systems, [insert standard 'we rule' text that ever vendor includes], today announces that its Security Center team tracked over 100 new corporate security threats targeting IM and P2P systems in the first quarter of 2005, a more than 400% increase over the same period last year and more threats than were identified in all of 2004.

I know, we've heard chicken little arguments from security vendors in the past. However there is real meat here. Exploits have been discovered on most of the major public IM systems, and viruses can be sent via file attachments. Of course, there are the wonderful social engineering attacks. "This is 'Bob' from the advanced QA division. I'm trying to VPN in, but can't remember what the IP address of the VPN server is. Can you help me?"

Network Computing has said in the past that it's best not to have your company use a public IM server for your instant messaging needs, but to roll out your own system such as Lotus Sametime, WiredRed epop or Jabber. Combine that with an AV product and you can solve most of your IM problems. Yet, I'm wondering if this is good but useless advice for a large portion of our readers. After all, one benefit of using AIM is that you can communicate with other AIM users. If your company has it's own internal IM system, it's hard to talk to people at other companies, or personal contacts on AIM/Yahoo/MSN/ICQ. I know, you shouldn't be having personal IM conversations at work. You shouldn't be making personal phone calls either, but everyone does.

Which brings me to my point. Should we be looking at and reviewing IM security add-on products? Of course, Akonix and security vendors will say yes. But is this something that's being used or desired in the enterprise, or just small to midsize markets? Please email or leave comments in this post. I'd like to know if you're protecting public and/or private system IMs, want to do so, or think it's a waste of money.