Better IM Security Needed - Gartner
In the wake of increasing number of IM related security incidents around the globe, research and consulting firm Gartner has advised enterprises to implement more efficient strategies to better protect themselves from instant messaging (IM) security attacks.
According to Gartner analysts, with the increasing use of IM, attackers are beginning to shift their focus from relatively well-protected e-mail systems to often inadequately protected public IM. Hence IT administrators need to stay vigilant to avert major IM security incidents at their organization.
According to Peter Firstbrook, Research Director for Gartner’s Information Security and Privacy research group, “IT organizations must keep this threat in context and balance it against the productivity benefits of IM. Employees report benefiting from faster decisions, higher productivity and lower telecommunications costs when they use IM. However, organizations must plan for and build a strategy for IM management and security, much like they have for e-mail.”
Risks associated with uncontrolled IM identified by Gartner include:
* Lack of regulatory compliance involving records retention, communications limitations between employees and auditing of communications.
* Lack of universal encryption or widespread use of encryption can result in confidential or secret data being exposed in IM communications.
* Lack of records or universal naming conventions can result in disputes over what was communicated and with whom, when conducting business deals over IM networks.
* Lack of visibility into IM usage can result in noncompliance with acceptable usage of enterprise assets, such as transfer of pornography, or playing multiplayer games etc.
Normally IM viruses are transmitted in two ways - either as executable file attachments or as hyperlinks in IM text directing victims to malicious Web servers. Mostly viruses are not automatically executed but rather they exploit social engineering tactics and an unjustified trust in IM buddy lists to convince victims to open unknown files or click on links.
Firstbrook believes that in addition to the usual precautions of rapid patching, antivirus software and personal firewalls, deploying purely dedicated IM hygiene products and extensive end user training which teaches them to remain wary of shady instant messages are the best way to protect and manage IM usage.
- Study Reveals Why CISO Should Report To The CEO
- CXOs Still Wary Of Cloud Data Security: Study
- More Customer-Facing Firms Will Use Chatbots In 2-3 Years
- PNB Scam: Some Tech Lessons For Indian Banks
- Why Financial Sector CIOs Should Get On Top Of Machine Learning
- Unnecessary Security Cordons Make Fintech More Vulnerable
- AI Interest Among CIOs Is Huge, But Deployment Is Low
- Direct Co-ordination With CEO Can Maximise Cyber Security
- How CIOs Can Unleash App Power In Digital Business
- How To Become Cisco CCNA Security 210-260 Certified