September 23rd, 2002, 08:33 PM
Over the recent years, instant messaging has grown tremendously. I read an article in Information Security Magazine recently, and they mentioned issues with security and how it has apparently proven to be counter-productive. What are your opinions on it? I can see where it could possibly be an invaluable tool for communication, but when does it get out of hand?
September 23rd, 2002, 08:36 PM
COmpanies who are concerned about the security or abuse of the IM systems generaly have set up their own IM type servers. This allows them to control the content and logging of the systems.
September 23rd, 2002, 08:40 PM
In my personal opinion, I would personally allow to a point "Instant Messaging Service". I'm sure most of you know by now, that Microsoft Windows XP allows remote access to the system with a Personal Instant Message invite, and this allows me to reconfigure clients and family computers without leaving my desk. However, with the "mentality" of individuals that download everything. The virus scans do not work hand and hand like they do with mail and website script checking. I personally allow them in my shop "which is a privately owned company" However, when I'm out consulting. I frown upon them every way possible, so you have to take in consideration what you want to accomplish. If you allow them, will they decrease productivity. If you allow them, can information leaks increase. If you allow them, are you prepared for the chance of increase virus incidents. Then there is the actual vulnerabilities... a lot to consider...
September 23rd, 2002, 09:17 PM
largely, I think IM is counter productive, but I use it at work to communicate with my boss, and other people that may need assistance. In that regard it is helpful, but for the most part it has no purpose except to serve as a chatting medium.
As for the insecurity of it, if You think IM is your biggest threat, then you need to rethink your security policy. If users are trained correctly in using it, and the client is configured correctly, it is no more insecure than any other internet based program. ( exluding flaws in the program that is).
Antionline in a nutshell
\"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"
Trust your Technolust
September 23rd, 2002, 09:23 PM
I use IM at work for personal reasons, and nothing more. I do think it is very counter productive also. If i were asked not to use it here, or it was blocked, i dont think i would care very much, as I am at work.
September 24th, 2002, 12:38 PM
there is only one real IM..
but I still use MSN sometimes..
I used to use ICQ but all the (*** see my website ; ) spamm was getting so thick...
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio
the best station for C64 Remixes !
September 24th, 2002, 03:15 PM
There are issues for companies, some on the security side and some on appropriate worker behaviour. The issue of whether or not there is a valid reason for a worker to have instant messaging at work is a double-sided sword. For example, IM has been used around here to save on long-distance phone bills; however, at the same time, IM has also been used around here to chat with friends and girlfriends to the point of alot of work time being lost. For this reason, alot of companies have built out a 'use of company resources policy,' alot of which restrict usage of instant messengers.
It has been my experience, that alot of companies that have restricted access to IM's have done so not only from the perspective of the potential for lost work time, but also for the numerous vulnerabilities found in almost (if not all) IM's over the last couple of years. Things like worms and trojans, propogating through IM and point-to-point connections, are a concern for many security minded organizations. With that being said though, I have yet to see anything that was entirely foolproof (and not detrimental to normal usage) in blocking IM because most, if not all, IM's have a way to configure their port usage to allow communications out when the default methods have been blocked (or even better, using a java client over the web).
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
September 24th, 2002, 03:53 PM
The only time I use it is at home. We can actually pick up the login and the conversation, but right now, I don't see the point in logging it - maybe if there was some sort of an active investigation or something. I think it can be very counter-productive, but like most other great administrative/support tools, it can be abused. It's a shame, many of the best home-grown adminstrative apps I have run into have turned into a Security Administrator's nightmare if their network is not properly protected...but that's the way it goes...
Opinions are like
holes - everybody\'s got\'em.