myspace IM at work

***Computernerd22*** · June 30th, 2007, 12:34 AM

IM curious if someone has 'myspace IM' on one of the workstations at work (small office consists of two desktops and one notebook). Some of the employees like to use 'myspace IM at work'. Couple questions,

#1. Does it post any type of security threat? If so, how?

#2. Im curious if someone is chatting with someone inside the office using "myspace IM" can the DATA (traffic) inside the office can it be sniffed by a packet sniffer from someone outside of the network? Basically, the other person their chatting with on myspace IM? All help is greatly appreciated.
CN22

**nihil** · June 30th, 2007, 03:53 AM

Well CN22,

My personal view is that "Myspace" is actually "Theirspace" and has no place in the office which is "Yourspace" and your equipment and time?

Myspace has been attacked, and all social networking sites are attractive distribution centres for bad stuff in general. Individuals' accounts are not well regulated to prevent this.

Basically, they are so large and change so rapidly it would be a near impossible task.............. a bit like trying to moderate a large IRC network?

IM is another communications conduit along which you can be attacked by worms, spyware and God knows what else. Main problem as I see it is that people are probably more relaxed in their "community" and so are less vigilant?

One other concern I would have is regarding regulatory compliance, and the concept of legal "discovery". I haven't seen any cases but I would strongly suspect that external IM would be considered an "electronic record" that you might be required to produce?................a real PITA if you don't monitor it.

Just my £0.02

***foxyloxley*** · June 30th, 2007, 04:42 PM

if it's just inernal IM messaging
get MS Communicator ...........

Just finished a contract with Unilever, and they use it, and they DO have quite a few employees

just so long as you are on the same domain
or in the same forest
or in the ......................... you get the picture
YOUR data stays on YOUR network

then snuff out the opposition

**Heart Xlr8r** · June 30th, 2007, 10:10 PM

I've got a question.. Why do people use myspace? I mean haven't they heard of what happened? people all over the world use their real live names/locations/ other things.

I mean why can't they stick to something like this, a forum.. Or the tried and true email? or messenger? I mean, with that alone you can talk to each other and see each other perhaps not in real life but that's at least something to do then read bulletins all day.

That's just my opinion.

**nihil** · June 30th, 2007, 11:55 PM

Here is a short article from Panda on MySpace security threats:

http://www.snpx.com/cgi-bin/news55.c...4329669?-11434

More here:

http://www.snpx.com/cgi-bin/news55.c...4194448?-14215

http://www.snpx.com/cgi-bin/news55.c...13948374?-1313

***Computernerd22*** · July 1st, 2007, 01:16 AM

The workstations have a lot of spyware & malware etc... on them and they need to be cleaned up. I would just uninstall it and block them from accessing www.myspace.com but this is in a doctors office with only 2 workstations and a notebook. I really don't want to get that 'strict' with the 'level of security,' also it would cause them to complain. "so to speak," and think I was doing it just so it wouldnt be on the system little do they no it can make the system/network worse.

**nihil** · July 1st, 2007, 01:24 AM

Hi CN22,

this is in a doctors office with only 2 workstations and a notebook

Doesn't HIPAA apply to it? Tighten the whole lot up and blame it on the boogy man

Blaming stuff on "Nanny State" Government requirements is usually a good move.

This site may help?

http://www.cms.hhs.gov/SecurityStandard/

***Computernerd22*** · July 1st, 2007, 01:48 AM

Doesn't HIPAA apply to it?

I never heard of it until now.

Anyways, I guess it does apply. So basically, their is no other option or choice but to remove it from the office workstation? Pretty interesting stuff.

**nihil** · July 1st, 2007, 02:01 AM

Hi CN22,

I know it may sound a bit "off" for a UK type to be pointing out US legislation, particularly as I have never had to apply it or study it in detail, but a lot of this legislation is similar in both our countries, so I keep my finger on the pulse?

Seriously though, if ANY patient data passes through those computers you should lock them down as best you can.

***Computernerd22*** · July 1st, 2007, 02:32 AM

Seriously though, if ANY patient data passes through those computers you should lock them down as best you can.

Good point. Will surely do what I can do to secure the network. Its pretty small anyways not like it's an office of 30 workstations or anything like that.

Thread: myspace IM at work

Thread Tools

Display

myspace IM at work

Similar Threads

Slack BSD

Hacker Penetrates T-Mobile Systems - and then can maybe go work for the government!?!

Installing and dual booting with, SUSE Linux 9.1 Professional, and Windows XP

how do exploits work? in a coding way..

:) do you want to have good work?

Posting Permissions