Securing instant messaging in your corporationInstant messaging may soon become an indispensable business tool; however, the risks of using an unsecured IM platform in corporations are high.
This section explores the security issues introduced with the use of corporate instant messaging and offers best practices that can help in deploying a secure IM platform.
Many corporate customers may wish to use their network firewall to block users from communicating over insecure instant messaging systems. Unfortunately, out-of-the-box firewall configurations are often not sufficient enough to block access to the latest generation of popular IM systems.
These IM systems were designed with firewalls in mind and employ a number of techniques to sneak past corporate firewalls to reach their servers.
All IM clients are preconfigured with one or more TCP/IP network addresses that allow them to connect to their IM server(s). Once connected, the clients can exchange messages with other IM clients.
Because many companies configure perimeter firewalls to block all Internet services except for a small critical set (e.g., SMTP email, HTTP Web surfing, and DNS), IM providers have designed their clients to tunnel over these commonly allowed Internet services, if required, and slip past the corporate firewall.