Comments on: Looks like it’s a good time to be talking about IM security http://www.mckeay.net/2006/10/31/looks-like-its-a-good-time-to-be-talking-about-im-security/ The views of one man on security, privacy and anything else that catches his attention Sun, 20 Jul 2008 14:15:47 +0000 http://wordpress.org/?v=abc By: JB http://www.mckeay.net/2006/10/31/looks-like-its-a-good-time-to-be-talking-about-im-security/#comment-630 JB Thu, 02 Nov 2006 17:44:06 +0000 http://www.mckeay.net/2006/10/31/looks-like-its-a-good-time-to-be-talking-about-im-security/#comment-630 We block all forms of IM at our firewalls, using ACLs, URL filtering (for web-based IM), and our IPS signatures. IM was a tricky beast to lock down, but we finally managed to cover it with all those layers. My concern with IM was its use as a vector for attack, as well as the ability to transfer sensitive files out of our network to another location. We block all forms of IM at our firewalls, using ACLs, URL filtering (for web-based IM), and our IPS signatures.

IM was a tricky beast to lock down, but we finally managed to cover it with all those layers.

My concern with IM was its use as a vector for attack, as well as the ability to transfer sensitive files out of our network to another location.

]]> By: Randy http://www.mckeay.net/2006/10/31/looks-like-its-a-good-time-to-be-talking-about-im-security/#comment-629 Randy Wed, 01 Nov 2006 13:00:39 +0000 http://www.mckeay.net/2006/10/31/looks-like-its-a-good-time-to-be-talking-about-im-security/#comment-629 We installed an IRC server internally that employees can use to chat with one another (and fully disclose to them that everything they write is logged). As for the popular IM services, we block the protocols and known website solutions as well as prevent end users from installing the software in the first place. We installed an IRC server internally that employees can use to chat with one another (and fully disclose to them that everything they write is logged). As for the popular IM services, we block the protocols and known website solutions as well as prevent end users from installing the software in the first place.

]]> By: Chris http://www.mckeay.net/2006/10/31/looks-like-its-a-good-time-to-be-talking-about-im-security/#comment-628 Chris Tue, 31 Oct 2006 20:37:25 +0000 http://www.mckeay.net/2006/10/31/looks-like-its-a-good-time-to-be-talking-about-im-security/#comment-628 (A) We just installed our proxies earlier this month, but only because our Compliance dept drove the requirement (Rule 17a-4). Past security warnings/requirements were ignored... but atleast we're protected. (A) We just installed our proxies earlier this month, but only because our Compliance dept drove the requirement (Rule 17a-4). Past security warnings/requirements were ignored… but atleast we’re protected.

]]>