You’d be a dunce not to be suspicious of reports of rising computer crime and online attacks originating from companies that profit from protecting us against such threats. That’s why results of independent surveys conducted by Australia’s national computer emergency response team (AusCert) sound more interesting than the usual industry alarm bells.
The 2003 Australian Computer Crime and Security Survey suggests that despite increased spending on security in the last 12 months, from the almost 70 per cent of the 214 public and private sector organisations surveyed, more than 40 per cent of respondents experienced one or more computer attacks which harmed confidentiality, integrity or availability of network data systems in the past year. Average losses caused by outside attacks were estimated to be $93,657, up from $77,084 in the 2002 survey. Precisely how this was quantified, I don’t know.
Reports separate to AusCert’s survey suggest that instant messaging (IM) is one of the widening cracks in the defences. The issue was highlighted with the recent disclosure of six vulnerabilities in AOL’s Mirabilis ICQ IM client software, two of which, reportedly, could allow hackers to gain full administrative control of a victim’s computer. Even without such vulnerablities, IM usage outside of enterprise security measures and policies brings risks such as the transmission of malicious executables, transmission of sensitive files to outside parties, and in wrongful distribution of copyrighted works.
Meta Group has recommended introduction of policies and monitoring which bring IM under the umbrella of corporate e-mail messaging, and would have IM users agree to a corporate usage policy. Suppliers have moved to introduce various gateway services including AOL’s AIM Enterprise Gateway, the MSN Connect for Enterprise, and the Yahoo Messenger Enterprise Edition. These services aren’t necessarily cheap and have been criticised for the level of protection provided.
Another approach includes the Akonix Systems L7 Enterprise instant-messaging management server. This is installed on the corporate network to act as an active proxy server for commercial IM traffic inside the firewall. L7, first introduced by Akonix in the middle of 2002, provides IT with message logs, and can authenticate user “screen names” against corporate user directories. It also disables features of instant messaging, such as file transfer and chat rooms.
It would great to hear about yo_pconnect("user=ith this type of management server or gateway services. Can you get IM under control?