Ending Soon! Save 33% on All Access

Mitigate IM Security Threats Follow these steps for protecting IM as a business tool.

Instant messaging has become a common means of communicating in the business world. Once limited to desktops, IM is now available via handheld devices and cell phones, allowing users to chat from virtually anywhere.

However, like any form of communication through the internet, IM is accompanied by its own set of security risks. Whether deployed by users at their place of business or on their home computers, IM is generally unprotected and unmonitored, leaving it vulnerable to attacks. One infected computer can result in messages being sent to all users in an IM contact list on that machine.

Furthermore, popular IM protocols are increasingly becoming interoperable. While this allows users from one network to communicate with users from another network without having to install multiple IM clients, it may also encourage attackers to concentrate their efforts on these protocols that represent a larger group of users. In such a scenario, any malicious code that propagates through one of the protocols could likely propagate through the other.

Some of the most common threats to IM include:

  • Spim
    Spim is the spam of the IM world. Spimmers pose as IM users and send messages to randomly generated screen names and to names illegally collected from the internet through automated programs. Spim isn't only annoying to deal with, but it also can be used as a conduit for security breaches.
  • Trojan horses
    A number of Trojan horses target IM. Some of these Trojans pose a large threat, allowing anyone full file access to a computer. Others are classic backdoor Trojans that use IM to send messages to the author of the Trojan, giving the hacker information about the infected computer, from IP address to open ports.
  • Worms
    Just as e-mail messages are used to spread worms, so is IM. As a result, users shouldn't accept, click on or launch suspicious instant messages.

A few of the proactive steps that small businesses can take to secure their IM environments include:

  • Educate employees and create corporate policies.
    An important first step in IM security is to learn about safe practices and how to incorporate them into company policy. To protect your business and your employees, you should define appropriate uses of IM in the workplace and encourage precautionary measures, such as not storing IM passwords on the computer, never accepting messages from unknown sources, exercising caution when opening files or links, and not accepting file transfers.
  • Install desktop security software.
    Since spim typically requires users to download and open an attachment, security at the desktop level can guard against threats by blocking an attachment or cleaning an infected file. Install desktop firewalls to help protect individual machines from attacks from within an organization or through a local area network. Desktop firewalls are also good for those in a remote office or who handle sensitive data. You should also install desktop antivirus programs to provide a final line of defense against viruses, worms and Trojan horses.
  • Install and update patches.
    The major public IM networks frequently deploy IM patches in response to newly discovered vulnerabilities in their programs. You can help reduce the risk of attacks to your organization's computers by installing and updating IM patches regularly.
  • Secure IM logs.
    Many IM programs automatically create and store logs of all conversations on a user's computer. Hackers can gain valuable information from these logs, including specific statements made during a conversation, as well as business secrets discussed. To safeguard the content of IM conversations, consider either storing them behind a company firewall or deleting the logs. Most public IM programs have a deletion option in their preferences section or in the log manager section.
  • Encrypt messages.
    While the preceding recommendations will help you and your employees use public IM networks securely, companies that use IM for business communications should also consider using their own IM servers together with encryption.

By educating employees, enforcing policies, installing protective technologies and, where possible, encrypting IM conversations, you can continue to enjoy the benefits of using IM as a business tool while also mitigating its risks.

Mark Pieningis senior director of worldwide small- to medium-sized (SMB) marketing for Symantec Corporation, which offers a host of security and availability products, as well as information on the latest security threats at www.symantec.com. He can be reached at mark_piening@symantec.com.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Most Popular

See all
Leadership

How a $10,000 Investment in AI Transformed My Career and Business Strategy

A bold $10,000 investment in AI and machine learning education fundamentally transformed my career and business strategy. Here's how adaption in the ever-evolving realm of AI — with the right investment in education, personal growth and business innovation — can transform your business.

By Jacqueline Ann DeStefano-Tangorra, CPA, CFE, MBA
Science & Technology

3 Major Mistakes Companies Are Making With AI That Is Limiting Their ROI

With so many competing narratives around the future of AI, it's no wonder companies are misaligned on the best approach for integrating it into their organizations.

By Chris Stegner
Business News

A University Awarded a Student $10,000 for His AI Tool — Then Suspended Him for Using It, According to a New Lawsuit

Emory University awarded the AI study aid the $10,000 grand prize in an entrepreneurial pitch competition last year.

By Sherin Shibu
Leadership

Want to Enhance Your Influence as a Startup Leader? Here's What You Need to Know.

Discover the foundational influence styles of "pushers" and "pullers," and learn practical tactics to refine your natural influencing approach. Enhance your performance in startup environments by adopting the most effective elements of both styles.

By Jena Booher, Ph.D.
Business News

He Picked Up a Lucky Penny In a Parking Lot. Moments Later, He Won $1 Million in the Lottery.

Tim Clougherty was in for a surprise when he scratched off his $10,000-a-month winning lottery ticket.

By Emily Rella
Side Hustle

These Brothers Had 'No Income' When They Started a 'Low-Risk, High-Reward' Side Hustle to Chase a Big Dream — Now They've Surpassed $50 Million in Revenue

Sam Lewkowict, co-founder and CEO of men's grooming brand Black Wolf Nation, knows what it takes to harness the power of side gig for success.

By Amanda Breen