If you had no problem understanding that headline (it decodes as “see you later, dude”), you’re one of those initiated into the world of instant messaging (IM). And you’re a potential source of threats to the corporate network if you use IM at work. But IT personnel now have some new resources to help mitigate threats to the network created by IM or peer-to-peer (P2P) communications.
One is a Web site of current threat and vulnerability information sponsored by FaceTime Communications, a provider of tools that secure IM and P2P networks. The information on the Web site comes from the FaceTime Instant Response Security Team (FIRST), which is a group of security pros dedicated to collecting information on new threats and vulnerabilities and then finding ways to mitigate these.
FIRST is analogous to teams set up by antivirus companies, says Dan Schrader, director of product marketing at the firm. The group is fighting the greatest challenge of securing IM and P2P: what Schrader calls “technology churn, the constant releases of new protocols, new clients, and new applications.” He says there are currently more than 40 protocols being used by IM and P2P networks.
In addition to putting threat and vulnerability information online, FIRST offers several free tools that organizations can use to examine their environment to see exactly how much P2P and IM communications are being used, and what risks exist from their use.
Another resource is the IMLogic Threat Center, created by IMLogic, which makes software products that help enterprises manage corporate IM usage. Like FIRST, the Threat Center offers a knowledge base of IM and P2P viruses and worms, and has partnerships with IM vendors and antivirus companies. Much of this knowledge base comes from a honeypot infrastructure designed to catch IM and P2P threats.
“That’s a new asset in this game,” points out Francis deSouza, CEO of IMLogic. “It will help us look for and identify new threats on the IM and P2P networks.”
Once a threat is identified, security technicians analyze it, grade its severity, and suggest how to protect against it. This information goes on the Threat Center’s Web site. It is also sent to those who have signed up for e-mail notifications.
“We also let our security partners know, because in security, it’s important to be part of a community and share intelligence as we discover it so we can better protect our customers,” deSouza says.