Feeds

Blue Coat clamps down on rogue IM use

Handcuffs

  • alert
  • submit to reddit

Protecting users from Firesheep and other Sidejacking attacks with SSL

Security outfit Blue Coat Systems yesterday announced technology designed to guard against the misuse of AOL, MSN and Yahoo! IM applications on corporate networks.

Blue Coat's IM Traffic Control technology will ship in the Spring, as an additional feature of Web security appliances. These appliances are designed to combat the increasing number of Web-based threats targeting port 80 'holes' in corporate security infrastructures.

Appliances such as the SG-800 already cover content filtering, Web anti-virus and proxy cacheing to which Blue Coat is adding the ability to handcuff rogue IM use.

Nigel Hawthorn, European marketing director of Blue Coat Systems, said IM use can have substantial business benefits but still poses three main problems for corporates.

These risks are: the possibility the computer viruses will spread through IM, waste of employee time on personal conversations and the possibility of confidential company documents been sent out via IM (which, unlike email, is not logged).

The leaking of company documents through IM, of particular concern to finance houses, appears to be the best reason for considering Blue Coat's IM Traffic Control technology.

Viruses have been known to spread through IM but this risk is already covered by desktop AV packages, so we're unconvinced by Blue Coat's arguments that its add-on IM management technology is needed there.

So if IM is a particular risk to certain companies - why not simply ban it?

Hawthorn argued even if companies decided to prohibit use of IM messages, this policy is difficult to enforce through conventional firewall. AOL Instant Messenger, for example, is port agile and will try to connect via a variety of means (port 5190, port 80 and even FTP, according to Blue Coat).

According to analyst firm IDC, IM use will grow up from 80 million users in 2002 to an estimated 255 million worldwide by 2006.

Blue Coat cites this and Gartner research that approximately 70 per cent of enterprises have unsanctioned consumer IM on their networks to explain the need for its policy control technology. ®

Related Stories

CacheFlow dons Blue Coat moniker
Instant message, cracker tricks
Yahoo! Messenger! multiple! vulns!
AOL tests secure IM
EDS bans IM
First MSN Messenger virus

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.