IM Security Challenge

Instant Messaging presents the same vulnerabilities as email, yet it is not protected in nearly the same manner. Corporations have dumped money on preventing email viruses but every other port is left untamed.
Potential Problems:
1. Application attacks. Such attacks are possible if IM client software is not kept up to date. Generally speaking companies stay on top of Microsoft patches but not as many patch their other applications. Since IM is generally ad hoc and user installed, it is not likely to be kept up to date.
2. Viruses sent via file transfers – There are many viruses such as Bropia that spread through IM networks and have effected corporate customers.
3. SPAM – (SPIM) Spam to IP accounts is fairly easy to control. Dont accept IMs from people not on your buddy list.
4. URLs. This is where a link to an exploit or virus is sent.
Solutions:
1. Ban IM. It can be blocked at the firewall, but you may find yourself looking for a new job if you choose to implement that solution.
2. Implement an internal IM server with Antivirus such as Microsoft LCS with Sybari Antivirus for IM. With LCS SP1 coming out this spring you can force Yahoo and AIM users to go through your server so that public traffic i protected.
3. Implement IMLogic to hijack public IM sessions so you can scan and control IM traffic.