From time to time I write about some tools we use here at VR to keep the business running. Today it's going to be about Instant Messaging. We use instant messaging here a LOT since we're on different floors and very spread out. Maybe too much. But it can be a really useful tool and very cost-effective since for the most part it's free. It stops our one-on-one email traffic and if we need to move quickly on something it's easy to do. But to most positives there are negatives to be aware of too. Here are a few that we've run into.
Positives
* It's great if you're in multiple locations and you need a cost effective way to communicate.
* It saves us money on long distance.
* You chat with someone while on a conference call to steer the conversation.
* It's great if you can't leave your desk and need a quick answer to a question.
* It saves you on foot traffic if you've got a long way to walk for a quick discussion.
* Stops the shouting between offices if that is a factor.
* We use live chat to talk to customers real time because many of you can't wait for a call or email back from us. Some of our reps have multiple windows open chatting with you.
Negatives
* For long drawn out conversations, pick up the phone. I've been a victim to this too many times.
* Sometimes tone is misconstrued and conversation can take a turn for the worse.
* Putting a smiley face on the end of a nasty note does not make it ok to say nasty things:-)
* Managing people from afar 100% by AIM doesn't really work. People still need to talk.
* It can be an interruption when receiving them since either a tone is heard or something pops on your screen.
* People tend to be more courageous with what they say vs. talking face to face or on the phone.
How to use an instant messenger in your business:
Be Considerate! - Don't just start typing. A nice "U There? before you start typing is always considerate. It's the proverbial knock at the door.
If you are not paying attention and are talking to someone while someone is instant messaging you simply say "hold". Then get back to them. If you're not going to get back to them for a while let them know so they are not sitting around waiting.
Pick Up The Phone - If you're unsure about how the tone of a conversation is going, pick up the phone or have a face to face conversation.
Use Your Status. I'm terrible at this but getting somewhat better. If you're not available or do not want to take messages, tell people that by saying "unavailable" as your status. With many programs you can go as far as to use a custom status and tell people where you are or when you'll be back.
Your Picture - Remember in many programs your picture will show up to anyone you're chatting with. Make sure it's appropriate.
Be Careful - Don't put crucial information like user names and passwords in IM, it's not secure.
How are you using instant messaging for your business? What do you like and what do you hate?
TrackBack URL for this entry:
http://www.typepad.com/t/trackback/485613/31835738
Thursday, August 21, 2008
IMCrypto Offers Instant Messaging Security
Soft Security* newly released IMCrypto.
What it does - IMCrypto protects your instant messenger conversations. It’s compatible with all of the popular instant messengers (IMs). IMCrypto uses one of the strongest and most reliable public key encryption algorithms ? RSA.
Easy to Use - Just install the program and you’re ready to start secure conversations with anyone on your contact list. All incoming and outgoing messages will be encrypted and only the addressee will be able to read them.
Features
* The IMCrypto Toolbar makes it easy to access all the necessary functions in just one click
* With the IMCrypto Control Center you can access additional options and settings
* The IMCrypto KeyServer which will give you an opportunity to exchange keys with all your contacts easily and quickly
Bottom Line: IMCrypto is easy-to-use and offers reliable protection for all your instant messenger conversations and keeps your confidential information secret. It’s affordable at $29.95 for 1 license, $26.95 for 2-10, and $24.95 for 11+.
* Soft Security is a Raytown Corporation LLC Company
They specialize in monitoring and anti-monitoring software development. They are an independent security software development corporation with more than 10 years of experience. Their products and custom solutions can be found in more then 80 countries including in a large number of Fortune 500 companies, law enforcement, government and military agencies. Raytown Corporation LLC products are designed for the home/office/corporate marketplaces. They currently have over 2200 businesses using their products on a daily basis.
What it does - IMCrypto protects your instant messenger conversations. It’s compatible with all of the popular instant messengers (IMs). IMCrypto uses one of the strongest and most reliable public key encryption algorithms ? RSA.
Easy to Use - Just install the program and you’re ready to start secure conversations with anyone on your contact list. All incoming and outgoing messages will be encrypted and only the addressee will be able to read them.
Features
* The IMCrypto Toolbar makes it easy to access all the necessary functions in just one click
* With the IMCrypto Control Center you can access additional options and settings
* The IMCrypto KeyServer which will give you an opportunity to exchange keys with all your contacts easily and quickly
Bottom Line: IMCrypto is easy-to-use and offers reliable protection for all your instant messenger conversations and keeps your confidential information secret. It’s affordable at $29.95 for 1 license, $26.95 for 2-10, and $24.95 for 11+.
* Soft Security is a Raytown Corporation LLC Company
They specialize in monitoring and anti-monitoring software development. They are an independent security software development corporation with more than 10 years of experience. Their products and custom solutions can be found in more then 80 countries including in a large number of Fortune 500 companies, law enforcement, government and military agencies. Raytown Corporation LLC products are designed for the home/office/corporate marketplaces. They currently have over 2200 businesses using their products on a daily basis.
Wednesday, August 20, 2008
Is it possible to ban chat programs on an enterprise LAN?
Q: How do I ban MSN Messenger, Yahoo Messenger, Skype and other chat programs on an enterprise LAN? My network connects to the Internet through a hub, and from the hub it connects a wireless router/modem to the Internet. I've tried blocking URLs and outgoing ports, but to no avail. I can't install any blocking software because I don't have a server in between the router and the network PCs.
A: As you have discovered already, imposing controls on the use of Instant Messaging (IM) within an enterprise network is not easy, but let's review your options, starting with some non-technical aspects.
The first step for an enterprise that wants to keep its network free of MSN Messenger, Yahoo Messenger, Skype and other programs of that kind must be to establish an information security policy that outlaws them. Make sure all employees are aware of the policy and the penalties for violating it. In this phase, try to present the logic for the ban: the fact that IM is a serious attack vector, and using it on the network undermines the security and viability of the company.
If any use of these programs is detected after the policy has been publicized, you must then apply the stated penalties. Failure to do so will render the policy moot, undermining efforts to enforce it, either through technology or simple oversight. The good news is that, depending upon your corporate culture, a properly handled policy outlawing IM may solve your problem.
Unfortunately, some companies shy away from a policy approach. To those who don't like personal confrontation, it might seem more appealing to implement bans and other policy decisions by technical means alone. This is a risky strategy, however, that should be avoided for several reasons. Apart from the legal jeopardy already mentioned, it's difficult and taxing to win a war of wills on the technical front. Instant Messaging services are adept at evading firewalls. IM clients can automatically adjust their settings to connect to IM servers, even if direct access to those servers is blocked on all network ports. The client will use an HTTP proxy server to pass through the firewall.
You might also want to ask why IM should be banned. After all, there are legitimate business uses for IM. One strategy might be to formally implement IM using an enterprise Instant Messaging (EIM) service. Microsoft's Office Communications Server, for example, not only incorporates IM firewall technologies, but can also integrate access control with Active Directory. This is my preferred security configuration because a proper identity and authentication management system can block specific users or specific groups of users from accessing IM services.
If there is a need to monitor and control IM traffic across an entire network, consider using an application-layer firewall, which controls the traffic to and from a user-defined list of Instant Messaging server hostnames. You can also try a gateway specifically tuned to detect IM and P2P use, such as the products from FaceTime Communications and Akonix Systems.
Source: SearchSecurity
A: As you have discovered already, imposing controls on the use of Instant Messaging (IM) within an enterprise network is not easy, but let's review your options, starting with some non-technical aspects.
The first step for an enterprise that wants to keep its network free of MSN Messenger, Yahoo Messenger, Skype and other programs of that kind must be to establish an information security policy that outlaws them. Make sure all employees are aware of the policy and the penalties for violating it. In this phase, try to present the logic for the ban: the fact that IM is a serious attack vector, and using it on the network undermines the security and viability of the company.
If any use of these programs is detected after the policy has been publicized, you must then apply the stated penalties. Failure to do so will render the policy moot, undermining efforts to enforce it, either through technology or simple oversight. The good news is that, depending upon your corporate culture, a properly handled policy outlawing IM may solve your problem.
Unfortunately, some companies shy away from a policy approach. To those who don't like personal confrontation, it might seem more appealing to implement bans and other policy decisions by technical means alone. This is a risky strategy, however, that should be avoided for several reasons. Apart from the legal jeopardy already mentioned, it's difficult and taxing to win a war of wills on the technical front. Instant Messaging services are adept at evading firewalls. IM clients can automatically adjust their settings to connect to IM servers, even if direct access to those servers is blocked on all network ports. The client will use an HTTP proxy server to pass through the firewall.
You might also want to ask why IM should be banned. After all, there are legitimate business uses for IM. One strategy might be to formally implement IM using an enterprise Instant Messaging (EIM) service. Microsoft's Office Communications Server, for example, not only incorporates IM firewall technologies, but can also integrate access control with Active Directory. This is my preferred security configuration because a proper identity and authentication management system can block specific users or specific groups of users from accessing IM services.
If there is a need to monitor and control IM traffic across an entire network, consider using an application-layer firewall, which controls the traffic to and from a user-defined list of Instant Messaging server hostnames. You can also try a gateway specifically tuned to detect IM and P2P use, such as the products from FaceTime Communications and Akonix Systems.
Source: SearchSecurity
Why organizations don't implement enterprise instant messaging
A sufficiently strong business case for enterprise instant messaging has yet to be made
We have just wrapped up a major study of the instant messaging, real-time communications and presence market. The goal of this study is to understand how real-time communications technologies, such as instant messaging and Web conferencing, are used by midsized and North American organizations.
We asked organizations that have not deployed enterprise instant messaging as a pilot or in production why they have not done so. The most commonly cited reason is that no one has yet made a sufficiently strong business case for enterprise instant messaging – nearly one-half of decision makers indicated this as a reason for not yet deploying the technology.
Another important reason for not deploying enterprise instant messaging is that about 30% of decision makers feel that consumer instant messaging clients – which are used in the vast majority of organizations – meet organizational requirements for real-time communications. One-quarter of decision makers feel that the instant messaging tools that are supplied with e-mail and/or desktop operating systems meet their needs for real-time communications.
There are two important implications of these findings. First, providers of enterprise instant messaging, real-time communications and Web conferencing systems need to make a more compelling case for decision makers to consider adopting these technologies. It will include providing ROI models, case studies and other evidence that demonstrates that real-time communications can reduce some business travel and that it can make employees more productive and efficient. Many decision makers simply have not been presented with this type of information.
Second, organizations that are relying on consumer instant messaging or similar tools that lack enterprise-grade features are not providing the level of security or compliance-readiness that they need. This exposes them to a variety of potential security threats, such as instant messaging-borne malware, and it increases the risk of data loss or not being able to comply with data retention requirements.
The onus, therefore, is on both vendors and corporate decision makers to seek each other out to determine how needs can best be met and risks minimized.
Source: Unified Communications Alert By Michael Osterman , Network World , 08/19/2008
We have just wrapped up a major study of the instant messaging, real-time communications and presence market. The goal of this study is to understand how real-time communications technologies, such as instant messaging and Web conferencing, are used by midsized and North American organizations.
We asked organizations that have not deployed enterprise instant messaging as a pilot or in production why they have not done so. The most commonly cited reason is that no one has yet made a sufficiently strong business case for enterprise instant messaging – nearly one-half of decision makers indicated this as a reason for not yet deploying the technology.
Another important reason for not deploying enterprise instant messaging is that about 30% of decision makers feel that consumer instant messaging clients – which are used in the vast majority of organizations – meet organizational requirements for real-time communications. One-quarter of decision makers feel that the instant messaging tools that are supplied with e-mail and/or desktop operating systems meet their needs for real-time communications.
There are two important implications of these findings. First, providers of enterprise instant messaging, real-time communications and Web conferencing systems need to make a more compelling case for decision makers to consider adopting these technologies. It will include providing ROI models, case studies and other evidence that demonstrates that real-time communications can reduce some business travel and that it can make employees more productive and efficient. Many decision makers simply have not been presented with this type of information.
Second, organizations that are relying on consumer instant messaging or similar tools that lack enterprise-grade features are not providing the level of security or compliance-readiness that they need. This exposes them to a variety of potential security threats, such as instant messaging-borne malware, and it increases the risk of data loss or not being able to comply with data retention requirements.
The onus, therefore, is on both vendors and corporate decision makers to seek each other out to determine how needs can best be met and risks minimized.
Source: Unified Communications Alert By Michael Osterman , Network World , 08/19/2008
Subscribe to:
Posts (Atom)
Durov: The phone of the richest man in the world was hacked through WhatsApp.
The founder of "VKontakte" and Telegram Pavel Durov said that back in November 2019 he warned about the vulnerability of the Whats...
-
Computer's personal often face problems when they have to take a break from their PC for some time and can’t answer to emails and instan...
-
The founder of "VKontakte" and Telegram Pavel Durov said that back in November 2019 he warned about the vulnerability of the Whats... -
We have received a question about using Instant Messaging services (such as AIM, Yahoo, MSN Messenger & Skype Chat) in the office: “Is i...
