Security Of Instant Messaging Is Important Thing.

Instant messaging (IM) software, such as Windows Messenger, Yahoo! Messenger and Google Talk, have moved beyond the world of high school chatter and into the world of corporate communications. Yet, in many cases, security policies and processes haven't caught up to this technology. It's now time to consider how instant messaging is, and should be, used in your organisation, and how to protect against IM threats.

Instant messaging policies

The first step is to clearly state your organisation's policy on instant messaging. Can users install and use IM software on systems owned by the organisation? If you have a strict "no outside software" policy, you may think you're covered, but keep in mind that Windows XP SP2 ships with Windows Messenger installed, creating a policy loophole.

Here's a set of questions you should consider when defining your organisation's IM policy:

Is IM use permissible on your network?
May users run IM software on systems owned by your organisation?
Does the organisation endorse/require a specific IM platform?
Is encryption mandatory?
Is IM acceptable for corporate use or for personal communications only?
Are there restrictions on the sensitivity of data that may be communicated via IM?
Is there a requirement to retain records of IM communication for any period of time?
Once you have a clear policy on IM use, educate your users on policy requirements and their responsibilities.

Instant messaging security measures

If you decide to allow instant messaging, blanket it with layers of protection to ensure you're organisation is protected against the viruses, worms and other malicious code that's become prevalent on IM networks. Run a modern antivirus program that includes IM scanning on all workstations, and consider a using network-based content filter that scans IM traffic for malware.

You also want to prevent the threat of eavesdropping on your traffic as it traverses public networks. Out of the box, IM software uses public servers hosted by the IM provider, which means all messaging must traverse the public Internet on its way to and from the server. If you think your users might send sensitive messages through IM (accidentally or intentionally), you should strongly consider encrypting that traffic. Unfortunately, encrypted IM is a relatively immature technology that typically requires a specialized client. One standout in this field is the free Trillian client by Cerulean Studios, which supports multiple IM networks and allows encrypted communications with other Trillian users.

The ultimate option in secure instant messaging is to run your own managed IM server or gateway. This eliminates the threat of outsiders intercepting internal messages as they cross the Internet by keeping the traffic on the local network, and it's actually easier than you might think. Many of these products allow you fine-grained control over the types and destinations of IM traffic on your network. In addition to the commercial products available, you may wish to consider the open-source Jabber IM server project.

Instant messaging is here for the foreseeable future and poses a significant challenge to information security professionals. If you're not able to block IM completely due to business requirements, you should certainly consider implementing strong controls to limit the risk this technology poses to your organisation.

Recommanding a program, Colasoft Capsa, to check if your IM is communicating safely.

By Mike Chapple From SearchSecurity

Wu Weisheng Presents LuLu Messenger version 2.3.0 for LAN

LuLu Messenger is a cool and easy to use software designed for chat and file exchange over a LAN network.

There are some key benefits of "LuLu Messenger for LAN":

· Instant Messages
· Picture Transfer
· Smileys
· Screenshot Transfer
· Files and Directory Sending
· Files and Directory Sharing
· Carbon copying(Cc, c.c.) Message
· Broadcast Messaging
· Platform Independent
· Handsome GUI
· IP Multicast Protocol
· Fast Transfer Speed
· Support Custom Faces
· Support Custom Emotions
· Language Customization Support
· Based on High-performance and Real-time ACE Network Library
· Based on Qt High-level GUI Library

IMbrella Released An Instant Message Monitoring Software IMbrella Enterprise Monitor 3.0

IMbrella Software, a global supplier of instant message monitoring software to enterprises and educational organizations, has presented version 3.0 of its well-known IMbrella Enterprise Monitor. The latest version employs IMbrellas patent pending MessageStorm Technology to eliminate the need for custom hardware and/or proxy resets on every network PC.

While other IM monitoring solutions asks expensive hardware gateways or time-consuming proxy configuration, IMbrella can be installed on any admin PC station with entrance to the network. IMbrellas powerful new technology watches all network traffic, filtering and recording all IM sessions including AOL, MSN, Yahoo and ICQ chat. Until now, secure instant messaging was an incredibly arduous mission for overworked IT Managers and CTOs," said Marty Schultz, President of IMbrella. Our latest release literally drops in and starts recording in minutes."

A free 15-day demo of IMbrella v3.0 with MessageStorm is now available at: http://www.imbrellasoftware.com/demo.asp

About IMbrella

IMbrella helps companies and schools harness the power of instant messaging while mitigating its liabilities. The Company is dedicated to providing an affordable tool whose simplicity and functionality helps overworked IT managers safeguard the exploding use of IM in their organization.

Based in Salem, NH, with offices in the Bay Area and South Florida, IMbrella now provides the most advanced and affordable software solution for organizations seeking to reduce the risks of unregulated instant messaging on their network. Transparent to network users, IMbrella installs on a central server in minutes (with no added hardware required) and immediately starts scanning and archiving all instant message traffic, including: AOL, Yahoo, MSN and ICQ. IMbrella is used by companies and schools to detect compliance violations, sexual harassment, intellectual property disclosures, copyright/patent infringement, excessive usage and insider trading.

New Message Processing Platform Is Presented by Sendmail

Sendmail, Inc., a supplier of secure email and instant messaging infrastructures, presented its latest version of its Sentrion Message Processing Engine, Sentrion MPE 4.0, at VMworld 2009 held in San Francisco this week.

According to a statement the Sentrion MPE 4.0 key new features consist:

* Centralized Reporting and data aggregation with on-demand, template-driven reports, and customizable report execution.
* System and Application Monitoring of the entire MPE, including hardware, OS and all MPE components.
* Full Configuration Version Control for tracking and managing all system configuration changes with support for full roll-back and configuration tagging.
* New Graphical User Interface consolidates the previous component-based interface segregation by collapsing the most critical Sentrion MPE components under a common UI framework.

LAN Messenger in Win Popup Style. IP messenger.

IP LAN Messenger is a software tool that suggest you to exchange messages via the IP number of PC stations within designated blocks of IP addresses. If you manage thousands of IP addresses, you can send chat to thousands of computers. This unique application is made for using within your IP adresses range allocated to your business network. It also offers with realtime statistics which display you successes and failures of application.

IP Messenger also scan people who are using it in the network and automatically adds them your buddy list with the name set in the software. Its an open source, multi platform messenger based on TCP/UDP. IP Messenger also available in languages like Japanese, Chinese, Korean, Portuguese.