Comments on: Enterprise IM security: what software and policies do you use? http://itknowledgeexchange.techtarget.com/itanswers/enterprise-im-security-what-software-and-policies-do-you-use/ Fri, 27 Nov 2009 02:47:52 +0000 http://wordpress.org/?v=2.6.2 By: KevinBeaver http://itknowledgeexchange.techtarget.com/itanswers/enterprise-im-security-what-software-and-policies-do-you-use/#comment-68334 KevinBeaver Thu, 24 Sep 2009 17:55:37 +0000 #comment-68334 Pardon my delayed response. I don't use it in my own organization (I'm a one-man shop) but I do see and hear about users at my client sites changing the ports, using proxies, etc. in their IM software to get around firewall and content filtering controls. They can use proxies or anonymizers to get around specific web site filters as well. Or, they just hop onto their cellular air card or an unprotected wireless network (either in-house or someone else's) that allows this type of access. The best way to control such access is at the desktop level using application blocking via Windows policies or third-party endpoint security applications. It's a game of cat of mouse that'll probably never go away - especially given that management is typically out of the loop on this. Pardon my delayed response. I don’t use it in my own organization (I’m a one-man shop) but I do see and hear about users at my client sites changing the ports, using proxies, etc. in their IM software to get around firewall and content filtering controls. They can use proxies or anonymizers to get around specific web site filters as well. Or, they just hop onto their cellular air card or an unprotected wireless network (either in-house or someone else’s) that allows this type of access. The best way to control such access is at the desktop level using application blocking via Windows policies or third-party endpoint security applications.

It’s a game of cat of mouse that’ll probably never go away - especially given that management is typically out of the loop on this.

]]> By: 12345rrr http://itknowledgeexchange.techtarget.com/itanswers/enterprise-im-security-what-software-and-policies-do-you-use/#comment-67572 12345rrr Mon, 31 Aug 2009 05:26:51 +0000 #comment-67572 There are some UTMs that allow you to control your in-and-out traffic very efficiently like ideco gateway You can set all kinds of restrictions rules per user, per group and more , its also a firewall and mail server etc , however it requires a dedicated server so yeah this is what i chose for my network of 100 worksattions and i can recommend it too, price is competative comaredto alternatives with such functionality There are some UTMs that allow you to control your in-and-out traffic very efficiently like ideco gateway
You can set all kinds of restrictions rules per user, per group and more , its also a firewall and mail server etc , however it requires a dedicated server
so yeah this is what i chose for my network of 100 worksattions and i can recommend it too, price is competative comaredto alternatives with such functionality

]]> By: Robert Stewart http://itknowledgeexchange.techtarget.com/itanswers/enterprise-im-security-what-software-and-policies-do-you-use/#comment-64986 Robert Stewart Tue, 30 Jun 2009 14:48:38 +0000 #comment-64986 Any peer to peer application, which most IM apps have can be unsafe for any network, use a comm server as mentioned above for a workplace network and by all means limit access to IM to only internal users. I really think we continue to get asked to support some crazy stuff, yes IM is faster, but really cant email work in most instances, really it is getting ridiculous. There are rules in engineering and also network design and infrastructure, The first law of engineering is "Keep it simple stupid". Sometimes I really miss the good old bulletin board days lol. We are starting to realize in more ways than one that less can really be more. Any peer to peer application, which most IM apps have can be unsafe for any network, use a comm server as mentioned above for a workplace network and by all means limit access to IM to only internal users.

I really think we continue to get asked to support some crazy stuff, yes IM is faster, but really cant email work in most instances, really it is getting ridiculous. There are rules in engineering and also network design and infrastructure, The first law of engineering is “Keep it simple stupid”. Sometimes I really miss the good old bulletin board days lol. We are starting to realize in more ways than one that less can really be more.

]]> By: JennyMack http://itknowledgeexchange.techtarget.com/itanswers/enterprise-im-security-what-software-and-policies-do-you-use/#comment-64983 JennyMack Tue, 30 Jun 2009 14:12:38 +0000 #comment-64983 Technochic: That makes sense; I know many organizations that put a ban on the installation of any programs by the end user. Though it seems harsh, when it comes down to it, it [I]is[/I] a work machine. KevinBeaver: That does sound like a never-ending battle. How do users find a way around it? Does your org have in place installation blocks like Technochic's does? Technochic: That makes sense; I know many organizations that put a ban on the installation of any programs by the end user. Though it seems harsh, when it comes down to it, it is a work machine.

KevinBeaver: That does sound like a never-ending battle. How do users find a way around it? Does your org have in place installation blocks like Technochic’s does?

]]> By: KevinBeaver http://itknowledgeexchange.techtarget.com/itanswers/enterprise-im-security-what-software-and-policies-do-you-use/#comment-64957 KevinBeaver Mon, 29 Jun 2009 17:33:00 +0000 #comment-64957 I can say that, based on what I see in my security assessment work, admins try to block, users find a way around it, admins write the policies (big mistake), no one knows about them, and the cycle continues. It's a never-ending battle. I can say that, based on what I see in my security assessment work, admins try to block, users find a way around it, admins write the policies (big mistake), no one knows about them, and the cycle continues. It’s a never-ending battle.

]]>