Rizzo Frank <frank.rizzo@ghettocolo.com> wrote:
By "IM" I assume you're referring to Instant Messaging as an ideal, not any particular protocol or vendor implementation. Which begs the question, is "IM" is a risk
IM has been a risk since it was introduced as the Unix `talk` program. Responsible corporate security policy should at least address it. Many such policies, including some I wrote after this post, have forbidden IM for some time now. <http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=_jfe4.1731%24T01.55862%40nuq-read.news.verio.net> Whether blocking IM is a prudent strategy at your organization depends on the value of the data "messaged", the IM application, and routing of IM packets. In common use IM does expose many organizations to a non-trivial risk of corporate espionage. -- Roger Marquis (ex-CSO) Roble Systems Consulting http://www.roble.com/