Instant Messaging is a Global Communications Medium for Business and Consumers. 85% of organizations report that they use IM for business usage and there are a reported 400 million global IM users.
IM though does present a number of security issues. Unprotected IM is vulnerable to viruses and spam. In addition to this its ability to dynamically connect out over numerous ports (tcp 80/443 etc) to a number of various IM servers can make the process of blocking IM fairly difficult.
Within the IM landscape we group them within 3 groups:
- Consumer IM Services - MSN, Yahoo etc
- Enterprise IM Servers - Microsoft Communicator etc
- Hosted IM Providers - Communicator inc, Parlano ( mainly used in financial companies. Allows for organization to organization rather then person to person based IM)
How IM works
Normal IM typically routes through a “Cloud Server” which is hosted by the IM Provider (such as Yahoo, MSN). Messages are routed through the cloud and then relayed out to the receiving user.
- User A will initiate the sign in process and establishment with the Cloud Server.
- After the connection has been established with the IM server user A logs in with their screename and password.
- User A connection information is also sent across such as (IP, port and status).
- Once received by the Cloud Server the Presence Phase will be initiated.
- User A submits a status request of the contacts within their buddy list.
- The Cloud Server will then query and update the Presence information.
- When user A goes offline or exits it will up send a message to the Cloud server indicating that they have terminated the session.
- The Cloud Server will update user A`s status to each person within user A`s contact list.
- After a period of time the server will delete the file containing user A`s session information.