HP3000-L Archives

August 2004, Week 1

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: OT: MS re defines/invents
From:
Art Bahrs <[log in to unmask]>
Reply To:
[log in to unmask][log in to unmask]
Date:
Fri, 6 Aug 2004 11:34:18 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (113 lines) 
Hi Greg :)
    um... why did the "cover me, while I reload" cross my mind when I read
your post :) :)

    Some quick ramblin's:

    The biggest security threat with IM is that it is being used....
'course the biggest business advantage to IM is that it is being used!

    IM'ing saves time and money for lots of shops... it just isn't done
safely... think in terms of the 'safe s*x' ads telling you to do it safely
since we know you are going to do it!

    The basic issue here is that any message sent via a IM service (yahoo
for example) goes from the sender's desk top to the IM server to the
reciepient ... with probably a whole lot of stops inbetween.  While the
message is on the IM service server technically the IM service owns the
message and it's contents... so... if there is privacy information in the
message (ssn, birthdate, name, credit card info, medical diagnosis, etc) in
the message you have violated HIPAA and a few other laws here in the
states... not to mention placed the owner of said info in a bad situation
with their info hanging out in the wind...

     Note that even to send a message to the cube next to you this is true!
Any medical/dental entity in the U.S. that is allowing patient info to be
IM'ed using any of the standard, free IM services is in violation of
various rules, regs and laws.

     Lotus' SameTime product does do IM'ing with full 128 bit encryption
and key escrowing... and is used by various parts of the U.S. government
because it is C2 or higher rated (or so I am told... I know it fits all the
qualifications of being able to get a C2... wonder if it is... research
project)


     Another issue with IM is that it also can be a delivery vector for
virus infestations.  There are known viruses in the wild that exploit know
issues in the various IM clients and servers.  Also, people can transfer
executable code via the IM clients... this could bypass your outer
perimeter defenses against the virus infestation.

    Bottom line... IM is a risk that must be evaluated within your
environment and business settings and proper Risk Management techniques
applied.

Art "Ramblin' again on a Fryday! hehe" Bahrs

=======================================================
Art Bahrs, CISSP           Information Security          The Regence Group
(503) 553-1425              FAX (503) 553-1453



|---------+-------------------------------->
|         |           "Greg Stigers"       |
|         |           <[log in to unmask]
|         |           net>                 |
|         |           Sent by: "HP-3000    |
|         |           Systems Discussion"  |
|         |           <[log in to unmask]
|         |           DU>                  |
|         |                                |
|         |                                |
|         |           08/06/2004 11:16 AM  |
|         |           Please respond to    |
|         |           gregstigers+reply    |
|         |                                |
|         |           |-------------------||
|         |           | [ ] Secure E-mail ||
|         |           |-------------------||
|---------+-------------------------------->
  >--------------------------------------------------------------------------------------------------------------------------|
  |                                                                                                                          |
  |      To:    [log in to unmask]                                                                                       |
  |     cc:                                                                                                                  |
  |     Subject:      Re: [HP3000-L] OT: MS re defines/invents                                                               |
  >--------------------------------------------------------------------------------------------------------------------------|




>>> snip <<<<

There are a couple of issues that shops with XP workstations should
consider. The firewall, turned on by default in SP2, will "break" some
apps,
such as IM. I can already hear the help desk phone ringing. The argument is
that those apps that get broken were doing things without due regard to
security (Art, back me up here...). And, as someone who only recently
started to use IM (MSN: g9789279127, AIM and Y!: gregstigers) I would not
want inbound IM traffic to reach my workstation, unless I am running IM. In
fact, ideally, I don't want a firewall to allow inbound IM traffic unless I
am running my IM client, and am available.

>>>> snip <<<<

Greg Stigers, MCSA
this space for rent

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *





 =============================================================================
IMPORTANT NOTICE: This communication, including any attachment, contains information that may be confidential or privileged, and is intended solely for the entity or individual to whom it is addressed.  If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message is strictly prohibited.  Nothing in this email, including any attachment, is intended to be a legally binding signature.
 =============================================================================

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2