and Trillian, which supports encryption), and it's a valuable part of our business tools.
If we were to remove this feature, it would be a noticeable detriment to employee's
productivity. The most important consideration with every security restriction is
vulnerability vs functionality. My company is an ISP, if I were responsible for the
security of a financial organization, I'd lock everything down as tightly as possible.
Something to think about is setting up an internal IM server as a compromise.
- Z
> Hi, > > We currently are allowing web based chat and instant messaging. I know > that there are lots of security issues involved with its usage. The IT > folks are telling me that it is a common practice in the industry. I have > a hard time believing this and this is one battle I would like to take on. > > QUESTION: DOES YOUR COMPANY ALLOW WEB BASED CHAT AND INSTANT MESSAGING? > If this was a battle you fought, could you please give me some ideas on how > you won the battle. Any good articles/white papers that could support my > position? > > > Toni CISSP, CPA > Security Services > NW Mutural Banking LTD