[Sussex] IM Server

[Mark Harrison]

----- Original Message ----- 
From: "Jon Fautley" <jon at geekpeople.net>
To: "LUG email list for the Sussex Counties" <sussex at mailman.lug.org.uk>
Sent: Wednesday, April 28, 2004 4:51 PM
Subject: Re: [Sussex] IM Server


> Eeeek! You use MSN Messenger for corporate communications? I do hope
> that nothing sensitive is talked about...

Several of my clients use it, routinely, to communicate with all kinds of
people, not just in-house, but suppliers, consultants, etc.

The problem with all this "run your own server in house for security"
business is that it restricts the number of people with whom you can
communicate.

The advantage of the MSN messenger service is that most people have it.

Security policy is to treat external email and IM with the same degree of
restriction with which you'd use a telephone - ie nothing company critical.

It's kind of odd that IT people these days seem to be more paranoid about
"ever communicating anything" than the intelligence community was back in
the early 90s when I worked for a part of ICL that put me in day to day
contact with people in that community. (We were developing a product aimed
at that community, and had some interesting people on the team as
"consultants") ...

> It's only recently that MSN messenger was encrypted at the client side,
> there's also the problem that you've gotta tie all your personal details
> together in one place (great for industrial espionage)...

Do you have any examples of such industrial espionage having taken place?


> and do we
> really think it's a good idea to have corporate communications leaving
> the network, and probably being logged by a company in a seperate country?

Dunno. I'm happy to use a BT line for a phone call about company business,
and it would be VERY easy for someone to tap and log that...

M.