"Government compliance" quickly became the fashionable phrase when Sarbanes-Oxley started holding court over industry. However, for financial institutions and large companies with a presence on the NASDAQ, the realities of NASD Rule 3110, coupled with the SECís Rule 176-a-4(b)(4), are of intimate concern. With encrypted IM, a unique key session between the user and the recipient ensures the authenticity of the exchange while providing the valuable log data required by these rulings.
The Secure Instant Messenger (SIM), a product of Ottawa-based Validian Corporation, is poised to change how IM is handled at the enterprise level. The SIM, in conjunction with Validianís Application Security Infrastructure (ASI), provides high-level security currently unavailable in the usual "over-the-counter IM". ASI guarantees the delivery of messages and files to the target destination without fear of interception at any point in transit. Bilateral and multilateral exchanges can take place between numerous individuals while at the same time, secured files of varying sizes can be transferred. Logging of IM sessions takes place at the sender and recipient points-of-contact, whether PC-to-PC or PC to portable USB fob. As an extra measure of security, a mobile user using their removable USB device for IM leaves no trace of their session or communications once the USB is removed from the host computer. While this feature may appear anti-forensic in nature, the IM session is logged on both the USB device and on the receiverís computer, making it ultimately traceable.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.