Elinor Mills Abreu
SAN FRANCISCO: A San Diego company announced a product on Monday designed to
make instant messaging and peer-to-peer file sharing applications safer to use
by blocking viruses and preventing data from leaking out and back doors from
being installed.
Privately held Akonix Systems Inc. developed Akonix L7 specifically to
address the security concerns that are arising from the widespread use of
programs like AOL Time Warner Inc.'s Instant Messenger (AIM) and the Kazaa
peer-to-peer programs.
Those programs give outsiders a way into a computer inside an otherwise
secure network. Instant messaging programs used to only allow people to send
text back and forth, but now allow users to exchange data files, which can do
nasty things on the recipient's end. In peer-to-peer networks, users allow other
people to reach into their hard drives and copy specific data, like music files.
Despite the security concerns of the programs, which allow data to flow
through the same data transmission channel on computers as Internet traffic and
thus can not be blocked, their use is increasing exponentially, just like e-mail
did in the 1990s.
Research firm Jupiter Media Metrix estimates that more than 100 million
people use some form of instant messaging program to exchange real-time messages
with friends or co-workers. And millions more swap music and other types of
files over peer-to-peer networks, which were popularized by Napster, experts
say.
Viruses already hitting
Experts have predicted it was only a matter of time until viruses and other
malicious programs wormed their way into those systems.
In May, antivirus vendors warned of a virus, dubbed Benjamin, that was being
spread to Kazaa users. On Friday, a study from Hewlett-Packard Co. revealed that
misconfigured Kazaa software could expose sensitive files on a user's hard drive
to other people.
"Instant messaging puts a big old hole through our firewall as far as
viruses getting through," said Mike Irick, assistant director of academic
computing at California State University San Marcos. "I've had a few
viruses get through."
To keep viruses from hitting professors' and students' computers at the
school, Irick is beta testing Akonix L7, which sits at the perimeter of an
organization's network, monitoring and logging the traffic, and scanning it for
viruses and other malicious code.
Another beta tester is the New York office of ING, The Hague-based financial
conglomerate, where portfolio managers and brokers use AIM to send messages back
and forth about different stock trades, said Kristoffer Stack, vice president
and director of network infrastucture.
ING is concerned that regulators, who require financial institutions to
archive all their data, will eventually require them to record and store their
instant messaging communications too, he said.
"From an IT (information technology) perspective I would prefer they not
use instant messaging, but they insisted it was critical to business,"
Stack said. Because of the security concerns, a lot of organizations are trying
to ban its use, said Richard Stiennon, research director for network security at
market research firm Gartner.
There are other instant messaging applications designed with security in mind
tailored for the financial services community, but like all the instant
messaging programs, they do not allow users to communicate with anyone outside
of that network.
AOL, in partnership with VeriSign Inc., is slated to release a corporate
version of its AIM later this year that encrypts the messages. But, experts said
encrypting the traffic would prevent network administrators from distinguishing
between safe messages and dangerous ones.
A version of Akonix L7 that secures instant messaging programs will be
released to the public in late June, followed by one for peer-to-peer programs
in late summer, the company said.
(C) Reuters Limited.