Lack of Logging and Audit Trails
There are also issues with record keeping. For one, users can keep logs of IM conversations, and store them on their personal computers. Depending on the organizations policies on keeping logs of written communications in a central place (or not at all, or only for 30 days, or whatever), this could be an issue. Another potential issue is simply the equivalent of call detail recording for IM conversations. Some organizations would like a centralized audit trail that lets them know which users within the organization are communicating via IM, and when theyre doing it.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.