Symantec have widened its cloud-based security service to include Lync, Microsoft's latest instant-messaging client, so that enterprises using Lync can do anti-malware filtering and exert security controls for blocking inappropriate content along with basic data-loss prevention.
Symantec Instant Messaging Security.cloud is a cloud-based service that does not require agent software or any type of appliance on the customer premises, said Nick Emanuel, Symantec senior product manager. And Microsoft Lync is "much more than just instant messaging," Emanuel pointed out. He noted that Lync's integration with Skype, the acquisition of which Microsoft completed last month, means Lync is emerging as a combined audio, video and IM client that could have wide enterprise use.
The cloud security service Symantec is offering works by having the enterprise direct its Lync IM traffic to a Symantec server in the cloud, where the encrypted Lync traffic stream is decrypted to be inspected.
"Lync uses M-TLS," a version of the Transport Layer Security protocol which is proprietary to Microsoft, said Emanuel, noting this traffic is decrypted based on a Symantec certificate provided as part of the cloud-based service.
Once the Lync traffic is decrypted at the Symantec server point in the cloud, the Symantec content-control engine gets to work. It identities malware that might have made its way into the Lync stream, including attachments, and eradicates it. It's looking for both inbound as well as outbound security threats.
Templates to block inappropriate content
The Symantec service also can be set up to look at Lync content to identity inappropriate content - offensive language of one sort or another would be a typical red flag - and block that. Symantec is offering customers predefined templates if they need them. Some basic data-loss prevention capabilities can identity sensitive information, such as credit card data, and block it. The controls can also be set up simply to send an alert to the appropriate manager. Once the Lync traffic is filtered, it's re-encrypted and sent along to its destination.
Through the portal-based control panel, enterprise IT managers can establish the kind of message logging and archiving which may be required in their businesses for regulatory compliance.
The service is priced at $1.80 per user per month, dropping to about $1 based on discounts.