Enterprises must take security
threats posed by IM seriously
It is about time
organizations started taking control IT security threats posed
to the enterprise via employee use of IM should be taken as
seriously as e-mail
ScanSafe offers Managed Security Services (MSS) around the area
of managed Web security, rather than the managed e-mail services
that most of us are familiar with.
Last week, ScanSafe announced the upcoming April launch of its
IM (Instant Messaging) Control service.
Maxine Holt, senior research analyst with independent IT
research and advisory organization Butler Group, had a briefing
In Holt’s view, there is most definitely the need to make
instant messaging (IM) more secure IM communications have the
potential to deliver pretty much any of the unwelcome IT
security threats that are common to enterprise e-mail
communications. Holt says it is high time firms started taking
control and treating them seriously.
IM has grown significantly in use over the past few years, with
many IM installations being completely uncontrolled by the
corporate IT department. A number of IT departments may say that
they already block IM, only to find that someone turns around
and says well, I’m still using it.
In its research for the development of the IM Control service,
ScanSafe found that the vast majority of organizations are
already using one or more of the main IM solutions, and are
finding that the use of IM is becoming almost as important as
e-mail for its employees, providing significant business
Thus, many companies do not want to block IM per sé. Many
current IM problems exist because of the informal way in which
IM usage first arrived into the business arena, with staff
making use of IM technology before seeking formal management
Furthermore, it remains the case that many organizations still
unofficially allow IM communications to take place without
giving enough thought to putting protection and management
systems in place to deal with the potential security fallout.
However, there is most definitely the need to make IM more
secure IM communications have the potential to deliver viruses,
worms, Trojans, and spyware malicious and unwanted content and
cause identity intrusion issues.
In fact, pretty much any of the unwelcome security threats that
are presented by the enterprise use of e-mail communications
also reappear in real-time through the establishment and usage
of IM delivery protocols.
Furthermore, IM services also share many of the same regulatory
compliance issues. These include the need to monitor for legal
and regulatory requirements and common archiving and privacy
The ScanSafe IM Control service, when it is launched at the
beginning of April, will support compliance for archiving of IM
use this is already undertaken by many organizations in their
e-mail systems, but is unfortunately neglected for unregulated
It is about time that organizations stopped being surprised by
the level of IM use by its employees and took control of the
situation, taking it as seriously as e-mail and other threats to
Maxine Holt combines her role a senior research analyst with
that of research team manager. Her current focus is on services,
including service provision, outsourcing and off-shoring.
Butler Group (www.butlergroup.com) is Europe’s leading
independent IT Research and Advisory organization. Its mission
is to ensure that its clients are the most comprehensively
informed IT and business managers on current, emerging and
future technology matters, and their impact on business.