Instant messaging has caught on in American corporations, but along with improved communications, the most popular
of these systems bring with them management and security headaches.
Free consumer instant messaging programs like those offered by AOL, Microsoft and Yahoo have drawn huge consumer followings. Many users have dragged their instant messaging (IM) habits into the work place. It's helped them communicate better and in many cases instant messaging has become an important business tool, said Rob Batchelder, research director at the Stamford, Conn.-based research firm Gartner Inc.
The problem is that instant messaging usually becomes part of the business culture without the consent or even the knowledge of IT departments.
Instant messaging can be a security headache. Users are anonymous. There is no correlation between a user's name on AOL, MSN or Yahoo's instant messaging systems and that user's identity on the home network.
Viruses can easily be spread by an attachment sent through an instant message. Systems used to block attachments for e-mail don't work with instant messages, so instant messages become a largely unwatched window to the outside world, Batchelder said.
If someone wants to snoop on a conversation, there is no encryption to keep confidential information secret.
Archiving requirements an issue
For industries like financial services, where regulators require archiving of all electronic communication, instant messaging is trouble. Consumer instant messaging systems are not archived on a company's system like e-mail.
But for many companies, turning off instant messaging is not an option. Lee Blackmore, director of information technology at the St. Louis-based brokerage firm Stifel, Nicolaus and Co. Inc., said that once he understood the scope of instant message use at the company, management initially wanted to shut it down. They changed their minds when they discovered brokers were using it as a tool to communicate with clients.
Instant messaging is a lifeline for Dimitri Karabatsos, a trader with the hedge fund Lydian Asset Management. He said his small group of traders rely on instant messaging for business discussion between their offices in London, New York, New Jersey and Connecticut and occasionally use the technology for communication with clients. Despite his own security concerns, he decided that getting rid of instant messaging was not an option.
"It is one of the easiest, fastest, best ways to talk," said Karabatsos. "Picking up the phone has become a pain in the ass."
A number of enterprise instant messaging systems have hit the market in recent years in an attempt to address many of these problems. IBM Lotus SameTime is perhaps one of the best known.
But the problem with these internal systems is that they take away one of the primary benefits of instant messaging. Robert Mahowald, research manager for the Framingham, Mass.-based research firm International Data Corp., said these systems cut off spontaneous conversation with people outside the company. And for a salesperson, the real benefit of instant messaging is the ability to communicate with customers, not co-workers.
Blackmore said he immediately rejected systems like SameTime. He didn't want the brokers' customers to have to make any changes to their computers to able to communicate with the company.
Cottage industry springs up around IM
In response to security concerns and new regulations, a few companies have sprung up that are working to provide tools for managing instant messaging.
Akonix, based in San Diego, and IMLogic, based in Boston, both provide services that allow companies to log and archive instant messaging correspondence, block attachments and authenticate users across all the existing consumer instant messaging systems.
Peter Shaw, CEO of Akonix Systems, said his company also provides customers the ability to reroute local instant messaging traffic. If two co-workers in the same building are messaging each other, his system will reroute the messages onto the local network, thereby cutting down on the amount of traffic that travels over public networks and lowering the risk of a security breach.
Mahowald said the archiving ability and attachment blocking services that both of these companies provide go a long way toward fixing the worst problems with instant messaging. And they help companies comply with regulations that otherwise would put an end to their instant messaging.
Blackmore, who uses a system from IMLogic, said the one feature he would like but cannot currently get from IMLogic is the ability to encrypt messages. That adds another level of safety. Right now the only way to encrypt instant messages is to require both parties engaging in communication to install software. Blackmore is unwilling to have his company's customers make any changes. So for the time being, he has gone without.
Built-in encryption is coming
Jeff Whitney, marketing director at IMLogic, said his company's consumer instant messaging services will soon feature built-in encryption services.
But Karabatsos didn't want to wait. He said the possibility of having his instant message communications intercepted posed the highest threat. The instant messaging communication at his company often contains confidential personal and business information.
Since his company is a hedge fund, it is not required to archive electronic correspondence. He chose to purchase an encryption system from Westport, Conn.-based ImPasse. Though it requires everyone using the system to install software, that was not a deterrent for him, since most of the company's instant messaging use is internal.
Business use of instant messaging is only going to grow, said Batchelder. The sooner companies get a handle on it, the better.