Instant messaging entered the enterprise and network environment by the back door, creating special challenges for security managers. But the still-wild technology can be corralled.
"IM took a guerilla pathway into the enterprise and onto the network," said Kailash Ambwani, the CEO of Foster City, Calif.-based IM solutions vendor FaceTime. "It's not like it grew in an orderly fashion that was controlled by the IT managers."
While IM is now standard in many industries and trusted, enterprise-quality solutions are readily available, it still brings its own set of challenges.
Though IM-borne viruses have been rare to date, that's likely to change. "It's only a matter of time before hackers realize that their e-mail payloads are being stopped and look for the next route," says Ambwani.
"A logical approach is needed," said Peter Shaw, CEO of San Diego-based IM security provider Akonix Systems Inc. "Every company has to arrive at a conclusion about what approach works best for it."
Just as with e-mail, there are multiple technological solutions to the IM problem, said Eric Johnsen, director of IM products at San Francisco-based firewall provider Zone Labs, which was recently acquired by Check Point Software Technologies. For example, corporations that use IM for sensitive communications can opt for encryption.
But that still leaves internal problems that IM poses, says Shaw, such as those created by the fact that instant messaging tends to be far more casual than e-mail. "People say and do things in IM they wouldn't dream of in an e-mail," he adds. "That creates a host of issues from a human resources and liability standpoint."
To date, providers of IM security and privacy solutions have relied upon regulated industries such as financial services and energy for the bulk of their business. But that's starting to change, says Ambwani. "Companies that have no regulatory oversight are starting to realize that IM is going on within their walls, whether they want it or not and realizing they have to do something about it," he adds.