If you can't beat it, manage it

David Caughtry of Computerlinks, looks at the challenges facing IT managers with the growing use of Instant Messaging in the workplace.

According to analysts, corporate use of Instant Messaging (IM) is proliferating far beyond early expectations. Instant Messaging continues to be the fastest growing communications medium of all time, and is invading the enterprise at a rapid rate. A recent report by IDC found that there are more than 28 million business users worldwide using enterprise instant messaging products to send nearly one billion messages a day in 2005, this does not include the crossover of consumer instant messaging services used in businesses. Either way, for a communication medium once viewed as the exclusive domain of gossip-mad teenagers, IM can no longer be ignored by IT managers.

How widespread is IM usage and how can it be managed?
Gartner Group believes that 50 per cent of all business-to-client communication in 2005 will take place on IM. For many IT managers, corporate IM use has been placed in the 'all too difficult' category. After all, its exceptionally easy for staff to download free IM services like AOL, Yahoo and MSN. Many IT managers are simply unaware of the extent of IM use within their organisation and if they are, theyre unsure how to manage it, so look to prevent its use.

Yet IM offers genuine business benefits such as improved productivity and collaboration, its truly instant and it can save on bandwidth consumption. Gartner estimates that IM can reduce long distance calls by 30%, reduce email usage by 40 per cent and lead to a 15 per cent reduction in voicemail usage.

There are solutions available today that make it possible to harness these benefits whilst maintaining control, and without compromising security. IDC found that in 2004 the demand for management and security of the instant messaging market, from vendors such as FaceTime, has increased. IM management solutions such as these appreciate why you need to choose the right system for you and understand the security risks posed by what they call Greynets.

FaceTime considers IM, P2P and spyware part of a larger, fast-growing set of unsanctioned applications called Greynets. Greynet applications are downloaded and installed on end user systems, without expressed permission from, or awareness by IT (and often without even the end users awareness - as with spyware) and then use evasive encryption and port agility techniques to traverse the network. Greynet applications include instant messaging, P2P file sharing, web conferencing, SKYPE, web mail and adware/spyware and anonymisers.

Tunnelling through firewalls, viruses and worms
It is difficult to block IM at the firewall because it can travel across port 80 undetected and you need this port open if you are to allow employees to have Internet access. IM has the ability to transfer files as well as text, so in addition to these being sent without any surveillance, logging or archiving it can transfer worms, viruses and embedded URLs. The number of IM Viruses is growing by 400 per cent year on year and although the numbers are still low compared to the 85,000 e-mail viruses in the wild today, the proliferation speed for IM viruses is as quick as 0.6 seconds and many companies dont have protection in place against them.

Identity theft
All IM users have their own unique identity, anonymous to the IT manager. Individuals can also create IDs, even if the specific individual does not own these IDs and domains. Companies traditionally lack ownership and control of their corporate namespace on consumer IM networks, which can be used maliciously outside of corporate control, which could ultimately lead to vicarious liability cases or corporate sabotage.

Information security leaks
With IM, IT departments are not aware of company-confidential information being sent over IM and none of the four major public IM providers encrypt their network traffic, so attackers can highjack connections. Many companies will have an infrastructure in place to prevent employees from sending confidential or unauthorised content beyond the firewall, but with public IM clients, none of this can be traced. This makes it difficult for administrators to discover potential breaches of information security policy or hold individuals accountable.

Dealing with spyware, adware, and other malware has become a daily challenge for IT staff. Theres no lack of potential solutions on the market, but finding an effective solution is a whole other challenge. Spyware applications are addressed as part of the broader problems posed by greynets, which encompass both legitimate and unauthorised applications that share a key common attribute they are not controlled by existing corporate security procedures.

Whats the solution?
IM is not an issue IT managers can afford to ignore. If you cant beat it, manage it. Instead of banning IM in the work place, companies should embrace it, move to enterprise IM systems, establish policies and take control. Many organisations have taken this proactive stance and, according to Gartner, by the end of 2005 half of all companies will be using enterprise-level IM solutions. Yet this leaves 50 per cent of companies vulnerable.

Many of the most popular IM solutions werent originally designed with enterprise users in mind but can become collaborative, real-time business tools with help from third-party security and management solutions. There are a number of different ways you can secure IM, at costs for every budget.

Learn a little more about the threat of unsanctioned end user applications by downloading FaceTimes white paper The Rise of Greynets from: http://www.facetime.com/forms/wp_request.aspx?wpsource=greynets&wpcode=greynets

Register for FaceTimes IMPact Alert service which will give automatic notification for any new IM viruses. To register go to: http://www.facetime.com/impactcenter/alert_signup.aspx

Mitigate risks to your network before a serious incident occurs. Take prompt action to find a solution that will fit your business needs now and in the future.

Comments (0)

Add a Comment

This thread has been closed from taking new comments.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter