Regulations, Productivity Spark Enterprise IM Adoption

Free and paid instant messaging use will rise dramatically in the next four years

For workers, the instant messaging (IM) star isn’t waning. In fact, free and paid instant messaging use in the enterprise will rise dramatically in the next four years, according to the Radicati Group, which recently surveyed companies about their IM use.

By the end of 2004, Radicati predicts, 362 million people will use IM at work. That figure increases to 670 million by the end of 2008; 88 percent of these users will still rely upon public IM networks, while the remainder will use so-called enterprise IM software, able to secure messages, log communications, and be centrally administered by security and IT managers.

About half of the respondents to Radicati’s survey cite increased intra-office communications as a principle driver for corporate use of IM. One-third cite reduced long-distance phone charges, and about one in 10 adopted IM both to increase productivity and complement existing e-mail and phone systems.

In regulated industries, however, security concerns often take the lead. For example, Rochester Public Utilities (RPU), the largest municipal utility in the state of Minnesota, recently selected an enterprise IM product from Akonix—Akonix L7 Enterprise. One driver for RPU: IT had audited the corporate network and found unauthorized use of both IM and peer-to-peer file-sharing applications.

As a public utility, RPU must automatically log and archive material relating to its records management, but it also wanted users to adopt IM to improve productivity and communications. Indeed, since integration, “RPU employees are seeing huge productivity gains by being able to easily and immediately communicate with both internal and external contacts,” notes Matt Bushman, an IT analyst at RPU. In addition, seeing IT promulgate an IM standard has nudged some users toward the technology. “Culturally, IM use has become widely accepted,” he says.

Like most enterprise-grade IM software, L7 Enterprise can constantly monitor the corporate network to detect whether any of the major, public-IM protocols—free but insecure IM applications, in other words—are in use, including AOL, Yahoo, MSN, and ICQ, and block them. The software can also inspect all incoming and outgoing messages, log messages, and, of course, keep IM communications secure. L7 also interoperates with instant messaging from AOL, MSN, Yahoo, Microsoft’s Live Communications Server (LCS), Reuters Messaging, IBM/Lotus SameTime, and Jabber.

Another organization driven by security and regulatory concerns is Golf Savings Bank, a mortgage bank based in Washington state with 130 employees and eight branch offices.

When a group of employees began adopting the free MSN Messenger IM client, IT decided it needed a more-secure approach. While many regulations, including the Gramm-Leach-Bliley Act (GLBA), don’t specifically require most organizations to maintain archives of their IM communications, experts say organizations stand to gain a lot from demonstrating proactive attempts to comply with GLBA, SEC regulations, Sarbanes-Oxley, or other pertinent laws. In addition, if an organization should face the accusation or reality of a privacy violation, or worse, a complete trail of electronic communications may help reveal what actually happened.

After evaluating various enterprise IM options, Golf selected WiredRed’s e/pop, especially because of its ability to work via Frame Relay, which the bank uses to connect all of its offices’ LANs.

One side benefit of an enterprise IM system, besides the ability to secure and log all messages, is it can maintain internal communications even when e-mail is down. That’s the situation Golf found itself in last year during a migration from a POP-based mail server to Microsoft Exchange, says Jane Fortier, the bank’s vice president of information technology.

“During deployment of the Exchange server, e-mail was up and down, and we had no viable way of communicating with everyone.” Even so, “e/pop enabled us to continue our communications internally so the lack of e-mail delivery wasn’t the huge problem it could have been.”

Related Articles

Best Practices: Securing IM Against Attacks
http://info.101com.com/default.asp?id=8408

Case Study: Secure IM and Workspaces for Project Teams
http://info.101com.com/default.asp?id=7209

About the Author

Mathew Schwartz is a Contributing Editor for Enterprise Systems and is its Security Strategies column, as well as being a long-time contributor to the company's print publications. Mr. Schwartz is also a security and technology freelance writer.