Over the last few years, instant messaging (IM) is gaining popularity at work for its ability to get co-workers’ attention, rapidly resolve issues/questions, save telecommunications costs and reduce face to face meetings. Most enterprises’ use of IM starts with individual users deploying their own IM client (typically a consumer-grade client freely available from Facebook, Google etc.) But as the usage of IM increases, it throws up challenges in terms of security and compliance that need to be urgently addressed to make it both viable and effective collaboration network within an enterprise.
According to a report by INT Media Research on “Enterprise Instant Messaging: A Baseline Study of Business Trends,” there is a large and growing interest in deploying some form of IM for corporate use. Among the report’s findings are:
- 47% of businesses surveyed indicated employees use IM at work; 24% use a secure, proprietary IM system and 76% use a third-party free system.
- 65% of businesses surveyed believe it is at least somewhat important to provide IM as a tool for internal communications; 6% of those surveyed said IM systems are not at all important to their businesses.
- 18% of the businesses surveyed indicated they would be ready to purchase internally networked IM services in the near-term.
- Another independent research by the instant messaging experts, ProcessOne, has revealed that 60% of mobile users would send less text messages if they were better educated about how to use mobile instant messaging (IM) services.
Challenges/ Risks faced by enterprises for implementing IM that corporate IT departments need to watch out for:
Lack of namespace control
Most enterprise IM users still use consumer-grade clients that are freely available from Microsoft, Google, et al. and these IM clients operate independently from a corporate directory enterprises have. The corporate IT departments need to watch out for the following challenges/ risks faced while implementing IM:
- Using an IM account that does not carry corporate identity has a negative impact on the brand and reputation of an enterprise.
- The employees can continue to use the IM account even after leaving the organizations which can result in potential liabilities for an employer.
Lack of security
- Lack of auditing and logging capabilities: Consumer-grade IM clients typically do not provide any sort of logging of IM conversations. When the parties of an IM conversation leave the session, the content of their conversation is lost unless the text thread is manually copied and saved. This can result in significant problems for an enterprise that archives employees’ electronic communications, particularly for those that are required by statute to do so. Further, it leaves an enterprise vulnerable if the archived content of an IM conversation is modified after the fact. This risk is a particularly important consideration in the context of increased corporate scrutiny imposed by regulations and audit.
- Potential of incursion by viruses and worms: Consumer-grade IM clients don’t provide secure messaging capabilities and they have also shown to be more prone to malware (virus/spam etc) which results in security threats. Unmanaged IM represents a key avenue through which viruses, worms and other malware can enter a corporate network.
Free for All
Today a lot of organisations block the use of public and free social media and email sites to enforce some level of security. But along with this, the benefits derived from using a live communication system like the Chat are also gone. So while on the one hand, it is difficult but possible to enforce corporate usage policies on the use of public IM/chat solutions and lose the collaboration benefits of chat, on the other hand, it can be a free for fall, which allows employees to use any free tool which comes their way and chat with anybody and may compromise on the security policies of the organisation. The best scenario is that the corporate has the ability allow the use of IM/Chat, but cover the use of IM/Chat under the IT policy umbrella and enforce these policies using automation.
Some of the must-have features listed by Gartner for IM hygiene include :
- Archiving in a secure, searchable repository, or integration with leading third-party email archiving systems.
- Centralized management, including IM monitoring and enforcement of user authorization and other IM usage policies for both groups and individuals.
- Reporting capabilities for regulatory compliance.
So, if you’re planning to introduce Enterprise grade IM setup within your organization it is imperative to choose a product that will address the above security concerns to be able to establish an effective and safe communication channel for Business to collaborate.
Have you had a look at Mithi SkyConnect’s secure enterprise chat facility as a solution for the IM needs of your organisation?