Over the last few years, instant messaging (IM) is gaining popularity at work for it’s ability to get co-workers’ attention, rapidly resolve issues/questions, save telecommunications costs and reduce face to face meetings. Most enterprise use of IM starts with individual users deploying their own IM client (typically a consumer-grade client freely available from Facebook, Google et. al.) But as the usage of IM increases, it throws up challenges in terms of security and compliance that need to be urgently addressed to make it both viable and effective collaboration network within an enterprise.
According to a recent report (2012) by INT Media Research on “Enterprise Instant Messaging: A Baseline Study of Business Trends,” there is a large and growing interest in deploying some form of IM for corporate use. Among the report’s findings:
47% of businesses surveyed indicated employees use IM at work; 24% use a secure, proprietary IM system and 76% use a third-party free system.
65% of businesses surveyed believe it is at least somewhat important to provide IM as a tool for internal communications; 6% of those surveyed said IM systems are not at all important to their businesses.
18% of the businesses surveyed indicated they would be ready to purchase internally networked IM services in the near-term.
Another independent research instant messaging experts, ProcessOne, has revealed that 60% of mobile users would send less text messages if they were better educated about how to use mobile instant messaging (IM) services.
Challenges/ Risks faced by enterprises for implementing IM that corporate IT departments need to watch out for:
Lack of namespace control
Most enterprise IM users still use consumer-grade clients that are freely available from Microsoft, Google et. al and these IM client operate independently from a corporate directory enterprises have. This results in two major problems.
- Using an IM account that does not carry corporate identity has a negative impact on the brand and reputation of an enterprise.
- The employees can continue to use the IM account even after leaving the organizations which can result in potential liabilities for an employer.
Lack of security
- Lack of auditing and logging capabilities: Consumer-grade IM clients typically do not provide any sort of logging of IM conversations when the parties to an IM conversation leave the session, the content of their conversation is lost unless the text thread is manually copied and saved. This can result in significant problems for an enterprise that archives employees electronic communications, particularly for those that are required by statute to do so. Further, it leaves an enterprise vulnerable if the archived content of an IM conversation is modified after the fact. This risk is a particularly important consideration in the context of increased corporate scrutiny imposed by regulations and audit.
- Potential for incursion by viruses and worms: Consumer-grade IM clients don’t provide secure messaging capabilities and they have also shown to be more prone to malware (virus/spam etc) which results in security threats. Unmanaged IM represents a key avenue through which viruses, worms and other malware can enter a corporate network.
Some of the must-have features listed by Gartner for IM hygiene include:
- Archiving in a secure, searchable repository, or integration with leading third-party email archiving systems.
- Centralized management, including IM monitoring and enforcement of user authorization and other IM usage policies for both groups and individuals.
- Reporting capabilities for regulatory compliance.
So, if you’re planning to introduce Enterprise grade IM setup within your organization it is imperative to choose a product that will address the above security concerns to be able to establish an effective and safe communication channel for Business to collaborate.
Footnote : Look out for Mithi’s new Web Chat feature in Baya as a solution for the IM requirement for your enterprise.