Tip

Instant messaging compliance suite points: SMB Buying Decisions

Definition: Instant messaging (IM) compliance suites address the security and compliance issues that have increased with growing business use of IM. The suites scan incoming IMs, identify

    Requires Free Membership to View

and block incoming viruses and other malware, scan outgoing IMs and block those containing words or phrases that have been previously identified as inappropriate. They also provide centralized enforcement of IM usage policies. Integration with archiving platforms ensures compliance with regulatory and legal retention requirements.

Benefits

According to Stamford, Conn.-based Gartner Inc.'s "Marketscope for Instant Messaging Hygiene 2006" report, published in February, IM has become increasingly popular in business "as a fast way to get co-workers' attention, rapidly resolve issues/questions and save telecommunications costs." Controlling IM usage poses a major challenge for IT administrators, and yet "uncontrolled IM usage, as with uncontrolled email, is a recipe for disaster for organizations," the report states.

More on instant messaging

IM too critical to ban

Messaging resource center

 

Email archiving and compliance tools
The two main dangers are regulatory noncompliance and malware.

While few federal regulations spell out that email archiving requirements also apply to IM, companies should assume it, to be safe, according to Gartner analyst David Smith. The same goes for regulations that penalize companies for allowing sensitive financial or customer-related information to get out, intentionally or not. In recent years, several major investment firms paid fines totaling tens of millions of dollars for IM-related incidents.

Hackers are definitely zeroing in on IM of late. According to Gartner, claims of year-over-year IM threats from malware increased 3,266% from 2004 to 2005. Indeed, IM has advantages over email as a malware vehicle. Hackers can gain the trust of end users by inserting themselves onto a buddy list. And they can target people actively using their machines, ensuring a worm or virus spreads faster.

SMBs are especially vulnerable to malware, according to Gartner, because few of them have installed enterprise-grade IM platforms, such as IBM's Sametime, Jabber Inc.'s Jabber or Microsoft's Live Communications Server. Such products have built-in encryption and other security mechanisms that most public IM services lack.

Instant messaging compliance products can effectively eliminate 90% of IM viruses, by scanning incoming IMs and blocking those with identifiable virus signatures, along with embedded URL hyperlinks and executable file attachments, the Gartner report states.

Costs

IM hygiene platforms are priced around $25 per seat, per year, or $15 with volume licensing, plus the cost of a Unix or Windows server, according to Gartner. Gartner expects pricing to fall to approximately $10 per seat this year.

San Diego-based Akonix Systems Inc.'s A1000 IM security appliance starts at $4,995, for 100 seats. IM Manager, from Symantec Corp. acquisition IMlogic, is priced at $40 per seat.

IM archiving costs are minimal if you pick an IM compliance platform that integrates with your existing email archiving system. Email archiving systems start at around $10,000 for a plug-and-play appliance (see the SMB Buying Decisions guide on email archiving).

Technology trends

IM features keep proliferating. Some 40.8% of employees surveyed by Gartner used IM for file transfer; 46.1% for conferencing; 15.2% for picture sharing; 14.7% for voice. This complicates the task of securing and controlling IM-related communications -- as does the rapid proliferation of IM-based malware.

Leading IM hygiene vendors have been aggressively enhancing and expanding their offerings to deal with these challenges. Among recent and planned developments:

  • Extension of hygiene platforms to other peer-to-peer media, such as Voice over Internet Protocol. (Most vendors are in the planning stages.)

  • Secured links between private IM systems and public IM networks such as AOL Instant Messenger and Yahoo MSN Messenger.

  • Secured IM for remote clients. Akonix has introduced an agent that sits on off-site clients and directs all IM through the corporate IM security gateway.

  • Plug-and-play IM hygiene appliances targeted at small and medium-sized businesses (SMBs) . Products such as Alpharetta, Ga.-based CipherTrust Inc.'s IronIM and Akonix's A1000 are reasonably priced and easy to set up.

  • Better hygiene: Akonix's L7 Enterprise includes a passive "sentry" that gets inserted into a user's buddy list, and watches for IMs containing unknown URLs. When it spots one, it immediately terminates the sender's IM session and places the URL on the disallow list.

Tips and gotchas

Gartner lists the following must-have features for an IM hygiene platform:

  • Archiving in a secure, searchable repository, or integration with leading third-party email archiving systems.
  • Centralized management, including IM monitoring and enforcement of user authorization and other IM usage policies for both groups and individuals.
  • Firewalls that identify and filter out known malware.
  • Workflow and reporting capabilities for regulatory compliance.
  • Content inspection, including filtering of incoming and outgoing IM for security and privacy breaches, and salacious content.
  • Spam over instant messaging protection.

Gartner also recommends:

  • IM client standardization. Many employees run multiple clients, making administration and control difficult.

  • IM hygiene software should be only one component of an overall strategy that also includes educating end users in IM security practices (for example, not automatically trusting everybody on a buddy list), and regular precautions such as keeping client security software up to date, and deploying personal firewalls.

Product sample

Akonix Systems
Symantec
FaceTime Communications Inc.
CipherTrust
IM-Age Software Inc.
Jabber Inc.
Microsoft Office Online

Expert viewpoint: Michael Osterman, president, Osterman Research

"SMBs definitely need to get serious with IM management. If you're not a hedge fund, or an investment advisor, you don't need to worry much about regulators knocking on your door and wanting all IMs between two employees over the last three years. But if you get sued, for wrongful termination for example, and the employee produces IM exchanges between executives (as evidence of harassment), the court could order discovery. If you can't produce the original IMs, you have no defense and are likely to lose the judgment.

"Right now IM is where email was in 1995, in terms of user perception: Some decision makers don't want it, feel it's unnecessary. But last year there were some huge IM threats and a lot of decision makers recognized that they need to spend some money to deal with the problem.

"Totally blocking IM is unlikely to work. Consumer IMs can come in on a port with regular Web traffic. You can't block all ports without blocking viable Web traffic, and end users could use IM anyway.

"Decide what controls you want. For example, you may let employees do IM but not file transfer, which is another avenue for viruses, malware. Or you may allow enterprise-grade IM, but block all consumer IM.

"If you go with an enterprise-grade IM platform, you won't have much concern about hygiene with worms, viruses. Those mainly impact consumer clients. And some enterprise platforms come with archiving. They vary widely in price; $25 to $50 per seat is pretty common. Microsoft offers [Lotus Communications Server] free to Exchange Software Assurance customers."

Elisabeth Horwitt is a contributing writer based in Waban, Mass. Write to her at editor@searchcio-midmarket.com.


This was first published in June 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.