Take control of corporate IM: implement best management practices now!For those of you who remember the late 1980s, instant messaging Exchanging text messages in real time between two or more people logged into a particular instant messaging (IM) service. Instant messaging is more interactive than e-mail because messages are sent immediately, whereas e-mail messages can be queued up in a mail server for seconds or systems began with the early proprietary versions of AOL Instant Messenger See AIM. (AIM), and the public Internet Relay Chat See IRC. (chat, messaging) Internet Relay Chat - (IRC) /I-R-C/, occasionally /*rk/ A client-server chat system of large (often worldwide) networks. IRC is structured as networks of Internet servers, each accepting connections from client programs, one per user. (IRC (Internet Relay Chat) Computer conferencing on the Internet. There are hundreds of IRC channels on numerous subjects that are hosted on IRC servers around the world. After joining a channel, your messages are broadcast to everyone listening to that channel. ). It was also in the late 1980s when Bobby McFerrin's ("Don't Worry, Be Happy") was at the top of the music charts--but are IT executives still singing the same tune today when it comes to corporate communications Corporate communications is the process of facilitating information and knowledge exchanges with internal and key external groups and individuals that have a direct relationship with an enterprise. ? Instant Messenger AOL's instant messaging service. See AIM and instant messaging. Developed as a communications tool for interacting initially with friends and family, many of IM's most avid users (particularly 'knowledge workers' and those in technology-driven fields) brought IM into the workplace to leverage its presence awareness features (e.g., 'online', 'busy', 'away') to stay in touch with family, co-workers and friends. The Radicati Group predicts there will be 1.4 billion IM accounts by 2007--up from 590 million in 2003. In business, it expects 349 million accounts by 2007--up from 60 million in 2003. In a nod to the overwhelming speed at which ad hoc For this purpose. Meaning "to this" in Latin, it refers to dealing with special situations as they occur rather than functions that are repeated on a regular basis. See ad hoc query and ad hoc mode. IM adoption penetrated the business environment, most organizations have embraced (or at least not prohibited) the use of IM by their employees, even while they struggle to get it under control. For example, there are now a number of secure, proprietary enterprise IM systems designed specifically for businesses, yet more than 90% of the IM used in organizations relies on the same insecure public systems freely available to any individual. In addition, fewer than half of all organizations have even specified one IM system as a corporate standard. And perhaps most significantly, seven out of ten have yet to establish any formal policies or implement systems to ensure its security and appropriate use. What to Look Out For The evolution from personal communication to workplace tool, combined with ignorance as to how the system works, means that most IM users are rarely aware of the potential risks that may affect the organization. Public IM systems operate 'in the open' where others (with modest effort) can eavesdrop eaves·drop intr.v. eaves·dropped, eaves·drop·ping, eaves·drops To listen secretly to the private conversation of others. . Additionally IM systems, both public and proprietary, often operate beyond the range of corporate firewalls and other security systems. Some serious risks companies face by not managing their IM use include: Information leakage Information leakage happens whenever a system that is designed to be closed to an eavesdropper reveals some information to unauthorized parties nonetheless. For example, when designing an encrypted instant messaging network, a network engineer without the capacity to crack your : Either intentional or accidental revelation of confidential or proprietary information through IM sessions and/or file transfers. Worms, viruses, malware (MALicious softWARE) Software designed to destroy, aggravate and otherwise make life unhappy. See crimeware, virus, worm, logic bomb, macro virus and Trojan. , Spim (spam over IM): Numerous malware programs target public IM systems and allow them to bypass standard firewalls and mail server anti-virus systems. Network hackers and intrusions: Hackers use IM operating ports to bypass other security barriers and enter the corporate network unimpeded unimpeded Adjective not stopped or disrupted by anything Adj. 1. unimpeded - not slowed or prevented; "a time of unimpeded growth"; "an unimpeded sweep of meadows and hills afforded a peaceful setting" . Compliance, regulatory and/or legal violations: Organizations with government oversight and industry compliance mandates may find themselves creating legal issues by failing to properly monitor, log and regulate IM sessions and content. Productivity loss: Idle chat can disrupt employee productivity. Why You Need IM The primary reason that IM has been such a success in the business environment is that its benefits, even when weighed against the risks, are both immediate and tangible. Presence awareness allows users to see who's available without the need to pick up the phone or travel to another part of the building. The real-time nature of the medium makes it a faster and more efficient means of getting answers, transferring documents and sending information, than email or the telephone. And IM provides a direct mode of communication with co-workers, customers and vendors that enables far closer and more personal relationships than is available in virtually any other means of electronic communications. Not surprisingly, the vast majority of employees believe that the use of IM within their organization improves productivity, external relationships and their efficiency. More significantly, however, is that even business managers and IT personnel who are aware of the risks posed by IM, overwhelmingly favor its use noting that the added 'real' business performance more than offsets the potential risks. How to Practice Safe IM Best Management Practices (BMP (1) (BitMaP) Also known as a "bump" file, it is the native, bitmapped graphics format in Windows. A BMP can be saved in several color options: 1-, 4-, 8- and 24-bit color provide 2, 16, 256 and 16,000,000 colors respectively. BMP files use the .BMP or . ) for business IM enable productive instant messaging within a secure and compliant framework. In applying BMPs, business executives, IT staff and corporate IM users work together to establish balanced policies and enforcement tools to minimize security risks while ensuring maximum benefit. BMPs for business IM consists of five specific practices: * Discovery: Exploration and documentation of the organization's current IM assets, policies and needs * Written policies: Clearly and explicitly define the acceptable and unacceptable uses of instant messaging within the business environment * Technology: Includes implementation of standard client and network security procedures to ensure that IM gateways and access points are properly secured against viruses and malware, hacking and intrusion, and unauthorized inbound/outbound file transfers * Monitoring and management: Includes the deployment of solutions that monitor the enforcement of written and physical security policies, and provide a means by which those policies may be managed and logged for the purpose of internal audit, regulatory compliance or other purposes * Periodic review and modification: Far from being set in stone, successful BMPs are flexible enough to fit the ever-changing needs and requirements of the business. Active monitoring and management makes this possible Conclusion Over the past decade, instant messaging use has evolved from a communications device--used by your family and mine--to a robust and valuable business tool. Corporate IM improves teamwork, cuts need-less waste and helps organizations improve relationships with customers, vendors and business partners in ways that no other form of electronic communications can. As a result, use of IM across the enterprise is escalating at unprecedented rates and analyst firms are predicting that its use within organizations will outstrip out·strip tr.v. out·stripped, out·strip·ping, out·strips 1. To leave behind; outrun. 2. To exceed or surpass: "Material development outstripped human development" that of e-mail in the next few years. Business IM, however, is not without risks. The public nature of most IM systems makes it susceptible to virus, malware and Spim attacks and inappropriate use that can place an organization in situations that range from merely embarrassing to financially devastating dev·as·tate tr.v. dev·as·tat·ed, dev·as·tat·ing, dev·as·tates 1. To lay waste; destroy. 2. To overwhelm; confound; stun: was devastated by the rude remark. . To mitigate the risks and reap the benefits that enterprise-wide IM has to offer, I encourage all organizations, large and small, to implement Best Management Practices for IM, just as they would for any other system, like Internet use and e-mail. Peter Shaw is CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. at Akonix Systems, Inc. (San Diego San Diego (săn dēā`gō), city (1990 pop. 1,110,549), seat of San Diego co., S Calif., on San Diego Bay; inc. 1850. San Diego includes the unincorporated communities of La Jolla and Spring Valley. Coronado is across the bay. , CA) www.akonix.com |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion