ScanSafe debuts instant-message security service

Web security company ScanSafe this week plans to announce a new service aimed at protecting instant-messaging channels from viruses, spam, and other threats, as well as enforcing policies across this increasingly popular communications mechanism.

The Radicati Group predicts that the number of IM messages sent per day will increase from 13.9 billion in 2005 to over 46 billion by 2009. With that growth comes a rise in abuse, and to combat that Web and messaging security vendors including Postini, MessageLabs, and CipherTrust are rounding out their offerings with dedicated IM products and services.

ScanSafe’s new service, called IM Control, is available now and works with popular IM services from Yahoo, Microsoft, AOL and others. Customers of the service point their DNS records to ScanSafe, so that all IM messages going into and out of the organization are sent through the IM Control service where they are scanned for spam, viruses and other malware and also directed to archives for compliance reasons, says Dan Nadir, vice president of product strategy.

At Russell Reynolds, an executive recruiting firm with 34 offices and 900 users, the IT department learned the hard way just how vulnerable IM communications can be to threats. The company recently was infected by a virus that came in through MSN Messenger that directed people to a Web site where their PCs would become infected, says Gavin Atkinson, Russell Reynolds’ CTO.

“I don’t think we had ever thought we were going to get hit [with a virus] through IM, we thought of it as low risk,” he says. “It was just like great, there’s another layer I need to cover, I need to have some kind of protection for IM.”

The company, which already uses ScanSafe’s Web security service, just began trialing IM Control “and if it’s anything like the Web product I’m sure we’ll use it,” Atkinson says.

Building off of its initial offering that scans a company’s HTTP traffic for threats without introducing latency, according to Nadir, ScanSafe has developed IM Control so that it is transparent to users. The first time IM Control users accesses their IM account they will be instructed to log in – so that the service can correlate their screen name with their corporate e-mail address for identification purposes – but they’ll see no evidence of the service in subsequent sessions, he says.

Achieving no latency is even more crucial for IM communications than for Web surfing, Nadir says, since chats are done in real time.

The service also manages IM policies, such as which users in an organizations have access to the freely available services, and sends IM messages to archiving solutions either at the customer’s location or off-site. Those messages are encrypted for security, Nadir says.

While IM threats aren’t nearly as prevalent as those found in e-mail and Web traffic, scams across the public IM networks are becoming more popular, Nadir says. He offers the example of one piece of malware that replaces a user’s away message with a link to a Web site that downloads spyware.

Still, Nadir believes regulatory compliance is the No.1 reason why enterprises will use IM Control, since agencies such as the Security and Exchange Commission have specified that IM messages must be archived along with e-mail and other corporate communications channels. IM has become popular in the financial industry, largely because of its real-time nature, and that industry is heavily regulated.