Web security company ScanSafe this week plans to announce a new service aimed at protecting instant-messaging channels from viruses, spam, and other threats, as well as enforcing policies across this increasingly popular communications mechanism.The Radicati Group predicts that the number of IM messages sent per day will increase from 13.9 billion in 2005 to over 46 billion by 2009. With that growth comes a rise in abuse, and to combat that Web and messaging security vendors including Postini, MessageLabs, and CipherTrust are rounding out their offerings with dedicated IM products and services.ScanSafe\u2019s new service, called IM Control, is available now and works with popular IM services from Yahoo, Microsoft, AOL and others. Customers of the service point their DNS records to ScanSafe, so that all IM messages going into and out of the organization are sent through the IM Control service where they are scanned for spam, viruses and other malware and also directed to archives for compliance reasons, says Dan Nadir, vice president of product strategy.At Russell Reynolds, an executive recruiting firm with 34 offices and 900 users, the IT department learned the hard way just how vulnerable IM communications can be to threats. The company recently was infected by a virus that came in through MSN Messenger that directed people to a Web site where their PCs would become infected, says Gavin Atkinson, Russell Reynolds\u2019 CTO.\u201cI don\u2019t think we had ever thought we were going to get hit [with a virus] through IM, we thought of it as low risk,\u201d he says. \u201cIt was just like great, there\u2019s another layer I need to cover, I need to have some kind of protection for IM.\u201dThe company, which already uses ScanSafe\u2019s Web security service, just began trialing IM Control \u201cand if it\u2019s anything like the Web product I\u2019m sure we\u2019ll use it,\u201d Atkinson says.Building off of its initial offering that scans a company\u2019s HTTP traffic for threats without introducing latency, according to Nadir, ScanSafe has developed IM Control so that it is transparent to users. The first time IM Control users accesses their IM account they will be instructed to log in \u2013 so that the service can correlate their screen name with their corporate e-mail address for identification purposes \u2013 but they\u2019ll see no evidence of the service in subsequent sessions, he says.Achieving no latency is even more crucial for IM communications than for Web surfing, Nadir says, since chats are done in real time.The service also manages IM policies, such as which users in an organizations have access to the freely available services, and sends IM messages to archiving solutions either at the customer\u2019s location or off-site. Those messages are encrypted for security, Nadir says.While IM threats aren\u2019t nearly as prevalent as those found in e-mail and Web traffic, scams across the public IM networks are becoming more popular, Nadir says. He offers the example of one piece of malware that replaces a user\u2019s away message with a link to a Web site that downloads spyware.Still, Nadir believes regulatory compliance is the No.1 reason why enterprises will use IM Control, since agencies such as the Security and Exchange Commission have specified that IM messages must be archived along with e-mail and other corporate communications channels. IM has become popular in the financial industry, largely because of its real-time nature, and that industry is heavily regulated.