* Best practices for instant messaging
Chances are very good that if you operate a corporate network of any size you will have a fair number of users who are running consumer instant messaging products on your network, as well. Our research shows that about 90% of organizations have some consumer IM operating in their networks, and that one in four e-mail users is also an IM user.
Although enterprise-grade IM is becoming much more common and many organizations are deploying these systems, the consumer space’s ‘Big Three’ – AOL Instant Messenger, MSN Messenger and Yahoo Messenger – are also the Big Three in the workplace.
While consumer IM systems are extremely useful tools, they carry with them the potential for creating havoc in a corporate environment. For example, a file downloaded through IM typically bypasses all of the anti-virus and other defenses set up to protect against threats that might enter the corporate network. Users can send confidential or other sensitive information out through consumer IM systems, bypassing policy enforcement systems that might be in place. In short, consumer IM allows all sorts of bad stuff to bypass corporate defenses.
In terms of best practices for defending against these types of threats, there are a number of things that IT management should do.
First, discover how much consumer IM traffic is really traveling across your network. While there are fewer surprised senior managers today than there were a year ago when confronted with the sometime dramatic levels of IM traffic, many are still unaware of how much consumer IM is really used in their organizations. There are a number of very good tools available – some free, some at very low cost – that will allow an organization to ‘sniff’ the network for IM traffic, quantify it by screen name, and so forth. Once an organization has a handle on how much IM traffic is moving around and who are the biggest users, it can take the next step and decide what to do about it.
What to do about consumer IM use varies widely by organization, but it’s typically best to not simply block all traffic in response to the potential for threats entering the network. Our research has found that more than one-half of organizations use IM for actual business purposes – cutting off users’ access to a tool that many of them are using to do real work can have significant ramifications, few of them good. Instead, a wiser course of action is to evaluate how IM is being used in an organization, why it’s being used and what can be done to allow continued use while at the same time protect the network.
We’ll continue this discussion in the next article.




