Should IT departments ban instant messaging because of the security and compliance issues caused by using public IM clients, or should they turn a blind eye because employees can use it as a useful communication tool to talk to colleagues and clients?
Today’s IT department is faced with challenges every day because of the introduction of new technology. Instant messaging (IM) has proved to be a bigger challenge than most because its use can spring up without the knowledge of the IT department as users download free IM clients such as MSN, Google Talk and Yahoo! onto their desktops.
This creates a dilemma for the IT department: Should they ban it because of the security and compliance issues caused by using public IM clients, or should they turn a blind eye because employees can use it as a useful communication tool to talk to colleagues and clients? IT staff are already busy and face enough obstacles to establishing communication and relationships with the rest of the business without being placed in the role of also policing what employees do. When all this is considered, it’s little wonder that instant messaging is viewed by many IT departments as nothing but a nightmare.
Traditionally, the only decision that IT departments faced when it came to allowing IM use within the business was whether to ban its use completely or purchase a private proprietary IM system. Neither choice was really ideal as either the business lost out on the benefits of IM or employees were forced to give up the IM clients they were familiar with and made to use a private system that would only allow them to communicate internally and not with customers and other business partners.
However, today businesses are looking for a way that will allow them to have the best of both worlds when it comes to IM by allowing employees to continue to use public IM clients but to bring them under the control of the IT department so that they can be managed and maintained effectively.
To get the most from public IM and avoid the potential risks caused by having software which is not being managed by the IT department, businesses needs to have a management strategy in place. One way to accomplish this is to deploy an instant messaging platform that creates gateways into public IM clients, so they can be managed by the IT department. This approach will allow security to be maintained, and contacts and conversations monitored, all with minimal disruption to users.
There are a number of features that businesses should look out for when selecting a platform to meet their needs. It is important to choose a platform that is reliable for large scale enterprise use: while employees are familiar and comfortable with public IM clients such as MSN, Yahoo! or Google messenger services, these have not been developed for business use and do not provide the necessary levels of reliability and security on their own.
To gain control, businesses need an internal system that is hosted and managed centrally, but can also interoperate with external systems if the business decides to outsource elements such as IM conversation archiving.
Bringing public IM clients under the control of the IT department will also allow security policies to be implemented and enforced in order to protect the company and its staff. For example, employees should be educated about the dangers of opening attachments and making sure sensitive company data is not discussed with external parties over IM.
The IM platform can then be configured to monitor and prevent this from happening by disabling file transfers if necessary, or blocking external or distrusted users. By selecting a platform that is centrally managed, businesses can then easily roll out the security policy throughout the system.
In order to ensure businesses are complying with regulations applicable to the company, a central IM platform will allow all IM conversations to be recorded, archived and managed according to the regulation’s specifications, even if each employee uses multiple IM clients.
To make the integration of the platform as pain-free as possible, the solution should easily integrate into the existing IT environment seamlessly. Ideally, it should be based on an open source platform so does not lock users into a costly proprietary model and will work with the majority of public IM clients being used by employees.
Businesses should be able to customise the platform to suit their needs. For example, employees should be able to build their own “buddy lists”, be able to personalise their settings to publish specific presence information, block specific users at specific times, or allow file transfers only from trusted users.
Finally, using a centrally managed IM solution should not place additional strain on the IT department. Ongoing maintenance should be simple and upgrades should be easy to roll out without needing to restart the system and disrupt users. It should also be able to handle a high volume of traffic in order to scale easily and relieve pressure on administration resources.
Many businesses will already have employees using IM at work, and it is important to avoid the knee-jerk reaction of assuming that it cannot be used safely, is hindering productivity and should be blocked. Used properly, IM can be an important business tool that reflects the changing way employees are communicating with each other, customers, partners and suppliers.
By carefully selecting an IM platform that can be centrally managed and will interoperate with public IM clients, businesses can gain the best of both worlds. They can enable employees to use these existing public IM tools and still get the benefits of a productive and well-adapted business tool.
Mickael Remond is CEO of messaging software company ProcessOne