The rising use of Instant Messenger technology, from Windows Live Messenger and Yahoo Messenger to companies' own chat software, can be of benefit to businesses if security is properly understood and governed, delegates at an IDC security event were told this week.
David Stanley, VP of business development at Presence Networks, said the risks associated with IM were clear, with a survey of end-users conducted by the security supplier finding that one in four had shared sensitive work information via IM and 75% said their IT department did not monitor those conversations.
But Stanley said IM was not necessarily something to be feared so long as proper security was put in place.
"As security people, we all spend a lot of time stopping things. But it is better to regulate Instant Messenger since when it is used by staff it can enable multiple conversations and quick, cost-effective communication."
Companies would be wise to deploy their own IM applications, he said, allowing business and personal communication but also providing proper security.
And Stanley urged firms to follow a four-point plan in dealing with IM communications.
"Firstly, authenticate who staff are communicating with and make sure they only talk online to people they know instead of accepting 'friend requests' from unknown people.
"Secondly, secure the information by encrypting conversations and recording the data," he continued.
Thirdly, he said it was important to control the technology by understanding who was on the system and enforcing security policies.
Ensuring accountability and compliance by keeping conversations stored carefully was Stanley's final recommendation.