New technology that protects networks from instant messaging related infection is just like the pioneer days of Internet filters-the originally stated focus is to keep employees from wasting time using new technology for personal reasons. But like the Web protections, the long-term ramifications of IM filters go far beyond keeping tabs of customer service reps talking to friends-extending all the way to the larger war against SPAM, viruses and phishing.
Jake Jacoby, CEO of Singlefin, a company that provides managed protection services, says instant messaging use by employees is one of the biggest threats to electronic security, in large part because SPAM that winds up in a users IM account can corrupt an entire company's network. He says IM security is one of many issues that companies have to face when considering how to manage instant messaging use by employees, combined with the better publicized concerns of liability and the impacts on employee productivity.
What industries are you in?
We're very horizontal, with clients in financial services, government, schools, manufacturing, healthcare and other businesses.
What are some of the special challenges that financial institutions face in filtering e-mail and instant messaging?
Financial institutions are regulated on what you can give out in terms of information. With a filter, you can control information and make sure appropriate content doesn't go out, and you can search archives. Mostly, it's a matter of having control over information.
How do the latest filters improve on older measures?
As a managed service, you can implement the filters in just a few minutes, rather than running another server or getting another Microsoft license. It's become very easy now. Just sign up, flip a switch, and you're done.
What are some of the electronic communication issues that you're presently encountering from your customers?
Problems with SPAM and viruses are the number one reason that people call us. That translates into any communication that is happening throughout the network-e-mail, instant messaging, employees taking with customers, friends and family members.
How does that compare to the general Web inquiries that you get?
On the Web, it's not so much a matter of the Internet affecting employee productivity anymore. It's now more about spyware, adware and the security risks and viruses that crop up on the Web. Companies are signing up for a suite of products that protect e-mail, instant messaging and Web traffic.
What has changed in regard to SPAM, viruses and the like over the past couple of years?
As e-mail usage has increased, SPAM has increased dramatically. A few years ago, it was about 30 percent of all traffic on the Internet. Now it's about 80 to as much as 90 percent...the volume has gone through the roof. And spammers are getting more aggressive. We are getting a lot of reports of denial of service attacks.
How has the mainstreaming of the electronic channel impacted the seriousness placed on SPAM and viruses?
When Web filters first came out, it was a question of whether firms wanted employees to have access to the Internet, and if they (provided access) they wanted to know the workers weren't going to use the Internet to 'screw around' on-line and not get their work done. That's how the first Web filtering firms got into the business. By now, you really don't have companies that don't provide Web access to their workers. Pretty much everyone needs the Web to get their job done. Today, it's more a matter of making sure that threats like spyware and adware don't compromise your network. You don't want something to go wrong just because someone is using the Web to do their job and they come across something that can corrupt the whole system.
How does instant messaging compare to the rest of the Web in this context?
Instant messaging is one of the fastest growing applications on the Internet. And Instant messaging filters are pretty much where Internet filters were a few years back. About 75 to 80 percent of instant messaging use is personal communications. So if a firm is going to allow instant messaging use in the workplace, they need to make sure that the worker productivity issues are addressed, and they need to have a virus scan to make sure the security threat is being addressed.
There's also an extensive regulatory component to IM. What are you telling your clients?
Depending on the industry, there are different requirements regarding IM communications. If you're regulated by the SEC, and a communication is a corporate communication, there are a number of laws that mandate that it has to be archived. We get a lot of customers who sign up because of that.
What are some steps that firms can take to protect themselves when industry standards for IM use are still emerging?
One of the neat things about instant messaging that's both good and bad is users do something that's called port hopping. If you can't get through on your regular port, users can go to another available port. If you're a company that says you won't allow instant messaging because you don't see the value in it, you can block the ports. By actually monitoring and controlling these ports, you're able to give access or deny access.
Is simply notifying employees that they are being monitored helpful?
If you know you're being monitored on the Web, you generally aren't going to go to porn sites or spend three hours on ESPN.com. Just letting people know they're being monitored can solve the problem.
