Securing Instant Messaging at Work
The CRM Advisor
You ask the questions, and our resident CRM guru shares her wisdom.
This week’s question: “How can we extend our email security solution to provide the same level of protection for our desktop messaging applications?”
A: The instant messaging (IM) services offered by AOL, Yahoo, and other vendors have emerged as valuable productivity and communication tools for many businesses today. In fact, in a recent Gartner survey, more than 70 percent of organizations claimed to rely on instant messaging, in some form, to facilitate fast and effective collaboration among employees, as well as between staff members and clients and other external business partners.
However, as with all Internet-based technologies, the increased use of IM applications can create additional risks for today’s corporations. Those risks are quite similar to the inbound threats posed by email environments that are not protected by an email security software solution. These include the potential for the direct transfer of worms, spyware, malware, and corrupted files, as well as the ability for sophisticated hackers to bypass firewalls and other security measures to gain unauthorized access to back-end computer networks and operational systems.
Additionally, there are several outbound threats associated with the use of IM. For example, they are very easy to obtain and deploy. Most workers can download and install them without the help of IT personnel, making it harder for companies to maintain an effective level of control over their implementation and use. Additionally, these types of applications are designed to enable real-time communication, making it both faster and easier for employees to violate corporate privacy guidelines by allowing them to rapidly distribute intellectual property or leak other sensitive company information.
You’re protecting your email infrastructure with an email security system – now how can you leverage similar techniques to ensure the integrity of IM correspondence across your organization?
IM security is not an easy task. However, there are a handful of innovative, yet affordable solutions on the market that are designed specifically to serve as “extensions” to your email security system, and provide broader reaching protection that encompasses a wider variety of communications. These software packages allow you to better control the IM activities of your employees, and minimize risks to your company by:
• Automatically logging and archiving all IM chats, and allowing for random chat monitoring, to ensure that employees are following all information-sharing guidelines, and not divulging sensitive information to unauthorized parties.
• Filtering and/or blocking certain pre-defined incoming content, to prevent inappropriate text, images, or attachments from offending staff members or hindering productivity.
• Encrypting outgoing content, to prevent hackers and other cyber criminals from intercepting it and using it for malicious or unlawful purposes.
• Dynamically detecting when correspondence sent through IM channels contains malware, spyware, or other dangerous attachments, to protect end user systems from these threats.
• Providing additional gateways – such as extra login steps or multiple levels of password protection – to prevent unauthorized IM usage and access.
• Continuously analyzing the IM infrastructure and assessing its vulnerabilities, so security gaps and weaknesses can be corrected before problems arise.
But, while technology can help tremendously, the key to keeping IM communications protected at all times is to implement stringent policies for its usage in the work place, and enforce those standards strictly.
Submit your question to the CRM Advisor at CRMadvisor@business-software.com.
[Photo courtesy of lifewire.]