Get a Handle on Instant Messaging
Instant messaging (IM) is gaining ground in the corporate world. According to an IDC report, global revenue for the messaging applications market is expected to grow to nearly $2.4 billion worldwide by 2007. This growth presents new challenges for the IT departments charged with maintaining security of their systems and ensuring the organization is in compliance with federal laws that require corporate communications to be archived, such as Sarbanes-Oxley, or monitored, such as the Health Insurance Portability and Accountability Act (HIPAA).
Many corporate IM platforms, like the enterprise solutions offered by Microsoft, IBM Lotus and others, incorporate management solutions into the program that can deal with management, security and compliance issues. The trouble lies in the fact that many businesses have not deployed these solutions, and their workers are relying on the three public IM services to communicate quickly: AOL Instant Messenger, Microsoft MSN Messenger and Yahoo Messenger. These systems typically are not centrally supervised or controlled. Luckily for busy IT professionals, several third-party vendors have stepped in to provide management and monitoring solutions that cover the gamut of services needed to ensure IM is not endangering the enterprise, whether it’s due to malicious code or employees who are not adhering to corporate communications policies.
Akonix Systems (www.akonix.com) is one of the leaders in this group with its Akonix L7 Enterprise IM management solution. It works as a gateway, enforcing access policies, stopping malicious software, keeping a log of IM conversations and proxying IM traffic. It offers comprehensive features to help log, audit, report and archive IM communications to help comply with industry and government regulations, as well as corporate policies. Akonix L7 Enterprise is certified for use with AOL, Microsoft Live Communications Server, MSN Connect for Enterprises, IBM Instant Messaging, Yahoo and Reuters.
FaceTime Communications (www.facetime.com) offers two solutions: IM Director and IM Auditor. Deployed behind the corporate firewall, IM Director can be licensed as a stand-alone management and control server, or it can be extended to meet specialized line-of-business needs. IM user names can be mapped to employee IDs in corporate directories (Microsoft Active Directory, Lotus Notes Domino, Sun ONE Directory Server or Novell Directory Server), and the product records all conversations taking place via IM networks. Administrators can also create keyword watch lists to ensure no one is doing anything untoward on the network. IM Director interoperates with the three big public IM services and many other popular IM networks and clients: Bloomberg, Communicator, Jabber, IBM Lotus Instant Messaging, Microsoft Office Live Communication Server and Reuters Messaging. IM Auditor takes IM Director to the next level, allowing organizations to deal with communications issues related to regulatory compliance, including guaranteed logging to ensure communications are audited and the ability to administer “Chinese Walls,” which help enforce levels of authorization to ensure compliance with rules regarding communications between traders and other groups.
Another enterprise solution is the IM-Age IM-Policy Manager Enterprise Gateway (www.im-age.com). This solution allows network administrators to manage all IM users, including remote users, and block or log IM conversations with a central solution. It offers centralized management for security, control and data storage. It supports Active Directory and is scalable with Microsoft ISA server. It provides desktop encryption for certain users, along with encrypted file transfer and logging, external authentication, and IM blocking and file blocking. To help companies ensure compliance with regulations, IM and chat room sessions are logged, and corporate disclaimers are provided for all users.
IMLogic (www.imlogic.com) offers IM Manager to help centralize control, reporting and security. IM Manager provides security features, including virus scanning, control over file transfer, spam protection and authentication control, along with the ability to route internal IM communications within the corporate network to ensure privacy. Keyword blocking and the ability to restrict external IM communications are also provided. Compliance features include the ability to log IM conversations, establish “Chinese Walls,” integrate with third-party compliance systems and print or e-mail compliance reports. Policy enforcement is also supported with the ability to require employees to register their anonymous screen names, control access and filter content. Other management aspects that put control over IM into network administrators’ hands include real-time policy enforcement, support for remote users and more. IMLogic has partnerships with many leading IM providers, including AOL, IBM, Microsoft, Yahoo, Communicator, Jabber, Reuters, Bloomberg, HUB IM, MindAlign and others.