STRATEGY > KNOWLEDGE/COMPETENCY

CONTENT > IMPLEMENT

Balance Instant Messaging Security Risks Against Productivity Benefits

STAMFORD, Conn.—May 31, 2006—Although enterprises have improved their email system security, companies must implement better strategies to protect themselves from instant messaging (IM) security attacks, said Gartner Inc., in a recent announcement detailing its IT Security Summit, to be held June 5 to 7 in Washington, D.C.

As IM use increases, so do IM threats, typically viruses, as attackers begin to shift focus from better-protected email systems to IM. Gartner analysts said IT administrators who do not manage and protect public IM will experience 80% more IM-related security incidents than those who do, according to the announcement.

Analysts identified several risks of uncontrolled IM, including lack of regulatory compliance involving records retention, communications limitations between employees, and auditing of communications; lack of universal or widespread use of encryption, which can result in confidential data being exposed in IM communications; lack of records or universal naming conventions, which can result in disputes over what was communicated and with whom, when business deals are conducted over IM networks; and lack of visibility into IM usage, which can result in noncompliance with acceptable usage of enterprise assets, such as transfer of pornography or salacious messages and playing multiplayer games.

“IT organizations must keep this threat in context and balance it against the productivity benefits of IM,” said Peter Firstbrook, research director for Gartner’s information security and privacy research group, in the announcement. “Employees report benefiting from faster decisions, higher productivity, and lower telecommunications costs when they use IM. However, organizations must plan for and build a strategy for IM management and security, much like they have for email.”

www.gartner.com

News Archive

Product Archive