SearchSMB Blog - A blog for SMB IT professionals.

SearchSMB Blog:

 

A blog for SMB IT professionals.


A blog for professionals at small and medium-sized businesses (SMBs), covering information technology (IT)-related news, features and advice.

Did you hear? People use IM for business!

July 25th, 2007 by Shamus McGillicuddy, News Writer

BREAKING NEWS: Businesses use IM! 

I love it when old media stalwarts like The Wall Street Journal and The New York Times write these big technology trend stories on a subject that my colleagues and I have been reporting on for more than a year. Seriously, do any of you think it’s news that instant messaging has “invaded the office,” as the WSJ headline so boldly announced? 

This story illustrates in great detail how employees use IM in the workplace, but it doesn’t touch on any of the risks associated with IM use. There’s one brief mention that employers fear “security breaches,” but there’s no discussion of IM-based malware, content monitoring or message retention policies.

In a story about the grass-roots adoption of IM in businesses, the WSJ should have been explaining to its readers the risks they face when they don’t have comprehensive policies and management technologies for IM. As mentioned at ITBusinessEdge.com, the Burton Group has found that only 10% of organizations have formal IM policies, and only 5% have security technology in place.  

Now if large enterprises are so lax about managing IM risk, what are SMBs up to? You guys have less money to play with. Can you afford to take control of IM? You should at least be looking at your options. 

If your employees are using consumer IM clients from AOL, Yahoo, Google, etc., you should do some sort of risk assessment. Analysts have told me that if you’re managing and securing your email, you should be doing the same for your IM. The risks of leaving IM unprotected are too great. You’re open to malware attacks and data breaches. And if you’re in a litigious industry, you’re always under threat of electronic discovery order. You need to retain your IMs if you’re retaining email.

There are some cheap appliances and on-demand services available for managing IM. Look into them. Pretty soon, vendors will be offering products that manage and secure email and IM. Watch for them. You’ll save money and time by managing both on one platform. 

Posted: July 25th, 2007 under Web 2.0.

5 Comments »

  1. Disclaimer: Akonix is a provider of IM management appliances and I am writing this as a representative of Akonix.

    We’re not terribly surprised that mainstream media would characterize the “invasion of IM” the way WSJ did, but we are certainly disappointed and dismayed that the writers and editors at mainstream publications have not caught up with the fact that IM is being adopted, modified, secured, and implemented in business for business-critical communications and transactions.

    The “news”, as you wrote, is not news at all. Early adopter industries like financial services have been using IM applications for a few years to conduct transactions and conduct broker/client communications. Check out IMtrader from Pivot Solutions at www.imtrader.com. Other companies use IM to offer enhanced customer service by putting a chat button on their support websites. Akonix has enabled companies to add these secure communications media to their mix and sees innovative new uses for IM and presence every day. I’ve personally been using IM in one form or another at work for business purposes since 1984, and I used an early form of IM to collaborate on research projects at Worcester Polytechnic Institute as early as 1979. From the Akonix perspective, we launched our first IM security and compliance products in 2002, and along with the two other companies who are certified by AOL, Yahoo, and MSN to inspect IM traffic, we’ve helped thousands of companies, comprising millions of employees, to use IM safely, securely, and legally.

    So why does the mainstream media write a story in July of 2007 about an item that should have become a non-issue three or four years ago? Why do 75% to 85% of American companies still not have any sort of control over their employees’ use of IM in the workplace? Why does the WSJ write a story about IM “invading the office” in July, when they covered the Mark Foley IM scandal just nine months ago, with a story all about the risks of IM use in the workplace? (”Those IMs Aren’t as Private as You Think: Recent Scandals Highlight Ways Instant Messages Can Haunt You” By AMOL SHARMA and JESSICA E. VASCELLARO, October 4, 2006.)
    [http://online.wsj.com/public/article/SB115991992052181850-ODxRekfJMlSugk2EzRySs2dU00s_20061102.html?mod=tff_main_tff_top]

    We think it’s primarily because there remains a perception among IT professionals that IM is not an application that has technical value. [Note the distinction between TECHNICAL value versus BUSINESS value. It’s an important distinction.] It’s a “toy”. “It’s something the kids use.” “It’s not an application I should waste time on.” “It’s not a corporate grade application, and won’t help me advance my career.” IT folks, by nature, are quite elitist about technology. We’ve all either said or heard the “why would anyone need that?” response to a simplistic, non-difficult application like IM or email (or a PC in 1981). So the people who would be expected to manage, administer, and secure the use of this particular application in their organizations are people who simply can’t understand why anyone would want to use it. And why should they? I want my IT people to be way smarter about technology than I am. I want people who can make 10-terabyte data warehouses sing and dance rather than wasting time on free consumer goodies. I really can’t blame the general IT population for turning up its nose at instant messaging. I do hope, however, that readers of SearchSMB.com and other IT related publications will see that IM is being adopted for its advantages as a real-time, instantaneous communications medium for short conversations, and that as such, it needs to be managed with the same care as email.

    The problem of 75% of companies having unmanaged IM use is a chicken-and-egg problem. Because IT doesn’t see techie value in IM, they’re ignoring it. Because they’re ignoring it, there’s no news about it. Because there’s no news, the techies ignore it. And on and on. It’s like negative viral marketing.

    In 2006, I was interviewed by a writer commissioned by Microsoft to do a story on IM management and how Akonix added value to Microsoft Live Communications Server. After some of the standard Q&A, she changed her tone of voice and said “Now, you don’t really think anyone uses this chat stuff for work, do you? I mean, this is stuff kids use, with that crazy lingo they use. No one should be using this stuff at work, right?”. So this is an experienced writer, with years of reporting and writing on networking and computing topics, PAID BY MICROSOFT TO ADVANCE THEIR INSTANT MESSAGING AGENDA and promote their products, who absolutely “doesn’t get it” [her words] and can’t believe that anyone would be so foolish as to use IM at work. How can we expect the IT population to “get it” if there is no one (other than Shamus) writing about it?

    The situation is a lot like the earlier disruptive computer technologies. PC’s, the Internet, e-mail… Each of these technologies was something that individuals brought to work on their own, was openly resisted by IT departments, and finally was brought into the corporate IT fold only after much gnashing of teeth and kicking and screaming by IT professionals. But this one seems different somehow. The irrationality of IT people who we see every single day who simply ignore IM and hope it goes away is less explainable this time. How can the IT departments at three quarters of American companies be so blind to the fact that most of their employees are using IM for good reason, but are creating huge liabilities and risks for their employers?

    For our part, we continue to educate through things like the IM Security Center at www.imsecuritycenter.com and our risk management center at www.akonix.com/riskmgmtforIM, and of course the other providers mentioned in the article do the same. Interest in the topic continues to grow, but we haven’t seen the big AHA! yet. Depending on who you read, there are still over 200,000 companies in the U.S. that have employees using IM at work whether sanctioned or not. Every single one of those companies has risk and liability because of that use.

    There are four categories of risk: (1) risk of virus/spyware/trojan infection through the IM vector, (2) risk of “data leakage”, i.e. employees sending confidential information out of the company, (3) inappropriate use, i.e. if Johnny harasses Janie over AOL, the employer has a hostile work environment liability (or, to make it more dramatic and bring it on home, if one college student uses IM over a University network to send threatening violent messages to other students, and then shoots and kills 30 students, the University has a liability for not having monitored its network for inappropriate use), and (4) risk of non-compliance to electronic records laws and regulations. We like to keep it simple. We tell our prospective customers that our products “keep the bad stuff out, keep the good stuff in, and protect you from yourself”.

    When IT people do a better job of listening to what their constituents want (e.g. I want safe, secure, compliant IM at work), they will take action to provide it properly. When that happens, the mainstream press will see and report on the adoption of this productivity-enhancing communications medium.

    Comment by Don Montgomery — July 25, 2007 @ 2:05 pm

  2. I think businesses need another IM systems.

    Public IMs can hurt your computers, its too hard to control them.

    Comment by agreen — July 26, 2007 @ 5:09 am

  3. I still use email! Actually, I’ve been using BigString, and found its a great way to send out emails that self-destruct!

    Here’s some info if your interested:
    BigString (http://www.bigstring.com), the new free webmail program, offers revolutionary features. When you send mail from your BigString account, you are protected. BigString is like an automatic shredder for your email. You can self-destruct or change an email that’s already been sent or read. Don’t leave your messages sitting in peoples’ inbox forever.

    Comment by Michael — July 26, 2007 @ 12:15 pm

  4. Regarding the story by Carola Mamberto headlined “Instant Messaging Invades the Office” in the July 24, 2007 edition of The Wall Street Journal, there’s a story behind the story. Carola Mamberto failed to attribute any of the material to Evan Rosen, a blogger and author of two books on collaboration including The Culture of Collaboration http://www.thecultureofcollaboration.com
    which our company published. Evan developed and proposed the story on how IM is changing workplace dynamics to The Wall Street Journal, and he provided much source material to Carola Mamberto including pre-qualified company contacts and a copy of his new book.

    Mamberto interviewed Evan extensively face-to-face about IM and collaboration, and 3 out of 4 of the company examples in the story came from Evan—SAS, Constellation Energy and Industrial Light & Magic. In fact, Evan writes about how SAS and Industrial Light & Magic use IM in his book! An account of how IM is impacting workplace dynamics at SAS replete with quotes from CIO Suzanne Gordon appeared in a book spin-off story by Evan in the January 4, 2007 issue of NetworkWorld. Here’s the link:
    http://www.networkworld.com/research/2007/010807-collaboration.html
    Did Carola Mamberto attribute any of the material to Evan or quote him? No. Instead, she quoted two people affiliated with east coast universities. These so-called experts have done little or no work on real-time collaboration or IM.

    Why should anybody care that The Wall Street Journal burned our author? Well, this is all too common with old media outlets. Rather than give credit to people who are the real authorities, these bastions of journalism prefer to appropriate ideas without attribution and then round up the usual suspects or people with certain approved affiliations for “big-picture quotes.” This is exactly why the blogosphere is giving old media a run for its money. Bloggers and podcasters can disseminate information directly without old media filtering, appropriating, or failing to attribute their material. It’s no wonder that old media readership is declining and the business model is in trouble. As old media outlets struggle to remain relevant, they are doing more gatekeeping than reporting. Information consumers increasingly prefer their information served straight up and unadulterated with the writer’s bias obvious rather than oblique.

    Katherine
    Red Ape Publishing

    Comment by Katherine — July 26, 2007 @ 3:19 pm

  5. re:
    Comment by agreen — July 26, 2007 @ 5:09 am

    “I think businesses need another IM systems.
    Public IMs can hurt your computers, its too hard to control them.”

    It’s not hard at all. You simply need to purchase the right product, and there are only three that are certified by AOL, MSN, and Yahoo to do it. Akonix is one of them.

    Saying it’s too hard to control them is like saying it’s too hard to talk to someone in Boston when you’re sitting in New York just because you never heard of a telephone. PURCHASE A PRODUCT THAT DOES THE JOB. Products that monitor, filter, archive, scan for malicious code, and enforce policy for the use of AIM, Google Talk, MSN Messenger, ICQ, Yahoo Messenger, and most any other public or private IM network have been around since 2002.

    Don’t take my word for it; I work for one of the companies. Read the report that reviewed the leading products in Network Computing mag at http://www.networkcomputing.com/article/printFullArticle.jhtml?articleID=197001792

    And read right in TechTarget’s own pages, the “Hot Pick” review at http://searchsecurity.techtarget.com/magazineFeature/0,296894,sid14_gci1257253,00.html

    -DKM-

    Comment by Don — August 16, 2007 @ 2:46 pm

TrackBack URL

Leave a comment