Home » Data Protection » Network Security

How to Evaluate and Use Enterprise Instant Messaging Security Tools

As popular as instant messaging has become, most enterprises have neither policy nor technology in place for securing IM. Here's expert advice for getting the message.

June 16, 2008 — Messaging security is not just for e-mail anymore, especially with more employees using public instant messaging platforms in the workplace. According to Gartner analyst Peter Firstbrook, public IM has become an e-mail alternative for distributing viruses and other malware. IM security vendor Akonix reported recently that it had tracked 20 new pieces of malicious code in February, an increase of 43 percent over January. On the outbound side, IMs can contain objectionable, illegal or otherwise sensitive content.

At the same time, only 10 percent of organizations have formal IM policies, according to a 2007 Burton Group survey. Of those, only half secure the application. Many don't even know whether employees are using IM.

Enter IM security software. Whether in the form of appliances, hosted solutions, software modules or features of other Web and e-mail security systems, the role of IM security is to protect against inbound threats like viruses, worms, spyware and messaging spam (also called SpIM); use content filtering to prevent outbound threats caused by information leakage; log and archive all IM conversations; and ensure compliance through policy enforcement, auditing, archiving and access controls.

The IM Security Market Outlook
The IM security market is dominated by three companies with products that were originally dedicated solely to protecting IM: FaceTime, Akonix and Symantec (after it acquired IMlogic) See IM Security's Three Kings for a look at these vendors' products. But a growing number of companies offer components of IM security, including Web security gateway, e-mail compliance, archiving and security providers like St. Bernard Software, Trend Micro, Barracuda Networks, Secure Computing and Websense.

Other companies, such as MessageLabs, Postini, MX Logic and FrontBridge, offer hosted IM security solutions.

According to Firstbrook, Akonix and FaceTime are ripe for acquisition by a larger, established security vendor. "You don't want to treat IM as an island because it's not," he says. IM authentication, threat protection and archiving will likely be subsumed by vendors of antivirus software, established gateway devices (firewalls, proxy servers and URL filters) and archiving vendors, Firstbrook says.

Meanwhile, IM infrastructure vendors such as Microsoft and IBM will likely enhance native IM security requirements, increasingly marginalizing vendors dedicated to IM security, he says.

Key capabilities
Archiving. According to Firstbrook, IM messages are not automatically saved by IM systems (either public or private), so companies may require a secure repository for compliance or other security reasons. Some vendors offer repositories that are searchable and/or integrate with e-mail archiving systems. At CEVA Logistics, Tony Taylor, manager of global network operations, chose FaceTime's IMAuditor because it enables him to capture and replay actual IM conversations. "Otherwise, we don't have pristine evidence," he says.