IM Secure: Instant Messaging Security

AOL’s Instant Messenger, Microsoft’s MSN Messenger and Yahoo’s Messenger have long been popular among home users and have now made their way onto many business PCs. However, they may expose sensitive data or open a new door for hackers to get into corporate networks.

Outsiders can monitor messages that employees send over the public IM networks because the IM servers that employees connect to often lie outside a company’s network. In addition, viruseswhich exploit security holes in all three popular IM applicationshave spread this year.

Nearly half of the 506 million IM users expected online by 2006 will be business users, according to IDC (a sister company of CSO’s publisher), which expects the IM market to boom from $72 million in 2001 to $781 million in 2006.

To protect themselves, companies must gain control over unauthorized use of public IM networks, according to Yankee Group Program Manager Paul Ritter. Companies can secure their IM traffic by bringing IM infrastructure in-house through proprietary products like IBM’s Lotus Sametime, Microsoft’s Exchange or Communicator’s Hub IM, he says. The Goldman Sachs Group, J.P. Morgan Chase, Merrill Lynch, Salomon Smith Barney Holdings and Sanford C. Bernstein & Co. are deploying Communicator Hub IM to their employees and offering it to their customers. The product allows user authentication and secure messaging.

Ritter expects to see consolidation among IM vendors during the next 12 to 18 months and prices for enterprise IM products to drop 30 percent.