CAMBRIDGE, Mass. — Instant messaging has gone well beyond simply a way for kids to stay in touch and share emoticons.
In fact, according to a new report from Forrester Research, 71% of respondents to a survey of 410 software decision makers at North American and European enterprises said they would be investing in IM technology this year.
"Businesses are seeing improved productivity with the adoption of IM, which offers a more fluid communication model than both e-mail and voice communication," said Forrester analyst Chenxi Wang, author of the report.
Recommended For You
"For many, instant messaging has become an essential business tool," she said. That includes credit unions with far flung operations whose staffers find IM'ing within the enterprise network to be an effective way to quickly communicate with each other and with members.
However, the new technologies pose new concerns over security and management.
"It's another communication channel where security threats can spread," Wang said. "Worries about IM viruses, spam over IM and information leaks give organizations pause before considering the adoption of IM."
With the new technology comes new area for breaches in security, the Forrester report said. Risks include malware, phishing and IM spam (SpIM) and not regulating the channel that could lead to both infiltration and policy violations.
Since IM provides a fast flow of information from one user to another, enterprises need to monitor users, Wang said.
"Security teams want to know what threats have been encountered and stopped and what data is going out in violation of policy," she said. And legal staff would want to know if usage policies could be violated.
It is appropriate here to use the same control used in e-mail and Web usage, Wang said, including archiving the communications.
Various products that monitor and archive instant messages are on the market and are cited in the report.
"In typical enterprise deployment, you should consider products that support real-time virus scanning, deep content inspection and SpIM prevention," Wang said.
She also advised that an organization decide how important logging and archiving is before investing in a solution.
If so, "look for products that offer either native support for archiving or integration with third-party storage products," the Forrester analyst said.
Usage policies also need to be in place. Wang said it's common practice to allow some staff to use enterprise IM and restrict others, as well as to have policies that state whether to allow public use, transfer of files or use by external groups. Determining usage policies will help to determine how aggressive monitoring should be, the Forrester report said.
Managers also will need to decide if IP addresses, file attachments and embedded URLs should be permitted.
Organizations need to be consistent across all aspects of messaging to control usage, content retention and potential data leaks, the Forrester report said. It also will take some people management.
"Because many perceive IM as a casual communication tool, imposing business policies over IM can take a bit of doing," says Wang. "Don't underestimate the education component."
Users need to be taught how to use the technology appropriately, the governing policies and possible enforcement, the Forrester analyst said.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
