Get the message

Instant messaging (IM), a communication tool made popular by teenagers, is being explored by organisations keen to harness the business potential of its real-time capabilities

  • E-Mail
By  Peter Branton Published  July 23, 2006

|~|Analyst-Viewbody.jpg|~|Instant messaging, seen as a tool of communication for teens, is being seen as having business capabilities, especially as it can work with mobile digital devices such as cellular phones and incorporate video and voice.|~|Instant messaging (IM) is coming of age. IM used to be seen primarily as a vehicle for teenagers to communicate with each other while they were doing their homework. At that time it was viewed by organisations as a trivial distraction at work. However, there is growing awareness of some of IM’s unique features, such as ‘presence’ — an indicator that informs colleagues and associates that you are available to be contacted. Furthermore, vendors have added capabilities for document attachments, voice, and video to make it a robust tool. When you factor in near ‘real-time’ features, enterprise IM (EIM) has the potential to become more indispensable than e-mail. But before EIM can be taken as seriously as other popular forms of communication, there needs to be significantly more development of IM infrastructure in the areas of security, identity, and compliance. From a user’s point of view, the demand for real-time communication outweighs the issues imposed on the enterprise. The enterprise is responsible for setting and enforcing policy, complying with regulatory legislation, and making sure personnel are not distracted by the tools provided to increase productivity. Before we review the changing enterprise impact of IM, we need to define IM and explore the various features that differentiate it from e-mail, phone text messaging, and voice communications. IM is an internet protocol (IP)-based application that provides communication between people using a variety of different device types. The most familiar method today is computer-to-computer instant text messaging, but IM can also work with mobile devices, such as digital cellular phones, and can incorporate voice or video. EIM differs from Public IM systems in that EIM is geared towards enterprise use, therefore being more concerned with business issues, requirements and those features that help the enterprise to succeed. There are a lot of challenges that have to be overcome before EIM can become a mature enterprise communication tool. The most notable challenge is a cultural one. Historically, EIM has not been taken seriously.Communications conducted via EIM are typically informal, careless and carefree. The lack of universal naming conventions can result in disputes over what and who communicated. Not an ideal environment for conducting enterprise deals over the internet. Even though there are ongoing industry-wide initiatives to develop and propagate standards, agreement and compliance have not been reached by vendors to make EIM use truly transparent. Therefore, interoperability between different EIM systems needs to be addressed. Potential losses of productivity can result from the uncontrolled interruptions such as an inability to control pop-up windows. and to filter out the windows you want with ones you don’t. Transmissions are not secured. Lack of universal encryption or widespread use of encryption can result in confidential or secret data being exposed. As a result, threats such as malware have to be addressed. In addition, because unique protocols are used for EIM, firewalls will not be able to scan messages for content or filtered URLs or prevent viruses. There is also difficulty in complying with the various legislation and regulations. EIM is not as mature as e-mail. Compliance processes and protocols involving records retention, communication limitations between employees and auditing of communications have not been properly addressed at this time. Therefore enterprise policy enforcement is a significant challenge as EIM policies are almost impossible to enforce. While there are some products available that deal with monitoring and tracking, these products do not cover all vendor EIM offerings and situations, especially the question of privacy. Some of the features create unique privacy challenges. A user’s profile may contain very personal information that is ultimately shared with an infinite audience. The ability to know whe- re a person is (presence) also provides potentially invasive information as well. This increases the potential of network intrusion. Typically, firewalls prevent intrusions by shutting down unsecured ports. Some EIM systems search firewalls for open unprotected ports. This increases the potential for unwanted, unmonitored network and system intrusions. In the quest for EIM standards development, several enterprises have served as focal points. The Internet Engineering Task Force (IETF) develops and promotes internet standards — in particular those of the transmission control protocol (TCP) /IP suite. This enterprise is an open, all-volunteer standards enterprise, with no formal membership or membership requirements. It is organised into a large number of working groups, each group focused on a specific topic, and intended to complete work on that topic and then shut down. Each working group has an appointed chair (or sometimes several co-chairs), along with a charter that describes its focus and what and when it is expected to produce. While the IETF has been working to extend session internet protocol (SIP) to support EIM, it has also worked closely with Jabber to help them build out their competing protocol. The IETF working group is developing SIP for instant messaging and presence leveraging extensions (SIMPLE) to apply the SIP to the instant messaging and presence (IMP) suite and supporting a traditional buddy list-based instant messaging and presence application. Included might be new mechanisms for message confirmation delivery, indications for when a party is in the process of typing a message, secure buddy list manipulation operations, and the extension of the common profile for instant messaging (CPIM) presence format to describe typical EIM states. One notable example is MSN Messenger, another is Jabber. Jabber is an open platform for instant messaging created in 1999 by the Jabber open-source community. It is based on the IETF-approved Extensible Messaging and Presence Protocol (XMPP). XMPP is an open, XML-based protocol for near-real-time, extensible instant messaging and presence information. Another body aiming to set EIM standards is the Financial Services Instant Messaging Association (FIMA). It is dedicated to understanding and promoting the IM requirements of the financial services industry. FIMA’s 25 enterprise membership includes the world’s largest global financial organisations and a cross section of enterprises of all sizes that are active in the IM space. It has 24 affiliated vendors including the largest EIM vendors in the industry. Over the past few years, there have been several references in the trade press of enterprises using EIM as a key mode of communication. As more and more enterprises use IM, the scope has increased from simple internal communications, to directly supporting a trading function, to providing an inexpensive global communications medium as well as increased buy-in by major technology vendors. In 2003, enterprises started to use IM for internal communications within their domestic environments. For example, Russell Reynolds Associates, an executive recruitment consultancy, uses EIM to enhance its communications between its employees. Some organisations started using EIM for trade support in 2005. Cantor Fitzgerald’s trading desk uses EIM to communicate with its key clients and other traders, while IBM is currently using EIM to reduce its phone and phone conferencing costs. It generates over 2.5 million IMs within the enterprise each day. Sun Microsystems is another technology vendor to embrace EIM. In order to more fully understand the potential contribution that EIM can bring to the table, let us look at the legitimate enterprise uses. As mentioned earlier, presence is, the ability to know when a person is available for communicating, is one of the main reasons for using EIM in enterprise. When a user logs into their EIM system, all of the users that have that person on their ‘buddy list’ can see that this person is at their desk. In addition, anyone can indicate their level of availability or leave a message to inform them when they will be back in the office. EIM enables office workers to work on a number of tasks at the same time, speaking on the phone or messaging several clients at the same time, thereby improving productivity. In several enterprises, administration assistants use EIM to communicate information to executives when they are on the phone. This way the executive can get right back to the caller without being interrupted by their assistant. At the same time, a person has the ability to go ‘offline’ so they can concentrate on the task or tasks at hand. Enhanced real-time communication allows workers to respond more quickly than email. In addition, the addition of video, voice and file transfer makes EIM more attractive than e-mail. Many features of EIM also enhance global operations. Automatic routing of messages to global call centres enables coverage. Automated language translation enables instant communications between workers in different countries with different languages. Conferencing, where many people can EIM on the same ‘call’, at the same time is huge. Some firms have documented savings on long distance phone costs using this feature to connect employees to customers globally. This collaboration feature is the backbone of virtually all eWorkplace technologies today. ||**||EIM entensions|~||~||~|EIM has also been expanded beyond the desktop towards mobile communication. Vendors that offer such public IM systems include AIM, MSN Messenger, ICQ, Googletalk, and Yahoo. Several technology and telecommunication vendors have extended EIM to wireless hand-held devices, like cell phones, PDAs, and Pocket PCs. From an enterprise perspective, users might want to consider the advantages of certain EIM vendors. Microsoft’s Live Communications Server 2005 is a manageable and extensible IM server that provides a real-time collaboration solution, while Lotus Sametime from IBM provides instant anytime access to people and information through three on-demand concepts; presence awareness, instant messaging and web conferencing. FaceTime Communicationsis the leading provider of security solutions enabling enterprises to secure and control greynet applications such as IM, adware, spyware, webmail, peer-to-peer (P2P) file sharing, web conferencing and instant voice. Jabber’s Jabber Extensible Communications Platform (XCP) is being used by hundreds of enterprises as an out-of-the box enterprise instant messaging (EIM) solution and extending it into other real-time, presence-enabled applications and services. There are also supplemental EIM Vendors that provide supplemental products and services to enhance and protect the EIM services you already have. These include Akonix, which provides innovative solutions for the security, management, compliance and extension of IM for enterprises. These additional capabilities are critical to a mature, formal EIM implementation. Symantec offers EIM Manager 8.0. This solution seamlessly manages, secures, logs, and archives corporate IM traffic with certified support for public and enterprise EIM networks — including granular policy enforcement and security controls for files, audio, video, voice over IP (VoIP), application sharing, and other real-time communication capabilities. IM Logic’s offering has the ability to totally control enterprise use of public IM systems, such as AIM, where all messages can be captured, logged and monitored. When implementing EIM, there are several best practices to keep in mind. Firstly, to treat EIM like e-mail. Most, if not all, policies that an enterprise has developed for email apply to IM. If you adhere to thinking of EIM as a legitimate form of electronic communication and not as something your children use to talk to their friends, then you will be better prepared to deal with EIM’s challenges. An enterprise policy for IM has to be established. With the focus on electronic messaging by several regulatory bodies like the SEC and NASD, it makes sense to treat IM like any form of communication within the enterprise and establish an enterprise usage policy for IM. This policy should be very specific about what IM is to be used for and what it is not to be used for. For example, personal use should be limited. One of the major concerns is that IM is overused for personal use and that can lead to a loss in productivity. IM should not be used to send sensitive or confidential information — anything you communicate via EIM could end up as front page news. Enterprise policy has to be enforced. There are several management tools in the marketplace that will allow you to enforce your policies. These tools, such as those provded by IM Logic, which was recently acquired by Symantec, capture and log IM messages from several public IM systems, like AIM, Yahoo and MSN. These messages can then be audited for compliance. Therefore it makes sense to establish standards. Create standard naming conventions so internal and external users are not confused by who is contacting them. Several EIM systems allow users to create a library of standard messages that can then be hot-keyed into the conversation. These standards must be extended to file transfers. EIM is another source for worms, Trojans and viruses. Therefore, EIM should have the same anti-virus protection as email. In one case, an enterprise turned off the file-transfer capability of EIM and set a policy where the users could only tran- sfer files through e-mail where it could be properly scanned and filtered. Only keep IMs that are enterprise-related. Retention of IM is now considered part of an official record, so tampering, erasing or modifying IM’s after a lawsuit is initiated is against the law. While IM has a legitimate position in enterprise communications, it is being touted as a replacement for e-mail. The easy availability and accessibility of EIM software and services is one contributing factor towards its growth. Standard protocols, accepted identity methodologies, security encryption/intrusion/viruses, user training, and interoperability stand in the way of full acceptance. At the same time, the pervasiveness and continued growth of EIM has placed a lot of pressure on executives and IT support personnel to provide an infrastructure that prevents the daily issues associated with an open-ended system. Some analysts and industry experts believe that it has the potential to replace e-mail as the largest and most frequently used form of enterprise communication. In order for that to become a reality, work needs to be accomplished to formalise the IT communication service offering. By Hal Kreitzman, research director, Experton Group||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code