Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Enterprises may be drawing a bead on how to establish policies for Internet and e-mail use, but they appear to be misplaying instant messaging, according to survey results that will be released tomorrow by SurfControl, a Scotts Valley, Calif. -based Internet security company.
The survey asked 7,593 SurfControl customers in the U.S. about their IT management policies governing Internet-based communications. While more than 90 percent of the respondents surveyed said they had an Internet access policy, 49 percent reported that they had no policy concerning the use of IM and peer-to-peer applications.
The lack of an IM policy leaves enterprises open to new security threats, according to Jim Murphy, director of product marketing for SurfControl. ”Instant messaging may be viewed as convenient to end-users, but the business costs are too great to leave IM usage unchecked by security policy,” he said. ”Without the proper policies and protections in place, numerous IM-borne viruses, worms, spyware applications and blended threats can jeopardize network security and cost companies hundreds of thousands of dollars in clean-up costs.”
Other surveys confirm SurfControl’s finding. Osterman Research reports that about 90 percent of organizations had employees using at least one form of IM applications in 2004. And a recent American Management Association study reported that 78 percent of workplace IM users had download free IM software from the Internet, unaware of the potential risks involved.
More troubling, according to SurfControl, is the fact that security vulnerabilities such as buffer overflows, denial of service attacks, encryption weaknesses continue to be found and exploited in all of the major IM clients.
Even more important than blocking malware, according to survey respondents, is protecting confidential data. Eighty-three percent ranked it as a major concern. Their concern is justified, according to Murphy, who noted that IM and P2P communications are almost never encrypted or cryptographically signed, making them susceptible to network snooping, modification, hijacking and impersonation attacks — making nonrepudiation impossible.
”Left ungoverned, instant messaging applications are an easy vehicle for accidental or malicious disclosure of sensitive corporate data, including company financials, personnel records and customer data,” said Murphy. ”IT managers need to work with HR to ensure that all employees are governed by enforceable rules.”
SurfControl offers the following basic guidelines to help companies minimize IM and P2P threats:
Create a well-defined corporate usage policy on the appropriate use of IM and P2P within the organization;
Communicate these policies, as well as consequences for misuse to employees;
Advise users to never follow any link in an unsolicited or suspicious IM communication, reminding them that a simple visit to a Web site could trigger multiple IT threats, and
Implement a filtering tool to identify and block in real-time both the use of IM applications and popular P2P networks.
This article was first published on InstantMessagingPlanet.com.
RELATED NEWS AND ANALYSIS
-
Ethics and Artificial Intelligence: Driving Greater Equality
FEATURE | By James Maguire,
December 16, 2020
-
AI vs. Machine Learning vs. Deep Learning
FEATURE | By Cynthia Harvey,
December 11, 2020
-
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
-
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
-
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
-
Top 10 AIOps Companies
FEATURE | By Samuel Greengard,
November 05, 2020
-
What is Text Analysis?
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
-
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
-
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
-
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
-
Top 10 Chatbot Platforms
FEATURE | By Cynthia Harvey,
October 07, 2020
-
Finding a Career Path in AI
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
-
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
-
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
-
Top 10 Machine Learning Companies 2021
FEATURE | By Cynthia Harvey,
September 22, 2020
-
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
-
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
-
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
-
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
-
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020