IM Popularity Creates Security RiskBy John Hazard | Posted 2005-08-25 Email Print
The proliferation of IM technology in business means new threatsand new opportunity for security vendors and VARs.For some, instant messaging offers a convenient alternative to running between cubicles or floors; for others, it can provide a vital connection with customers; and for others it can be a nifty office socializing method.
Regardless of the reason, IM (instant messaging) has become a common method of communications in businesses nationwide.
With its proliferation, IM technology has opened a back door for viruses, worms and other threats to enter business networks.
At the same time, it has created a new market for security VARs looking to provide their clients total network security.
"It's already happening, but in the next few years you will consider IM a basic part of your infrastructure," said Francis Costello, chief technology officer at Akonix Systems Inc., an IM security vendor. "You will consider security for that technology something you wouldn't do without."
IM is now considered an integral tool for companies to use to communicate with employees, open direct links with potential customers and maintain customer support. But it is also a new channel by which malicious software can enter a system.
Akonix, of San Diego, Calif., is one of a handful of companies now making IM security software designed to monitor, filter and block instant messages from business networks. But the market is growing, and Costello said he expects to see an explosion in opportunity for vendors and VARs in the next few months.
Check out eWEEK.com's for more on IM and other collaboration technologies.
"It's the next big thing," said Brian Deeley, general manager of Graymar Business Solutions Inc., a health care and public sector VAR in Timonium, Md. "E-mail security is so prevalent, the viruses and worms are going somewhere else to find a way into your system. You're starting to see problems already."
In 2005 19 major virus and worm attacks were propagated, in part, by IM technology, according to Akonix.
In addition to creating back doors into networks, IM also presents a potential outlet for secure information and protected records to escape.
"HIPAA and Sarbanes-Oxley don't differentiate between messages sent by IM or e-mail," said Adam Hirsch, director of security services at Net at Work, a New York-based VAR specializing in accounting and business management solutions. "The issues are the same and so are the threats. If you are only protecting e-mail, you're only protecting half of the problem."
Hirsch said his company will typically establish filters that block IMs with certain keywords, like "password" or the latest product line.
From a business perspective, IM security presents an impressive opportunity for VARs and resellers, Deeley said.
"Everyone is still focusing on e-mail. Every day two or three new people jump into the e-mail protection game," Deeley said. "There's plenty of room to penetrate the IM security market."