Symantec Corp’s MessageLabs has added an instant message security service that will provide organisations with a way to monitor, manage and audit the use of public IM networks as a channel for business communications.
The MessageLabs Instant Messaging Security Service is essentially a bolt-on to existing MessageLabs web and email security services, and uses the same security architecture, Paul Wood of MessageLabs told us.
“Safeguarding public IM has been very difficult to regulate and control so many organisations, particularly those in regulated sectors, simply choose to block its use,” he said. One barrier is the risk to business of threats like malware, and the problems of archiving IM communications for regulatory reasons, he added.
According to Gartner, enterprise adoption of IM is currently running at between35% and 40%, which suggests there is some concern around allowing access in an enterprise environment.
MessageLabs Intelligence research highlights that threats over IM are on the rise, especially through URL links included within an instant message that lead to malicious websites.
In late 2008, one in every 200 URLs included in an instant message led to a website supporting malicious content, such as a virus, Trojan or spyware. Today, one in every 78 URLs on IM is estimated to be malicious.
Current enterprise IM solutions tend to be associated with an email provider and can require installation of software on all machines plus ongoing admin support.
IMSS takes a different route with a managed security service that will be billed on a per user per month basis, and which promises a way of keeping IM use in control while letting end-users chose their preferred IM network.
The MessageLabs IMSS will work with all the popular IM service such as AOL’s AIM, Yahoo! Mail and Microsoft MSN. It integrates with all other MessageLabs services, and unlike its existing Omnipod IM service does not require any special client software of the downloading of an agent.
The service will also let IT monitor the usage levels of IM both internally and externally, and prevent accidental or deliberate data leakage by checking message contents for business sensitive keywords or confidential information, Wood explained.
