Case Studies

Messaging message

by msecadm4921

UK firms are missing out on the business benefits of Instant Messaging (IM) because of security concerns, according to research released by the IT security company Symantec Corp.  This is despite the fact that three quarters (75 percent) of office workers who use IM for work value the speed and immediacy it affords.

Findings from a nationwide YouGov survey reveal that in a world where information is exploding, if used in the right way and for the right purposes, IM can actually help ease the flow of information within organisations. More than half (55 percent) of those who use IM at work say it cuts down on email traffic and 50 percent find it more efficient than email.

Almost two thirds (64 percent) of those who use IM do so to ask colleagues questions needing immediate answers, 46 percent use it to distribute information quickly and just shy of half (47 percent) acknowledge that IM allows them to multi-task. The real-time nature of IM also means that 29 per cent of office workers who are able to utilise IM do so to conference colleagues while 45pc say that because it’s more sociable it is better for relationship building than email communication within the working environment.

Surprisingly, only a quarter (25 percent) of offices are actually taking advantage of these benefits. A general misunderstanding of IM security, combined with the perceived informality of IM is hampering its adoption. Almost a quarter (23 percent) of office workers who don’t use IM at work say their companies restrict the use of IM in the workplace due to security concerns and 16 percent do not allow it because bosses deem it unproductive. It’s a trend likely to be exacerbated given that only 28 percent of those who use it at work could confidently say that their company monitors for the transmission of inappropriate content or confidential data and almost a quarter (23 percent) mistakenly believe that conversations on IM can’t be archived for retrieval at a later date.

Symantec intelligence demonstrates that with 1 in 11.3 links sent over IM connect to malicious websites, concerns around IM security by businesses are certainly valid. However, with a better understanding of its features and uses, and with the right security measures in place, IM is ripe for a public makeover and for businesses to exploit its true potential.

Tom Powledge, vice president of product delivery at Symantec says: “This survey highlights that IM is incorrectly deemed too informal and insecure for the corporate world. But with the right measures in place companies can easily log conversations, scan for malware and block inappropriate or sensitive content from crossing the boundary of an organisation. By combining proper guidance for employees on how to use the right communications channel for the right message, IM can enable companies to improve productivity, support mobile and remote workers and gain operational efficiencies.”

In order to enable businesses to limit the risks and reap the benefits of IM, Symantec suggests the following dos and don’ts for instant messaging:

  1. DO: Adopt a user policy for instant messaging: Provide general guidelines to your employees on IM use in the workplace.
  2. DO: Actively educate employees on the benefits and risks of IM: This will help them determine which communications channel to use at which time for which content
  3. DO: Make employees aware that instant messages and conversations can be saved: Corporate IM services allow the archiving of entire messages that can be retrieved later for reference.
  4. DO: Be aware of malware infections and related security risks: Most IM services allow you to transfer files with your messages so make sure you provide the appropriate firewall protection, to safeguard from viruses and infections and that you can keep track of what’s being transferred.
  5. DO: Encourage workers to organise their contact lists to separate business contacts from family and friends: Reduces the chances of inadvertently sending company data to the wrong “Peter” or “Mary”.
  6. DON’T: fail to control IM use: IM is more immediate and more versatile than other forms of business communications but should be carefully managed to avoid the dangers.
  7. DON’T: Allow excessive personal messaging at work: This gives IM a bad name. Using a corporate IM system with monitoring reminders will help keep workers mindful and more productive.
  8. DON’T: Forget to remind employees that IM in the workplace should be regarded in the same way as any other form of corporate communication: As with email, employees should be careful in what they say. Statements made in IM about other people, their company, or other companies could damage reputations and credibility.
  9. DON’T: Be complacent about security: In the same way as email, if not managed correctly, IM messages can carry malicious links or expose sensitive information. With a corporate IM service, messages are scanned so that suspicious emails, or those that violate your policy, are automatically blocked.
  10. DON’T: Put policies in place and walk away: Set-up, monitor and enforce company rules for IM this will help employees feel more secure in using it as they do email.

Related News

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing