Media General has been encouraging employees in its
interactive division to use America Online's AIM public
instant-messaging network since 2001. But after two years, the
company's IT department became very concerned about the unmonitored
and unmanaged use of instant messaging.
"I was worried about viruses, file transfers, because it was
going around protections we already had," said Mike Miller, the
company's director of support services.
"I realised the majority of our instant messaging traffic was
between coworkers here, who could be asking each other 'what is the
password for this server?' and that was going off to AOL and coming
back, which wasn't very secure," he added.
He got the green light from the company's chief information
officer to evaluate products to manage, control and secure the
company's instant messaging usage.
Media General chose IM Manager from IMlogic, which has security
features, such as virus scanning, file transfer control, spam
filtering, user authentication and instant messaging traffic
routing; compliance features such as logging and archiving of
instant messaging sessions and content filtering to flag language
deemed inappropriate; and IT control features, such as user access
control and screen-name registration.
IMlogic is one of three recognised leaders in what are known as
instant messaging gateways, along with Akonix Systems and FaceTime
Communications. These three suppliers' products all provide IT
departments with software tools to manage instant messaging use in
the workplace.
Soon after Media General installed IM Manager about one year
ago, the tool proved useful. "We found abuse by some users who
rather than doing their jobs, were doing instant messaging their
entire shifts," Miller said.
Media General has about 130 instant messaging users, out of
about 8,000 employees. The company owns newspapers, TV stations and
websites.
The process Media General went through - from promoting the
unmanaged use of workplace instant messaging, to realising the need
for IT control, to choosing a tool to accomplish that - is a
process that is happening in many IT departments around the
world.
According to a recent study by The Radicati Group, instant
messaging is used in 85% of all enterprises in North America, while
20% of all enterprise users worldwide use instant messaging today.
Radicati expects 80% of enterprise users will use instant messaging
by year-end 2008. By the end of 2004, there will be 42 million
enterprise instant messaging users, according to the research
group.
Because becoming a user of a public instant messaging network,
such as the ones from Yahoo, AOL and Microsoft, is free and easy,
users worldwide have linked their work PCs to these instant
messaging networks without consulting or informing their IT
departments.
In the process, employees have made their companies' computing
environments vulnerable to viruses, spyware, spam, hackers and
Trojan horse software programs. They have also put their companies
at risk of violating an increasing number of laws and regulations
that require certain industries to log and archive work-related
instant messaging sessions.
IT departments have two options in addressing the use of instant
messaging in their organisations:
- Get their users off of the public instant messaging networks
and install an inherently more closed and proprietary enterprise
instant messaging platform behind the firewall such as Microsoft's
Live Communications Server (LCS) or IBM's Lotus Sametime; or
- Leave the users on the public instant messaging network of
their choice and install an instant messaging gateway product that
monitors and filters instant messaging traffic and flags problems
related to usage, security and compliance.
So far, the second option has been most popular, primarily
because it has been generally less expensive, more transparent to
end-users and simpler for IT to manage. Most of the instant
messaging use within corporations is still over free, public
instant messaging networks, according to the Radicati Group.
Instant messaging gateway software was also the option merchant
bank Thomas Weisel Partners chose when it bought FaceTime's IM
Auditor. Since its founding in 1999, the bank had allowed employees
to use public-network instant messaging.
"We were in denial for a while. There was a lot of instant
messaging usage back in 1999 and 2000 and we just kind of said 'ok,
whatever,'" said Beth Cannon, the bank's chief security officer.
But concerns led the bank to implement the FaceTime product in
September 2001.
Since then, a variety of laws and regulations related to the use
of instant messaging in the financial industry have been created,
and FaceTime helps the bank comply with them. "Whatever we do [with
instant messaging] we have to log it and archive it, so even if we
decided to move to an enterprise instant messaging platform, we
would still have FaceTime," Cannon said.
While IT departments seeking to control instant messaging are
currently content with tools from small, start-up suppliers, they
may eventually be presented with options from bigger, established
suppliers, especially those in related areas such as security,
systems management and messaging and collaboration.
Considering that the three instant messaging gateway leaders are
small and young - FaceTime, founded in 1998, is the oldest and has
the largest staff with about 130 employees - should IT managers and
chief information officers who have invested in their products be
concerned about these suppliers' future in light of potentially
crushing competition?
After all, instant messaging gateway suppliers have nabbed as
clients large, global companies. IMlogic's clients include Merill
Lynch and Bear Stearns, FaceTime's include Wachovia and NCR and
Akonix's include Cingular Wireless and Qualcomm.
Industry experts agree that instant messaging gateway suppliers
in general have got a strong head-start and developed expertise
that is so deep and specific that no newcomer, no matter how large
and mighty, will be able to match them for at least two years. The
potentially bad news is that it's hard to know what will happen to
instant messaging gateway suppliers in the long run.
In the meantime, analysts say IMlogic, Akonix and FaceTime today
are the best at what they do and, although all three are private
companies and as such do not disclose financial details, they seem
to be succeeding in a growing market.
"Instant messaging management suppliers are where the money is
today. They have a great business model and they're solving a lot
of problems for companies," said Genelle Hung, a Radicati Group
analyst. "Of course, in five or six years, it might be a very
different landscape but these instant messaging management
suppliers have a long-term approach to their business and their
products. They're not here to make a quick buck and disappear."
A potential threat comes from IBM's Lotus division and Microsoft
with their respective enterprise instant messaging platforms,
Sametime and LCS. Clearly, both suppliers want to continually
expand their platforms' capabilities, but executives from both
companies concede that IBM and Microsoft either can't provide or
aren't interested in developing functionality the instant messaging
gateway suppliers already offer.
"We definitely see them filling out the partner ecosystem and
being very much an add-on set of solutions that extend an LCS
environment," said Dennis Karlinsky, LCS lead product manager at
Microsoft.
"The instant messaging gateway suppliers provide high-value
services on top of Sametime," said Ken Bisconti, vice-president of
collaboration and human interaction products at IBM's Lotus
division.
Still, instant messaging gateway suppliers can't let their guard
down, another analyst said. "These instant messaging gateway guys
will be challenged to come up with ways to stay ahead of Microsoft
in particular, which has a history of co-opting utility functions
that third-party providers have found a niche in and then cutting
them out of that market," said Lou Latham, a Gartner analyst.
Other potential competitors are providers of systems management
platforms, such as Computer Associates with Unicenter,
Hewlett-Packard with OpenView and IBM with Tivoli, and providers of
security software, such as Symantec and McAfee.
However, executives contacted at each of these five
organisations all played down the possibility that their respective
platforms would be extended in the near future in any significant
way to encroach into instant messaging gateway functionality. In
fact, partnership relationships already exist between instant
messaging gateway suppliers and many suppliers in these spaces.
"Potentially as this space grows, one of those large suppliers
could start doing something similar to what instant messaging
gateway suppliers do. No question about that. But it's an
interesting dilemma (the large suppliers) face" over which instant
messaging gateway features to develop themselves, said Joe Laszlo,
senior analyst with Jupiter Research.
Overall, IMlogic, FaceTime and Akonix are guarding their space
well, Laszlo said. "Even in the face of competition from more
established suppliers, instant messaging gateway suppliers are well
enough established and will probably be around for the long
haul."
This should bring a sense of relief to IT professionals who are
relying on these tools to perform the important task of protecting
their company's IT infrastructure from potential threats brought
about by workplace instant messaging use.
Juan Carlos Perez writes for IDG News Service