Of the IM security products listed in our chart, only one, IM-Policy Manager, encrypts traffic with the public networks from end to end. But so many enterprises want IM that even stalwart IBM Lotus has a contract with AOL to connect the Lotus client to the AIM network. Users can see who's available on both networks, but the traffic from each is kept separate. Bottom line, employees are still sending unencrypted messages to the world at large--a high risk for leaking information. But if you insist on taking your chances by cobbling together public IM networks, you might try Akonix L7, which offers extremely granular controls for granting permissions and filtering content.

[an error occurred while processing this directive]

Like IBM Lotus, FaceTime has a contract with AOL. While many third-party vendors are in talks with the public IMs, FaceTime, which built the core technology of AOL's AIM Enterprise Gateway, has agreements to connect enterprises with both the AOL and MSN networks. FaceTime says its agreements protect it against the possibility of the public networks pulling the plug on third-party services. It's rumored that one of the big three networks has already changed its protocol since publishing its specs. If a public network adds encryption, unlicensed client-side solutions could stop working. But licensed or not, even FaceTime won't have end-to-end encryption with AOL until AOL releases its enterprise client with encryption in the first quarter of 2003. In the meantime, products such as Bantu's Messenger, FaceTime, and IM-Age's IM-Policy Manager warn users that they are in an unsecured session.

The encryption question
If you choose to keep all your IMs within the corporate firewall, you need to decide whether to encrypt at the desktop or at the server, or both. The argument stems from whether it's more dangerous to send clear text to the server, or to have employees playing with encryption schemes in the client. Companies in regulated industries have to decrypt their messages at some point in order to keep records of them in plain text. As such, encryption may be necessary before and after the recording step. Enterprise Instant Messenger (EIM) from e-Vantage Solutions encrypts at both the desktop and the server, as does WiredRed's e/pop. Breaking the mold, Bantu's encryption for its internal network happens at the desktop, but the client is any browser with a Java Virtual Machine. The applet never downloads to the client machine, but runs in a Java sandbox, where it can't reach local controls and doesn't leave code residue, which could be used to defeat the encryption.

Of all 10 products in our chart, perhaps the most exciting is Ikimbo's Agenda, which alerts groups of people to problems, and offers helpful information. For example, if a plant runs out of cocoa for its cakes, a pre-selected group--including the cocoa vendor--are brought together by the same IM window containing relevant documents and procedures. Having a plan for a potential crisis may not be unique, but instantly delivering relevant information to the concerned parties is.

To make sure such a crisis remains confidential, Agenda works on top of existing enterprise IMs such as Sametime or Jabber.

And the program won't send your company's cake recipe to the users' buddy lists.

What precautions do you take to safeguard your company's use of instant messaging? TalkBack below or e-mail us.

Previous page |   1 2

[an error occurred while processing this directive]

[an error occurred while processing this directive]