At Thomas Weisel Partners LLC, a San Francisco-based investment firm, CTO Beth Cannon says the companys first reaction to IM was to shut it down completely. But after the Sept. 11 terrorist attacks, when some of the companys customers didnt have access to phones or e-mail, but did have IM, she urged the company to retain instant messaging.
"It was really our customers who drove IM in here," Cannon says. The company stopped blocking IM and installed security software from FaceTime Communications that allows traders to continue using the public IM clients their customers use, but, in addition, adds the ability to archive all chat sessions and use keywords to monitor conversations and check for illegal activity.
At Rochester Public Utilities in Rochester, Minn., IT Analyst Matt Bushman saw the need for IM as a means for internal communications as well as for external ones. So, in addition to deploying software from Akonix Systems Inc., which offers many of the same features as FaceTime, his company also installed Microsoft Corp.s Live Communications Server. "We believe IM will become the preferred method of communication within business," he says, "and so we decided to take a proactive approach for internal and external communications." LCS allows employees not only to chat in real time, but also to share documents and screen shots, and to send alerts.
At about $10,000, the cost of IM monitoring software wont break the bank for most large companies. Even so, choose the system that best suits your company; and, to determine the best approach for your company, start by assessing what your staff uses IM for.
"The first step is to do an audit," says Nate Root, an analyst at Forrester Research Inc. "Get out into the trenches and find out whats being used, by whom, and for what."
Installing the monitoring software is a fairly simple task; Bushman says that, after a two-day set up, it took about 20 days to get Akonixs software up and running. Its the prep work thats the challenge, say analysts, because youve got to formulate policies around how you intend to track conversations. Will you archive all messages, or only certain ones? Should employees IM use be restricted to certain parties, and if so, which groups should be blocked? Which keywords should be used to monitor illegal activity? "This is not something the CIO can dream up on his or her own," says Forresters Root. "The legal department has to weigh in on this as well."
How, exactly, do you make IM secure? There are three common approaches: (1) invest in a security-and-management solution that layers over the public IM clients your employees are already using, providing archiving features as well as monitoring and blocking functions (META Group refers to these as "hygiene services," but they are probably best known as gateway vendors); (2) install an internal IM client; or (3) combine these two options in a custom solution.
Generally, an enterprise IM application is best if your companys IM use is mainly in-house. A "hygiene" solution is best for companies that use IM to deal with customers who use a variety of IM clients. Analysts agree that companies will eventually opt for both, but will focus for now on the hygiene services. "Most companies," says AMRs Murphy, "are still in the wake-up stage."
Ask Your CFO:
How much do we spend annually on e-mail, and how much could we save with better
Tell Your IT Department:
We need to assess whether an in-house IM product would work for us.
Ask Your Chief Strategist: