Experts: Keep an eye on employee IM use
Safe instant messenger (IM) use in the workplace is dependent on enforcement of company regulations and monitoring new threats, researched major security firm recommended this week.
While 60 percent of companies monitor and secure email, nine out of ten organizations lack any security structure for IM, according to researchers from Symantec.
Malware is a major IM issue for enterprises because threats for the communications platform are unique and growing rapidly - infecting a growing number of users when combined with social engineering.
Messenger use also increases the risk of lost intellectual property and sensitive information, according to Symantec, and can lead to legal risks, since many employees do not realize IM conversations are subject to human resource department policies.
IM conversations are also subject to corporate governance statutes, including the Sarbanes-Oxley Act or the Health Insurance Portability and Accountability Act.
Lee Weiner, senior product manager at Symantec, told SCMagazine.com today that security issues with IM are similar to those with email.
"I think one thing that's happening is that companies are starting to use IM because of the benefits, in reducing costs in travel or costs of using email. People need to understand what the risks are," he said. "In some cases, people are misusing IM in the same way they misuse email."
The worm, W32.pipeline, delivers an executable file after the user views what appears to be a .jpg file. It then dials out to host computers and distributes the worm through a user's buddy list.
David Hahn, senior product manager for MessageLabs, told SCMagazine.com today that corporate IM use has been driven by employees and not the IT professionals.
"Email is the de-facto communications of choice in today's environment," he said. "IM is rapidly growing because it's driven by employees, and not the IT administrators. It's almost a reversal of how technology is propagated."
Click here to email Frank Washkuch Jr.