Better Security in Instant Messaging

Sue Marquette Poremba

A lot of time is spent talking about security in the cloud, security on mobile devices, security on PCs, security on Twitter, Facebook and other social media sites. But what about security issues in instant messaging?


Tom Powledge, vice president of product delivery,, said in a release:

Slide Show

Nine Instant Messaging Best Practices

Essential etiquette rules for instant messaging.

Instant Messaging is becoming a popular tool for internal and external communications in organizations of every size. According to Symantec Intelligence, 1 in 11.3 links sent over IM link to malicious Web sites while our Symantec Instant Messaging survey revealed that fewer than half of the organizations surveyed have suitable controls for monitoring IM. The casual nature of IM paired with a tendency to de-prioritize IM security leaves organizations susceptible to compliance breaches, data loss and malware infection.

On its blog, Symantec invited readers to take a survey on how they use IM. I've used IM for work and personal use for years and I've gotten plenty of spam and questionable links sent to me in the past. The survey asked about use of IM and email to send files, links and important messages, and it also wanted opinions on the security and safety of these two forms of communication.


The survey first came out in October and found that IM poses significant risk to organizations. Approximately 60 percent of respondents use IM to communicate with contacts outside of the organization and 43 percent use it to share content not related to work. A further 29 percent reported using IM to send information they would not want their boss to know about.


These results came with the announcement of the release of Symantec's Instant Messaging (, which addresses security and compliance issues for corporate instant messaging platforms and it is one of the first SaaS vendors to support Microsoft Lync users. It scans messages and attachments for malware, blocks malicious URLs, protects organizations from data loss and logs messages for compliance purposes without the need for additional hardware and software.


Personally, I'm a big fan of instant messaging. I like the ability to do a live chat without having to pick up the phone and disrupt other things I'm working on, and it doesn't have the uncertainties of email - did the email get through? Did the recipient see it? I'm glad to see that security for IM is getting a boost. As Chris Christiansen, vice president of security products and services, IDC, said in a release:

Instant Messaging in the workplace is becoming ubiquitous for both internal and external communications in organizations of every size. But this popularity is one reason why organizations are vulnerable to the risks that come with using desktop IM clients. Corporate IM needs the same high levels of malware protection and regulatory compliance required of email and Web services.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.