Turn off IM

Should your company turn off instant messaging services (IM)?

commentary Should your company turn off instant messaging services (IM)?

The answer -- particularly for free, worldwide and largely unmanaged public IM services -- is yes. Evidence continues to emerge proving IM tools are more of a negative to organisations and information technology (IT) managers than a positive.

Following this editorial on spimming, ZDNet Australia  spoke to Bruce McCabe, a respected tech analyst and principal of S2 Intelligence, about IM and the enterprise. His view is damning.

McCabe estimates between 10 and 20 percent of Australian enterprises are banning IM. He bases this on a Meta Group report that estimates 16 percent of US enterprises have bans in place, as well as responses from local chief information officers (CIOs) and IT managers who have attended his workshops.

Their reasons? Firstly, IM is not being used appropriately in the workplace: CIOs and IT managers are sick of it being used by people for socialising and not for productive work. Secondly, CIOs and IT managers are worried about IM's security and auditing requirements. Why should companies invest in tools and education for these areas when IM's primary use is social anyway? May as well just turn IM off.

McCabe himself rates IM as among the most overrated of all workplace tools, describing it as an "interruptive" technology that detracts from employee performance.

One IT manager contacted by ZDNet Australia  -- whose employer allows IM use -- hardly gives the tool a ringing endorsement. He told us via e-mail that IT managers should undertake "considerable investigation into the reliability [of] IM as a business communication tool.

"Any information that is transmitted over it can be intercepted by another party, and subsequently modified, deleted or even re-transmitted, and for businesses, that can cause serious problems.

"There's also the potential of vulnerabilities and the like by using this software.

Security is a serious concern. Websense Security Labs said this week it recorded a 300 percent increase in attacks that use IM and malicious Web sites in the first quarter of 2005 relative to the last quarter of 2004.

The quite sophisticated Bropia IM worm -- and its various offshoots -- are among the dozen-plus threats identified by researchers since January. Philip Hallam-Baker, the principal scientist at VeriSign, noted wryly this week that the only thing surprising about IM threats is how long malicious code has taken to materialise.

IM is proliferating rapidly throughout corporate and personal computing. International Data Corp (IDC) reckons the number of users of consumer and business IM products is set to reach 450 million by 2007. However, at enterprise level in particular, the question has to be asked -- is IM worth the trouble?

What do you think? E-mail us at edit@zdnet.com.au and let us know.