IM Popularity Creates Security Risk
Read this article at thechannelinsider.com
By John Hazard
New York (August 25, 2005) – Channel Insider – For some, instant messaging offers a convenient alternative to running between cubicles or floors; for others, it can provide a vital connection with customers; and for others it can be a nifty office socializing method.
Regardless of the reason, IM (instant messaging) has become a common method of communications in businesses nationwide.
With its proliferation, IM technology has opened a back door for viruses, worms and other threats to enter business networks.
At the same time, it has created a new market for security VARs looking to provide their clients total network security.
“It’s already happening, but in the next few years you will consider IM a basic part of your infrastructure,” said Francis Costello, chief technology officer at Akonix Systems Inc., an IM security vendor. “You will consider security for that technology something you wouldn’t do without.”
IM is now considered an integral tool for companies to use to communicate with employees, open direct links with potential customers and maintain customer support. But it is also a new channel by which malicious software can enter a system.
Akonix, of San Diego, Calif., is one of a handful of companies now making IM security software designed to monitor, filter and block instant messages from business networks. But the market is growing, and Costello said he expects to see an explosion in opportunity for vendors and VARs in the next few months.
“It’s the next big thing,” said Brian Deeley, general manager of Graymar Business Solutions Inc., a health care and public sector VAR in Timonium, Md. “E-mail security is so prevalent, the viruses and worms are going somewhere else to find a way into your system. You’re starting to see problems already.”
In 2005 19 major virus and worm attacks were propagated, in part, by IM technology, according to Akonix.
In addition to creating back doors into networks, IM also presents a potential outlet for secure information and protected records to escape.
“HIPAA and Sarbanes-Oxley don’t differentiate between messages sent by IM or e-mail,” said Adam Hirsch, director of security services at Net@Work, a New York-based VAR specializing in accounting and business management solutions. “The issues are the same and so are the threats. If you are only protecting e-mail, you’re only protecting half of the problem.”
Hirsch said his company will typically establish filters that block IMs with certain keywords, like “password” or the latest product line.
From a business perspective, IM security presents an impressive opportunity for VARs and resellers, Deeley said.
There are only a handful of vendors producing solutions—Akonix, IMLogic, FaceTime, and NFR Security—and relatively few VARs. Akonix now has a team of 30-40 VARs priming their own channel.
“Everyone is still focusing on e-mail. Every day two or three new people jump into the e-mail protection game,” Deeley said. “There’s plenty of room to penetrate the IM security market.”