Support WU
Search
A-Z Index
 
 
Willamette Home MBA: Atkinson Graduate School of Management
 
 
 
ignore

Proper implementation key to success of instant messaging in business

Brian Coon

The beeping of Mike's pager brought him from a deep sleep. He looked over at the clock, 2 a.m. The pager responds to server crashes at his technology company, a top priority emergency. Mike rolled out of bed and stumbled over to his computer. He brought up a secure site listing the status of every corporate website on the system. All sites were down indicating a severe server crash, time was critical. Mike was 30 minutes from the office and at this hour, telephone calls were routed to the answering system. The quickest solution for Mike was to log in on instant-messenger and hope John was working late. Crossing his fingers, he logged in. JTran, Status: Online. Mike immediately sent John an instant message.

Mike: “John the servers are down. Can you go in the server room and I'll walk you through the steps to reset them?”

JTran: “Sure, I'm on my way in there right now. Lucky I was working late!”

IM is revolutionizing business communications similar to the way email changed the face of business in the 1990s. Managers increasingly feel the pressure to promote multi-tasking and improve employee and business productivity and profitability. IM reduces the costs associated with meetings and long-distance phone calls and provides a quick and easy way for employees to correspond throughout the day.

But IM has its drawbacks--the most serious of which is security.

Eighty percent of primarily large corporations and government agencies acknowledged financial losses due to computer security breaches, according to a study conducted by the Computer Security Institute and the FBI in 2004.

Personal information is also vulnerable when sent via traditional IM programs like AOL Instant Messenger and Yahoo because the programs are continuously connected to the Internet. Last year, IM-borne viruses rose 400 percent, with IM playing a role in 40 percent of the top virus threats, according to Internet security firm Symantec.

IM security is not the only issue. The Securities and Exchange Commission (SEC) and the National Association of Securities Dealers (NASD) now require that IM transcripts in the financial services industry be retained for three years.

Finally, IM opens the door to inappropriate behavior. Because some employees are often unaware of the possibility of monitoring, incidents such as sexual harassment may precipitate through IM traffic. The behavior may even include a supervisor or manager discussing employee job performance, or a research intern divulging trade secrets.

So what must managers do to ensure that they are able to enjoy the benefits of IM while avoiding potential drawbacks?

  1. Establish policies regarding the use of IM in the workplace.
  2. Avoid using home-based IM services.
  3. Install effective technical barriers.

Corporations can't monitor IM conversations without informing employees. Doing so violates the Federal Wiretap Act because an employer must capture the message traffic as it occurs, in real-time. A solid company policy regarding IM usage solves this problem.

According to the global advisory firm International Data Group (IDC), “the best defense is to have employees consent to instant message interception. A stand-alone policy could be crafted or existing email and telephone polices could be amended.” The instant message policy should address:

  1. What information will be collected?
  2. When the information will be collected.
  3. How the information will be collected.
  4. How the collected information will be used.

Home-based IM programs, downloaded from the Internet, are an open line to the outside world and vulnerable to inadvertent disclosure of sensitive information. Managers should restrict download access on desktop computers if at all possible to prevent installation and usage of home-based IM software. If an employee must have download privileges, managers should ensure that a policy concerning home-based, personal IM software downloads is established.

Whatever policy is adopted, it is important that effective barriers are installed on the network to prevent unauthorized activity. Employees should not be able to circumvent network security protocols. If an organization is unable to implement such protocols, software that monitors IM and emails is available. Compared to the costs associated with a lawsuit or unauthorized disclosure of sensitive information, a few dollars spent per employee on IM security is money well-spent.

Please help AMT improve by sharing your feedback

 
Current Issue | Editorial Board | Author Biographies | Subscriptions | Contact Us
Willamette MBA Home | Full-time MBA Formats | MBA for Professionals | Executive Education | Employers & Corporate Partners | Alumni & Friends | Current Students

Willamette University | A-Z Index | Search | Support WU
The Atkinson Graduate School of Management
900 State Street, Salem Oregon 97301
(503) 370-6440 or (866) MBA-AGSM – mba-admission@willamette.edu
1120 NW Couch Street, Suite 450, Portland, Oregon 97209
(503) 808-9901 or (866) 385-PMBA – pmba@willamette.edu
Comments or Questions? webmaster@willamette.edu
11/12/2005 2:34 PM