Instant Headache: Managing Your Instant Messaging Jesse Wilkins February 22, 2008

Agenda Instant messaging today How IM works Approaches to managing IM IM policies Better IM through technology

Instant messaging today

How IM works

Approaches to managing IM

IM policies

Better IM through technology

What is instant messaging? Communication between users in real time over the Internet Most often one-to-one; some clients support group chat Indicate presence and status Send and receive messages Manage contacts (“buddy lists”)

Communication between users in real time over the Internet

Most often one-to-one; some clients support group chat

Indicate presence and status

Send and receive messages

Manage contacts (“buddy lists”)

The IM client

Origins of instant messaging 1980s: BBSs allowed some person-to-person chat in real time Early 1990s: “On-Line Messages” 1996: ICQ debuts 1998: Introduction of enterprise IM Lotus Sametime 2000: Open source-based Jabber debuts

1980s: BBSs allowed some person-to-person chat in real time

Early 1990s: “On-Line Messages”

1996: ICQ debuts

1998: Introduction of enterprise IM

Lotus Sametime

2000: Open source-based Jabber debuts

Where is IM today? 12+ billion instant messages sent per day in the U.S. More than 46.5 billion per day worldwide by 2009 1.2 billion users worldwide by 2009 96% of organizations use IM today Up to 75% of usage is commercial clients

12+ billion instant messages sent per day in the U.S.

More than 46.5 billion per day worldwide by 2009

1.2 billion users worldwide by 2009

96% of organizations use IM today

Up to 75% of usage is commercial clients

Where is IM today? 34% of current traffic is business-related Most IM networks support audio, video Most IM networks support file transfer Most IM networks are not managed Most IM networks are not interoperable

34% of current traffic is business-related

Most IM networks support audio, video

Most IM networks support file transfer

Most IM networks are not managed

Most IM networks are not interoperable

The four stages of IM Unfamiliarity “ We don’t use IM – that’s for my kids!” Prohibition “ Use of IM is grounds for dismissal” Acceptance “ Don’t do evil” Optimization Compliance, efficiency key goals

Unfamiliarity

“ We don’t use IM – that’s for my kids!”

Prohibition

“ Use of IM is grounds for dismissal”

Acceptance

“ Don’t do evil”

Optimization

Compliance, efficiency key goals

IM issues 1 - informality IM sessions are casual and employ cryptic shorthand IMHO, AFAIK, TTYL, LMAO IM sessions are free-flowing User names not standard (and not under organization’s control) SilentSmurf, 2Hot2Handle (!) 31% of organizations have a policy regarding IM usage

IM sessions are casual and employ cryptic shorthand

IMHO, AFAIK, TTYL, LMAO

IM sessions are free-flowing

User names not standard (and not under organization’s control)

SilentSmurf, 2Hot2Handle (!)

31% of organizations have a policy regarding IM usage

IM issues 2 - retention Sessions typically not saved on a central server May require users to “turn on archiving” Archives are retained on individual PCs Archives often saved as plaintext or XML IM is still subject to retention requirements According to content, not as own series 13% of organizations retain IM effectively

Sessions typically not saved on a central server

May require users to “turn on archiving”

Archives are retained on individual PCs

Archives often saved as plaintext or XML

IM is still subject to retention requirements

According to content, not as own series

13% of organizations retain IM effectively

Retention

Retention cont’d

IM issues 3 - functionality Threads stored by users/dates, not by subject No subject line to index! Conference/group chat capabilities File transfer capabilities Which may also bypass other filters such as email size limits and compliance filters Active URL transmission Audio and video capabilities

Threads stored by users/dates, not by subject

No subject line to index!

Conference/group chat capabilities

File transfer capabilities

Which may also bypass other filters such as email size limits and compliance filters

Active URL transmission

Audio and video capabilities

IM issue 4 - interoperability Commercial IM networks originally proprietary More standardization today Session Initiation Protocol (SIP) for Instant Messaging and Presence Leveraging Extensions (SIMPLE) eXtensible Messaging and Presence Protocol (XMPP) Different applications use SIMPLE vs. XMPP

Commercial IM networks originally proprietary

More standardization today

Session Initiation Protocol (SIP) for Instant Messaging and Presence Leveraging Extensions (SIMPLE)

eXtensible Messaging and Presence Protocol (XMPP)

Different applications use SIMPLE vs. XMPP

APPROACHES TO MANAGING IM

First step for handling IM Prohibit it!

Prohibit it!

Prohibition and technology Easy install Can't block "server" URLS, IP addresses Port-seeking behavior Simulate TCP connection to IM service using HTTP and polling Web-based IM clients: MSN Web Messenger, Yahoo Web Messenger, Google Talk, meebo, many others

Easy install

Can't block "server" URLS, IP addresses

Port-seeking behavior

Simulate TCP connection to IM service using HTTP and polling

Web-based IM clients: MSN Web Messenger, Yahoo Web Messenger, Google Talk, meebo, many others

Web-based IM

meebo 06/07/09

Meebome on a blog 06/07/09

Prohibition and culture Employees use it for legitimate reasons Informal and real-time Presencing Email overload Customers want it! See above

Employees use it for legitimate reasons

Informal and real-time

Presencing

Email overload

Customers want it!

See above

Top 5 steps for handling IM Update policies to address proper usage Train users on the policies Audit and review adherence to the policy and address gaps Implement IM gateway or enterprise instant messaging Export IM traffic to archival or records management application

Update policies to address proper usage

Train users on the policies

Audit and review adherence to the policy and address gaps

Implement IM gateway or enterprise instant messaging

Export IM traffic to archival or records management application

INSTANT MESSAGING POLICIES

Instant messaging policies Business vs. personal usage Proper “netiquette” Content transmission Archival

Business vs. personal usage

Proper “netiquette”

Content transmission

Archival

Business vs. personal usage Whether personal usage is allowed How personal usage may be constrained How business usage may be constrained Commercial vs. enterprise IM Disclaimers

Whether personal usage is allowed

How personal usage may be constrained

How business usage may be constrained

Commercial vs. enterprise IM

Disclaimers

Proper “netiquette” Same as email, e.g. No off-color jokes No disparaging remarks Proper business tone Nothing that wouldn’t be appropriate for the front page of the newspaper Proper naming, if using consumer IM

Same as email, e.g.

No off-color jokes

No disparaging remarks

Proper business tone

Nothing that wouldn’t be appropriate for the front page of the newspaper

Proper naming, if using consumer IM

Content transmission What is allowed to be transmitted? Attachments Sensitive information URLs and hyperlinks To whom may it be transmitted? Internal vs. external Public IM vs. federated EIM Certain groups or users

What is allowed to be transmitted?

Attachments

Sensitive information

URLs and hyperlinks

To whom may it be transmitted?

Internal vs. external

Public IM vs. federated EIM

Certain groups or users

Archival *That* it will be done How it will be done A note on wiretaps

*That* it will be done

How it will be done

A note on wiretaps

Training Contents of the policy Proper usage Content transmission Archival How to identify potential records IM ownership and privacy Retention and archival Security

Contents of the policy

Proper usage

Content transmission

Archival

How to identify potential records

IM ownership and privacy

Retention and archival

Security

BETTER IM THROUGH TECHNOLOGY

Enterprise IM options Gateways: Provide retention and auditing capabilities for commercial IM such as AIM, ICQ, YIM, MSN May provide some interoperability Audit usage, compliance with usage policies Enterprise instant messaging (EIM): Everyone on the same (corporate) client Tighter integration into directory services Much more granular control over functionality and usage

Gateways:

Provide retention and auditing capabilities for commercial IM such as AIM, ICQ, YIM, MSN

May provide some interoperability

Audit usage, compliance with usage policies

Enterprise instant messaging (EIM):

Everyone on the same (corporate) client

Tighter integration into directory services

Much more granular control over

functionality and usage

Enterprise IM solutions Gateways: Akonix L7 Symantec IMLogic Facetime IMAuditor CipherTrust IronIM

Gateways:

Akonix L7

Symantec IMLogic

Facetime IMAuditor

CipherTrust IronIM

Enterprise IM solutions EIM solutions: IBM Lotus Sametime Microsoft Live Communications Server IMiN JabberNow

EIM solutions:

IBM Lotus Sametime

Microsoft Live Communications Server

IMiN

JabberNow

Minimal reqts for IM solutions Provide full-text search capability across all messages Audit content Keyword/content-based Context-based (users, time, etc.) Capture and store all messages Export to controlled repository Review/markup capability (e.g. for auditors)

Provide full-text search capability across all messages

Audit content

Keyword/content-based

Context-based (users, time, etc.)

Capture and store all messages

Export to controlled repository

Review/markup capability (e.g. for auditors)

Encryption of external communications Route internal messaging inside firewall Attachment blocking and notification Virus scanning of attachments if allowed Storage of attachments if allowed URL blocking/filtering Insert disclaimers into message stream Minimal reqts for IM solutions

Encryption of external communications

Route internal messaging inside firewall

Attachment blocking and notification

Virus scanning of attachments if allowed

Storage of attachments if allowed

URL blocking/filtering

Insert disclaimers into message stream

Federation Commercial, enterprise Provide identity management Integration with directory services/LDAP Enforce corporate naming conventions Enforce communication restrictions Ethical walls External vs. internal communications Minimal reqts for IM solutions

Federation

Commercial, enterprise

Provide identity management

Integration with directory services/LDAP

Enforce corporate naming conventions

Enforce communication restrictions

Ethical walls

External vs. internal communications

Questions?

Additional resources Osterman Research http://www.ostermanresearch.com Radicati Group http://www.radicati.com Ferris Research http://www.ferris.com Forrester Research http://www.forrester.com

Osterman Research

http://www.ostermanresearch.com

Radicati Group

http://www.radicati.com

Ferris Research

http://www.ferris.com

Forrester Research

http://www.forrester.com

Additional sources cont’d ePolicy Institute http://www.epolicyinstitute.com CMP Messaging Pipeline http://www.messagingpipeline.com Instant Messaging Planet http://www.instantmessagingplanet.com/

ePolicy Institute

http://www.epolicyinstitute.com

CMP Messaging Pipeline

http://www.messagingpipeline.com

Instant Messaging Planet

http://www.instantmessagingplanet.com/

Additional resources cont’d Instant Messaging Rules , Nancy Flynn, ePolicy Institute/AMACOM Books Google Talking , Brian Baskin, Syngress Press Securing IM and P2P Applications for the Enterprise, Paul Piccard, Syngress Press

Instant Messaging Rules , Nancy Flynn, ePolicy Institute/AMACOM Books

Google Talking , Brian Baskin, Syngress Press

Securing IM and P2P Applications for the Enterprise, Paul Piccard, Syngress Press

For more information Jesse Wilkins CDIA+, LIT, edp, ICP, erm m , ecm m , bpm s Access Sciences Corporation [email_address] http://www.accesssciences.com Blog: http://informata.blogspot.com (303) 574-1455 direct Yahoo! IM: jessewilkins8511

Jesse Wilkins

CDIA+, LIT, edp, ICP, erm m , ecm m , bpm s

Access Sciences Corporation

[email_address]

http://www.accesssciences.com

Blog: http://informata.blogspot.com

(303) 574-1455 direct

Yahoo! IM: jessewilkins8511