Instant messaging guns for the enterprise

A slew of IM (instant messaging) tools debuted this week, boasting advanced security and administration features deemed necessary for corporate acceptance.

Smaller vendors such as WiredRed Software Corp., Omnipod Inc., and Akonix Systems Inc. are making a serious run at the enterprise, fortifying IM with security tools and reporting features largely absent from popular public services from the likes of America Online Inc., Microsoft Corp., and Yahoo Inc.

Most large companies today are contemplating how to satisfy employees who are clamoring for IM, according to Matt Cain, vice president at the research firm Meta Group Inc., in Stamford, Conn. Until now, many organizations have made due with public services such as AIM (AOL Instant Messenger) or Microsoft MSN Messenger, which have been plagued with viruses and security holes in recent months.

“These systems are typically insecure, with no user authentication, no encryption, auditing, or archiving,” Cain said. “They are also outside the control of central IT and can bring in destructive payloads like worms and viruses. Most organizations are looking for some alternative to these public mail networks.”

One vendor taking aim at the enterprise is San Diego, Calif.-based WiredRed, a provider of secure enterprise IM tools. On Monday, the company introduced the e/pop Audit and Reporting Server. Designed for use with the e/pop Enterprise Server 3.0 IM system, the Audit and Reporting Server can capture data from the messaging system for meeting regulatory compliance requirements in the financial and healthcare industries.

The server records information such as remote administration logs, presence, user status, date, time, message content, and “to” and “from” data, according to WiredRed officials. In addition, administrators can generate reports using the server’s built-in data mining functionality. Reporting features include creation, management, and query, as well as wizards for data mining. The captured data also can be exported to Microsoft SQL, Access, Excel, and Oracle databases, company officials said.

Senior-level management at large enterprises are recognizing the need for secure IM that can stand up to regulatory requirements, according to Allen Drennan, founder and CEO of WiredRed. “We are seeing new, large network buyers coming from the perspective that they know IM is something employees want, but they need to manage and secure it so it is not a business risk to their organization,” he said.

Furthermore, the e/pop Audit and Reporting Server meets requirements for supervisory access to electronic correspondence. Using roles and permissions, the server allows enterprise to designate specific individuals with the right to access multiple levels of data in the e/pop system based on customized hierarchy information, according to company officials.

Meanwhile, upstart Omnipod this week released POD (Professional Online Desktop) 2.0, a hosted, secure IM and file-sharing system for intranet and extranet environments. POD offers centrally controlled file sharing, allowing documents and folders of any size or type to be shared, transferred, stored, and backed up in a secure environment, according to company officials in New York. The system also features log-based audit trails and access control levels to meet business needs.

Also addressing IM security, Akonix Systems later this month plans to roll out Akonix L7, a perimeter security gateway designed to protect corporate networks against so-called rogue protocols used by public IM and peer-to-peer file-sharing services.

Akonix L7 provides a buffer to the corporate network by intercepting rogue protocols at the network perimeter and controlling them based on corporate policies, according to Akonix officials in San Diego. The activity is then archived, providing reporting data for analysis and regulatory compliance.

Additionally, IMpasse Systems on Tuesday introduced Version 1.0 of its IM privacy and security software designed to inject a layer of security into public IM services including AIM, MSN Messenger and Yahoo Messenger. IMpasse 1.0 is a lightweight IM encryption gateway that uses 3072-bit modulus RSA encryption for automatic key exchange and 448-bit CBC mode Blowfish encryption for conversations, according to Chris Matteo, president of Impasse in New York.

Heavyweights are also responding to the growing enterprise appetite for secure IM. In February, Microsoft announced a licensing agreement with IMlogic to embed IM archiving technology into future versions of its enterprise IM products. IMlogic’s archiving system offers the ability to record, index, search, and audit IM messages. Microsoft has not yet announced specific products or release dates.