Companies may find that instant messaging systems improve communications between employees, but security and productivity issues must be addressed before deployment.
Instant messaging (IM) has attracted large following since its introduction, and many people prefer this more immediate communication method to email. Systems such as ICQ, and instant messengers from AOL, Yahoo and Microsoft are currently the most widely used programs for personal use.
A number of corporate IM offerings are also available or in the pipeline. Both Yahoo and Sun are planning to launch corporate IM software, and there are already business IM solutions available from globalisation and translation software firms such as WorldLingo. But IM is still in the early stages for business use. There were only 5.5 million business users of IM in 2000, according to research company IDC. But it predicts growth will be rapid, with over 180 million corporate users by 2004.
Supporters of IM say it offers business benefits. Phil Scanlan, chief executive of WorldLingo, which offers a multilingual IM system, said the immediacy of IM benefits companies, as it lets groups of employees collaborate on projects and get instant feedback and responses to their ideas.
'Workers are able to move a thought-pattern or idea forward more quickly with IM, because they don't need to wait days for a response,' Scanlan said. He added that WorldLingo's IM system can be secured in a number of ways, including encrypting messages or using a company's existing security algorithms.
But providers of IM technology need to do more to convince companies that the business benefits are clear and the security of their systems is adequate, if corporate uptake is to grow faster. One IT manager, of an electronic components supplier, said his company did not view instant messaging as a business productivity tool.
'It has the disadvantages of not sending text securely, unlike sensitive email that can be PGP-encrypted, and also of not arriving in a traditional inbox, unlike email, so it can't be referred to later or easily stored in a folder,' he said.
He added that IM can also pose a sizeable security threat. 'Strict guidelines should be put in place to prevent its use on corporate LANs  at least until virus scanning technologies can be employed that can deal with it,' he said.
Antivirus experts said that because IM is not a tried and tested business tool, any protection for it against viruses and interceptions will not be as sophisticated as the protection available for email.
Security company F-Secure's senior virus researcher Alexey Podresov said that as IM clients communicate through a server, messages are not sent securely and could be intercepted. 'In a corporate environment I would not recommend the use of contemporary instant messengers like MSN, Yahoo, ICQ and such  and in many companies the use of these IM systems is not allowed,' he said. 'These messengers do not provide enough security and can be easily compromised.'
Podresov advised companies wanting to use IM systems to either write the software themselves or buy it from a software maker that offers both server and client components. 'When properly configured, these components along with a firewall should provide sufficient security for internal communications,' Podresov said.
Brian O'Higgins, founder and chief technology officer of security firm Entrust, agreed that IM carries dangers. 'IM bypasses things like corporate firewalls, and other server-based defences like email attachment scanning at the perimeter of the network. The only defence is software running locally on the IM user's machine.'
O'Higgins advised companies interested in corporate IM systems to first implement a staff usage policy and 'make sure those users are buttoned down with current antivirus software and personal firewalls'.
