IT departments turn to gateways to manage IM

Since early 2001, Media General Inc. management had been encouraging employees in its interactive division to use America Online Inc.’s AIM public instant-messaging network, but by early 2003, the company’s IT department was very concerned about the unmonitored and unmanaged use of IM.

“I was worried about viruses, file transfers, because it was going around protections we already had,” said Mike Miller, the company’s director of support services.

“I (also) realized the majority of our IM traffic was between coworkers here, who could be asking each other ‘what is the password for this server?’ and that was going off to AOL and coming back, which wasn’t very secure,” he added.

He got the green light from the company’s chief information officer to evaluate products to manage, control and secure the company’s IM usage. Media General chose IM Manager from IMlogic Inc., which has security features, such as virus scanning, file transfer control, spam filtering, user authentication and IM traffic routing; compliance features such as logging and archiving of IM sessions and content filtering to flag language deemed inappropriate; and IT control features, such as user access control and screen-name registration.

IMlogic is one of three recognized leaders in what are known as IM gateways, along with Akonix Systems Inc. and FaceTime Communications Inc. These three vendors’ products all provide IT departments with software tools to manage IM use in the workplace.

Soon after Media General installed IM Manager about one year ago, the tool proved useful. “Right away we found abuse by some users who rather than doing their jobs, were doing IM their entire shifts,” Miller said. Right now, Media General, based in Richmond, Virginia, has about 130 IM users, out of about 8,000 employees. The company owns newspapers, TV stations and Web sites.

The process Media General went through — from promoting the unmanaged use of workplace IM, to realizing the need for IT control, to choosing a tool to accomplish that — is a process that is happening in many IT departments around the world.

According to a recent study by The Radicati Group Inc., IM is used in 85 percent of all enterprises in North America, while 20 percent of all enterprise users worldwide use IM today. Radicati expects 80 percent of enterprise users will use IM by year-end 2008. By the end of 2004, there will be 42 million enterprise IM users, according to the research group.

Because becoming a user of a public IM network, such as the ones from Yahoo Inc., AOL and Microsoft Corp., is free and easy, users worldwide have linked their work PCs to these IM networks without consulting or informing their IT departments. In the process, employees have made their companies’ computing environments vulnerable to viruses, spyware, spam, hackers and Trojan horse software programs. They also have put their companies at risk of violating an increasing number of laws and regulations that require certain industries to log and archive work-related IM sessions.

IT departments have two options in addressing the use of IM in their organizations:

— get their users off of the public IM networks and install an inherently more closed and proprietary enterprise IM platform behind the firewall such as Microsoft Corp.’s Live Communications Server (LCS) or IBM Corp.’s Lotus Sametime; or

— leave the users on the public IM network of their choice and install an IM gateway product that monitors and filters IM traffic and flags problems related to usage, security and compliance.

So far, the second option has been most popular, primarily because it has been generally less expensive, more transparent to end users and simpler for IT to manage. Most of the IM use within corporations is still over free, public IM networks, according to the Radicati Group.

IM gateway software was also the option merchant bank Thomas Weisel Partners LLC chose when it bought FaceTime’s IM Auditor. Since its founding in 1999, the San Francisco-based bank had allowed employees to use public-network IM. “We were in denial for a while. There was a lot of IM usage back in 1999 and 2000 and we just kind of said ‘ok, whatever,'” said Beth Cannon, the bank’s chief security officer. But concerns led the bank to implement the FaceTime product in September 2001.

Since then, a variety of laws and regulations related to the use of IM in the financial industry have been created, and FaceTime helps the bank comply with them. “Whatever we do (with IM) we have to log it and archive it, so even if we decided to move to an enterprise IM platform, we would still have FaceTime,” Cannon said.

While IT departments seeking to control IM are currently content with tools from small, startup vendors, they may eventually be presented with options from bigger, established vendors, especially those in related areas such as security, systems management and messaging and collaboration.

Considering that the three IM gateway leaders are small and young — FaceTime, founded in 1998, is the oldest and has the largest staff with about 130 employees — should IT managers and chief information officers (CIOs) who have invested in their products be concerned about these vendors’ future in light of potentially crushing competition?

After all, IM gateway vendors have nabbed as clients large, global companies. IMlogic’s clients include Merill Lynch & Co. Inc. and Bear Stearns & Co. Inc., FaceTime’s include Wachovia Corp. and NCR Corp. and Akonix’s include Cingular Wireless LLC and Qualcomm Inc.

Industry experts agree that IM gateway vendors in general have gotten a strong head start and developed expertise that is so deep and specific that no newcomer, no matter how large and mighty, will be able to match them for at least two years. The potentially bad news is that it’s hard to know what will happen to IM gateway vendors in the long run.

In the meantime, analysts say IMlogic, Akonix and FaceTime today are the best at what they do and, although all three are private companies and as such don’t disclose financial details, they seem to be succeeding in a growing market.

“IM management vendors are where the money is today. They have a great business model and they’re solving a lot of problems for companies,” said Genelle Hung, a Radicati Group analyst. “Of course, in five or six years, it might be a very different landscape but these IM management vendors have a long-term approach to their business and their products. They’re not here to make a quick buck and disappear.”

A potential threat comes from IBM’s Lotus division and Microsoft with their respective enterprise IM platforms, Sametime and LCS. Clearly, both vendors want to continually expand their platforms’ capabilities, but executives from both companies concede that IBM and Microsoft either can’t provide or aren’t interested in developing functionality the IM gateway vendors already offer.

“We definitely see them filling out the partner ecosystem and being very much an add-on set of solutions that extend an LCS environment,” said Dennis Karlinsky, LCS lead product manager at Microsoft.

“The IM gateway vendors provide high-value services on top of Sametime,” said Ken Bisconti, vice president of collaboration and human interaction products at IBM’s Lotus division.

Still, IM gateway vendors can’t let their guard down, another analyst said. “These IM gateway guys will be challenged to come up with ways to stay ahead of Microsoft in particular, which has a history of co-opting utility functions that third-party providers have found a niche in and then cutting them out of that market,” said Lou Latham, a Gartner analyst.

Other potential competitors are providers of systems management platforms, such as Computer Associates International Inc. with Unicenter, Hewlett-Packard Co. with OpenView and IBM with Tivoli, and providers of security software, such as Symantec Corp. and McAfee, but executives contacted at each of these five organizations all played down the possibility that their respective platforms would be extended in the near future in any significant way to encroach into IM gateway functionality. In fact, partnership relationships already exist between IM gateway vendors and many vendors in these spaces.

“Potentially as this space grows, one of those large vendors could start doing something similar to what IM gateway vendors do. No question about that. But it’s an interesting dilemma (the large vendors) face” over which IM gateway features to develop themselves, said Joe Laszlo, senior analyst with Jupiter Research.

Overall, IMlogic, FaceTime and Akonix are guarding their space well, Laszlo said. “Even in the face of competition from more established vendors, IM gateway vendors are well enough established and will probably be around for the long haul.”

This should bring a sense of relief to IT professionals who are relying on these tools to perform the important task of protecting their company’s IT infrastructure from potential threats brought about by workplace IM use.