Site navigation
Lotus software administration, industry reviews and podcasts covering Lotus Notes, Domino, Sametime, Quickr/Quickplace, Connections and tons more
Home
Blog Entry - Friday, August 15th, 2003 |
Discussion for this entry is now closed. Please email me instead / Read (1) |
tabulating the responses from the impromptu survey
I went through the comments (very few that
there was there) and the emails and came up with a overly simple synopsis.
Have you standardized on an IM
package?
| Yes 20%, no 80%
|
In house or hosted if standardized?
| In house was 97% for a standardized
environment
|
Are consumer products allowed on the network?
| Mixed bag of nuts here (explained
more below)
|
Do you filter consumer products in any
way?
| No 80%, yes 14% (the rest must have
been unsure)
|
Do you log or archive chats?
| Overwhelmingly no, not a single
peep of archiving |
So Chris, tell me what we learned from all this?
- Not enough effort is being delivered in
controlling the explosion of instant messaging. I say this only because
the vast majority of my readers (that I know of ) use Domino. And
when that same company that produces an instant messaging package, that
integrates easily with the main directory (we won't go into LDAP), making
the standardization leap is quite simple. So the sarcastic observations
are:
- most enterprises still don't worry about
employees reaching each other through standard means
- supporting employees loading whatever they
want onto their machines is OK
- letting users decide what way they want
to send and receive files across the company network is OK
- This one is simple enough. Those
that said it is in house have enough bandwidth to provide meeting from
outside would be my first guess and they have the staff needed to manage
it. But wait!!! What extra staff Chris? You just
said if the same groupware company makes an instant messaging package it
should be simple right? Well in the basic chat terms yes. In
firewall controls, meeting support, browser support issues, ActiveX control
issues, it can be an overhead to run internally versus letting someone
provide the server as a managed service.
- Consumer products running amuck on the
network? Shame shame shame. Pushing some education up to the
exec's might be in order for at least some basic controls. I did
write
an article on this in E-Pro Magazine
this year. I think this is the largest area of improvement right
out of the gates. Some of the newer chat packages offer some many
features and functions, just inviting bandwidth hogging and security concerns.
Now some of you attempt to restrict certain IM packages while allowing
others. Names aren't important of which packages. The decision
to pick one of them is. Why choose Consumer Product A over B? Was
it because more suppliers/partners/customers also use it? Or because
most of the employees already had it running? What happened to making
the customers use a secured chat session off of a server that you control?
Cost prohibitive? In many circumstances yes. Beneficial
as a service and in controlling what communications go across your network?
Big fat yes.
- Filtering consumer products is a tricky
one. What do you filter?
- Ports? Not likely since most of the
products try to figure out the firewall and proxy and get them connected
- File Transfers? Not likely on some
of the products. One product alone lets the file transfer upload
to a temp server and sends a HTTP link to the other chat user to download
if they can't get directly connected. Nice....
- Hosts? Once again this is the most
under utilized filter. So you block a port, I can show you a way
that you could connect that would blow the mind of most security guys.
Destination hosts is a good way to cut short what products are used
though.
- Software that is loaded? Managed
desktops, what a dream for some smaller companies but a way of life for
some larger ones. But most of you that responded were smaller
which meant they can load what they wish on those desktops.
- Logging and archiving, a dream? There
are add-on gateways and products available but most companies don't see
the chat as a concern yet. Of course the SEC says otherwise for certain
types of companies. I believe that there is some form of exclusionary
planning that should be done if you allow the public networks, yet internal
chat could offer some information as a knowledge base. Or might tell
you where everyone goes for lunch, who knows :-)
OK, I had so much more to say but wanted to cut it down some. Whew!
Author: Chris Miller
Posted at: 11:18:19 AM