| Blog Entry - Friday, August 15th, 2003 | Discussion for this entry is now closed. Please email me instead / Read (1) |
I went through the comments (very few that there was there) and the emails and came up with a overly simple synopsis.
| Have you standardized on an IM package? | Yes 20%, no 80% |
| In house or hosted if standardized? | In house was 97% for a standardized environment |
| Are consumer products allowed on the network? | Mixed bag of nuts here (explained more below) |
| Do you filter consumer products in any way? | No 80%, yes 14% (the rest must have been unsure) |
| Do you log or archive chats? | Overwhelmingly no, not a single peep of archiving |
So Chris, tell me what we learned from all this?
- Not enough effort is being delivered in
controlling the explosion of instant messaging. I say this only because
the vast majority of my readers (that I know of ) use Domino. And
when that same company that produces an instant messaging package, that
integrates easily with the main directory (we won't go into LDAP), making
the standardization leap is quite simple. So the sarcastic observations
are:
- most enterprises still don't worry about employees reaching each other through standard means
- supporting employees loading whatever they want onto their machines is OK
- letting users decide what way they want to send and receive files across the company network is OK
- This one is simple enough. Those that said it is in house have enough bandwidth to provide meeting from outside would be my first guess and they have the staff needed to manage it. But wait!!! What extra staff Chris? You just said if the same groupware company makes an instant messaging package it should be simple right? Well in the basic chat terms yes. In firewall controls, meeting support, browser support issues, ActiveX control issues, it can be an overhead to run internally versus letting someone provide the server as a managed service.
- Consumer products running amuck on the network? Shame shame shame. Pushing some education up to the exec's might be in order for at least some basic controls. I did write an article on this in E-Pro Magazine this year. I think this is the largest area of improvement right out of the gates. Some of the newer chat packages offer some many features and functions, just inviting bandwidth hogging and security concerns. Now some of you attempt to restrict certain IM packages while allowing others. Names aren't important of which packages. The decision to pick one of them is. Why choose Consumer Product A over B? Was it because more suppliers/partners/customers also use it? Or because most of the employees already had it running? What happened to making the customers use a secured chat session off of a server that you control? Cost prohibitive? In many circumstances yes. Beneficial as a service and in controlling what communications go across your network? Big fat yes.
- Filtering consumer products is a tricky
one. What do you filter?
- Ports? Not likely since most of the products try to figure out the firewall and proxy and get them connected
- File Transfers? Not likely on some of the products. One product alone lets the file transfer upload to a temp server and sends a HTTP link to the other chat user to download if they can't get directly connected. Nice....
- Hosts? Once again this is the most under utilized filter. So you block a port, I can show you a way that you could connect that would blow the mind of most security guys. Destination hosts is a good way to cut short what products are used though.
- Software that is loaded? Managed desktops, what a dream for some smaller companies but a way of life for some larger ones. But most of you that responded were smaller which meant they can load what they wish on those desktops.
- Logging and archiving, a dream? There are add-on gateways and products available but most companies don't see the chat as a concern yet. Of course the SEC says otherwise for certain types of companies. I believe that there is some form of exclusionary planning that should be done if you allow the public networks, yet internal chat could offer some information as a knowledge base. Or might tell you where everyone goes for lunch, who knows :-)
OK, I had so much more to say but wanted to cut it down some. Whew!
Author: Chris Miller
Posted at: 11:18:19 AM
