Symantec.cloud tackles corporate IM risks
By Asia Cloud Forum editors 10-Jul-2012
Instant messaging (IM) poses significant risk to corporate security and compliance, according to a recent Symantec survey. Approximately 60% of survey respondents use IM to communicate with contacts outside the organization and 43% use it to share content not related to work. A further 29% reported using it to send information they would not want their boss to know about.
"IM is becoming a popular tool for internal and external communications in organizations of every size," said Tom Powledge, vice president of Product Delivery at Symantec.cloud. "According to Symantec Intelligence, one in 11.3 links sent over IM [points] to malicious web sites while our Symantec IM survey revealed that fewer than half of the organizations surveyed have suitable controls for monitoring IM."
Addressing this vulnerability, Symantec introduced its Instant Messaging Security.cloud (IMS.cloud) and became one of the first SaaS vendors to support Microsoft Lync users. The solution scans messages and attachments for malware, blocks malicious URLs, protects organizations from data loss and logs messages for compliance purposes without the need for additional hardware and software.
"The casual nature of IM paired with a tendency to de-prioritize IM security leaves organizations susceptible to compliance breaches, data loss and malware infection," said Powledge. "IMS.cloud takes the risk out of IM so that companies can meet user demand for the latest technology while allowing a flexible and collaborative working environment anytime from anywhere."
"IM in the workplace is becoming ubiquitous for both internal and external communications in organizations of every size," said Chris Christiansen, vice president of Security Products and Services at IDC. "But this popularity is one reason why organizations are vulnerable to the risks that come with using desktop IM clients. Corporate IM needs the same high levels of malware protection and regulatory compliance required of email and web services. Cloud-based security services can provide such protection."
IMS.cloud scans every IM sent to or coming from an organization. Incoming messages, including attachments are scanned for viruses, worms and URLs that may lead to malicious web sites. All incoming and outgoing messages are also matched against the organization's acceptable use policies. Any message that is malicious or suspicious or violates corporate policy is automatically blocked and the user is notified.
One feature, message logging and archiving, enables organizations to log message transcripts for regulatory compliance. Cloud-based archiving is also available for organizations with more stringent compliance needs.