Message in a Bottle(neck)

Managing messaging and other previously simple tasks

Gerry McCartney, Purdue University's interim vice president for information technology and chief information officer, says that sometimes it's not whom you're sending information to or what you're sending, it's how you do it. "Some instant messaging clients route their data through external companies," McCartney explains. "If you are dealing with classified information or restricted data such as social security numbers or credit card information, in many cases distributing this information via IM could violate laws or rulings. Also, we are always mindful of glitches that can occur, such as the recent release of search terms by AOL. When data leaves your organization, you no longer have complete control over it, regardless of what safeguards may be in place."

Future shock

With the plethora of research available, you'd think more executives would take a proactive stance when it comes to messaging management, but that isn't the case yet, says Peter Firstbrook, research director with Stamford, Connecticut-based research and consulting firm, Gartner, Inc. "Spam comprises 60 to 90 percent of inbound mail. Viruses are two to six percent of all incoming messages," he says. "You'd think that more people would be doing something about it, but we had 25 percent of respondents to a recent survey tell us they were affected by an email virus."

In addition, Firstbrook says that few people realize the threats and management issues created by communications such as Web mail, voice-over-IP (VoIP) telephone calling services such as Skype, which has a chat capability, and employee-owned portable and handheld devices. Many companies simply block Web mail services, and are relieved that employees are willing to buy their own PDAs and Web-enabled Blackberry devices and phones. Even worse, Firstbrook adds, most companies haven't put VoIP applications on their radar yet, an especially scary problem since Skype and the like are difficult to block on a corporate network.

"You don't want to ignore any of these things. Even if you do the knee-jerk reaction and block something like Web mail, you're making a mistake," says Firstbrook. "If you don't own your employees' devices, you don't have any visibility into them. When you consider that cell phones and Blackberry devices get lost a lot and most aren't password-protected, you see that you've lost control of that data."

Firstbrook suggests either buying mobile devices or enabling employees to buy them from your company-usually with a significant volume discount. In the case of laptops, he suggests making full disk encryption mandatory. "These problems are going to get worse before they get better," he says. "We're already seeing more storage devices for data-you can even transfer data to an iPod. Control of data is going to be one of the most significant problems going forward."

Karen J. Bannan also writes for The New York Times, PC Magazine, and Fortune Small Business.