Issues in Compliance for Instant Messaging

Compliance is always a large concern, especially with attacks and data breaches increasing. It is important to understand the industry and regulatory requirements that need to be enforced within your corporation and security environment. One area that experts are beginning to see as an issue is instant messaging. This is a communication method that is hard to regulate and record, which could pose problems with industries with strict compliance standards.

In a recent article by Dmitry Shapiro, CTO at Akonix Systems, Inc., “Instant Messaging and Compliance Issues: What You need To Know” the issues that are becoming ever present with IM are discussed. The main issue is the sheer volume of users on these IM systems, totaling in the 100s of millions. This is not to mention what IT managers are most afraid of, which are the public IM systems, such as AOL Instant Messenger and Yahoo Messenger.

Although IM is a functional tool for communication there are key areas with which there is a lot of concern for compliance issues:

-        Record Retention

-        Information Security

-        Theft

-        Copyright Infringement

These issues are ever rising with the number of users and amounts of information on these systems. With the public IM services, the control a manager could have with an internal system is taken away. Tasks such as auditing, logging, and deleting records are all issues when the manager cannot oversee the whole system, and the web of IMs being created.

Without compliance and monitoring, the one thing that is apparent is that risk will increase. Shapiro says that the main issues to watch for are:

-        Organization of records

-        Retention of records

-        Tamper Proof Records

-        Record Retrieval

-        Off-Site Copies

And many more…

With such acts as the Sarbanes-Oxley Act, HIPAA, and GLBA the ability to control, monitor, protect, and delete records is essential. These regulations are going to require IT managers to remain compliant and come up with ways to monitor their users IM behaviors. If this is not done, IMs will be a strong source of theft and cybercrime.

• Past Blog Posts

  • September 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008

• Background Info

  • About PistolStar
  • About the Blog
  • Blog Authors

• Categories

  • Authentication Security
  • Authentication Trends
  • compliance
  • Customer Case Studies
  • Data Security
  • Deployment Issues
  • General Information
  • IT Security
  • Kerberos Authentication
  • Lotus Notes & Domino 8.5
  • Lotusphere 2009
  • Lotusphere 2010
  • password security
  • Portable Device Security
  • PortalGuard
  • Security Attacks
  • SharePoint Authentication
  • SharePointPro Summit & Expo
  • Technical Support Exploration
  • Uncategorized
  • WebSphere Portal Authentication

• Recent Comments

• Recent Posts

  • The Financial Industry - Courts Try to Prove Reasonable Security
  • Authentication Adaptability: Survival is Key
  • PortalGuard Climbs the SharePoint Summit
  • PortalGuard has Great Success at the 2010 SharePointPro Summit & Expo
  • PistolStar Brings PortalGuard to the SharePointPro Summit & Expo