Here’s an amazing fact: according to a recent poll, only 11 percent of organizations have an instant messaging security system in
place. It’s amazing because almost all of these organizations have
an anti-virus system in place for their e-mail and probably have
stringent security policies to go with it. Yet they seem to be
ignoring IM.
That’s pretty strange, since IMs are just as potent a transmission
vector as emails for viruses, worms and pretty much any malware you care
to mention. In 2004 there were around 21 threats such as Trojans and
worms that used IM as an attack vector, while this increased to over 300
last year. Seems like malware writers are increasingly realizing that
the nearly 12 billion IMs IDC Research estimates are sent every day
offer easy pickings compared to relatively well protected e-mail systems.
It’s not as if organizations have nowhere to turn to. For the last
few years three key companies, Akonix, FaceTime and IMLogic – and
other smaller ones besides – have been offering IM security systems.
All three companies offer systems which are broadly similar in terms of
providing products which allow administrators to discover when public IM
systems are being used and by whom, securing their use, and archiving IM
sessions for regulatory compliance. All in all, you could say it’s
a pretty mature market niche in terms of product functionality.
But the big question is really whether it is really a standalone niche
at all. Is there, in other words, a need for separate IM security and
management products, or should they be subsumed into e-mail security
products to become a part of a communications security suite?
Symantec clearly believes the latter: at the beginning of January the
company purchased IMlogic for a sum believed to be around the $70
million mark. It is not hard to see the logic of the deal, and we should
expect to see Symantec security products with IMlogic’s IM
security and archiving features tightly integrated in twelve to eighteen
months months.
So what chance Akonix and FaceTime get acquired too? “We think
they will lose their independence,” says Peter Firstbrook, a
research director at analyst Gartner. “Most companies don’t
want different products for e-mail and IM, they just think of messaging
or communications, which could end up including SMS, VoIP and webmail as
well,” he says. There are no end of security vendors such as
IronPort and CipherTrust who would be interested in gobbling them up, he
says.
Don Montgomery, a marketing vice president at Akonix, agrees. “We
think there is still two to three years of solid growth and independence
for ourselves and FaceTime but we are obviously logical candidates for
consolidation. IMlogic needed to be bought as they had reached the end
of their cash and still weren’t making money, but we think we will
be worth much more than $70 million in the next few years.”
Interesting stuff. Because on the one hand, $70 million seems quite a
lot to pay for a company which, according to Montgomery at least,
wasn’t turning a profit. Other security vendors must be thinking
that rather than fork out a similar number of their hard earned
greenbacks – or even more – for FaceTime or Akonix, they could probably
build their own IM security software for a lot less. And since the total
market penetration for these products is only just into double figures,
there is still a lot to play for. On the other hand, if the market is
going to expand rapidly in the near future – and all it would take
is a big IM-borne equivalent of the I Love You, Melissa or Nimda worm
or two – then Akonix and FaceTime may soon be worth a lot more, so
the time to acquire either of these two companies is sooner rather than
later.
And why is this important? Because if you are serious about security
then you need IM protection. But should you wait for your e-mail security
vendor to include it as part of its current offering, or do you buy
Akonix’s or FaceTime’s (or even IMlogic’s) products
in the knowledge that they will probably not be around in their current
form for much longer? Firstbrook recommends making a tactical investment
even though in a few years you’ll probably have to buy something
else.
Ultimately IM security is probably not something you should want to be
without. The signs are there that a major IM-borne worm will affect you
sooner or later if you don’t take security measures, and the time
to protect yourself is before, rather than after the fact. There is a
great deal of uncertainty in the market at the moment about who will be
the major players in the coming years, but don’t use that as an
excuse to leave your organization wide open to attack.
