UK firms are missing out on the business benefits of Instant Messaging (IM) because of security concerns, according to research released yesterday by Symantec Corp. This is despite the fact that 75% of office workers who use IM for work value the speed and immediacy it affords. TomorrowToday was asked to contribute to the research that Symantec released yesterday, and we definitely concur with their findings and endorse their recommendations.

If used in the right way and for the right purposes, IM can help ease the flow of information within organisations. 55% of those who use IM at work say it cuts down on email traffic and 50% find it a more efficient way of communicating than email. In fact, at TomorrowToday we predict that email usage will continue to fall as IM usage increases, and that we may even see the complete demise of email by the end of this decade.

Almost two thirds (64%) of those who use IM ask colleagues questions that need immediate answers, 46% use it to distribute information quickly and 47% acknowledge that IM allows them to multi-task. The real-time nature of IM also means that 29% of office workers who are able to utilise IM do so to conference colleagues while 45% say that because it’s more sociable it is better for relationship building than email communication within the working environment.

But there’s a problem. IT departments have been slow to support and encourage the use of IM. And so barriers to its usage exist. Only a quarter of offices are actually taking advantage of the benefits of IM. A general misunderstanding of the level of security of IM, combined with the perceived informality is hampering its uptake. Almost a quarter (23%) of office workers who don’t use IM at work say their companies restrict the use of IM in the workplace due to security concerns and a further 16% do not allow it because bosses deem it unproductive. It’s a trend likely to be exacerbated given that only 28% of those who use it at work could confidently say that their company monitors for the transmission of inappropriate content or confidential data and almost a quarter (23%) mistakenly believe that conversations on IM can’t be archived for retrieval at a later date.

TomorrowToday’s own research indicates that people are concerned about the privacy of their communications, the security of the IM system and whether the conversations are saved for later reference (and backed up, archived and stored correctly). Some industries, like banking and defence, are heavily regulated in terms of requirements for communication, but regulators will soon catch up with how IM can be used and this will further fuel IM usage. In this regard, I would wholeheartedly endorse Symantec’s dos and don’ts (see below).


Tom Powledge, vice president of product delivery at Symantec says: “This survey highlights that IM is often deemed too informal and insecure for the corporate world. However, with a better understanding of its features and uses, and with the right security measures in place, IM can be a very effective business communications tool. In fact, companies can easily log conversations, scan for malware and block inappropriate or sensitive content from passing through the boundary of the organisation. If combined with proper guidance for employees on how to use the right communications channel for the right message, IM can help companies to improve productivity, be more responsive, support mobile and remote workers and gain operational efficiencies. As such, IM is ripe for a public makeover so businesses can exploit its true potential.”

When asked to comment about this, our team at TomorrowToday added: “The use and acceptance of IM by businesses has been steadily increasing over the past ten years. There are at least four reasons for this. Most importantly, a new generation of young people, who have been using IM all the time through school and are very comfortable with it as a communication tool have simply brought that usage into the office. So-called Gen Y users have no blockages to the use of IM in many different contexts. Secondly, recent advances in communication technology, specifically in bandwidth speed and the development of social media, have had the effect of speeding up our interactions and our expectations of response times. We live in a world that feels more immediate than ever before, and IM feels like the most appropriate communication tool. Related to this, thirdly, is the fact that IM is now being integrated into other programs, from Facebook to many web-based customer support interfaces, and we’re just getting more and more used to using it in a variety of different contexts. Finally, our continued and rapid shift to powerful mobile devices and smartphones as our primary communication tools, not just for verbal but also for written communications (primarily in the form of text messages and emails) has fuelled the desire for more instant communication.”

Generation Y young people have fuelled the usage of IM in companies. As they have done so, though, older colleagues have discovered the value and usefulness of IM and have been quick to start using it too. In our experience, once a company’s IT department opens up the use of IM, the uptake in usage and change in communication culture happens quite quickly.

Symantec suggest that in order to enable businesses to limit the risks and reap the benefits of IM, the following dos and don’ts are essential for instant messaging:

  1. 1.     DO: Adopt a user policy for instant messaging:  Provide general guidelines to your employees on IM use in the workplace.
  2. 2.     DO: Actively educate employees on the benefits and risks of IM: This will help them determine which communications channel to use at which time for which content
  3. 3.     DO: Make employees aware that instant messages and conversations can be saved:  Corporate IM services allow the archiving of entire messages that can be retrieved later for reference.
  4. 4.      DO: Be aware of malware infections and related security risks: Most IM services allow you to transfer files with your messages so make sure you provide the appropriate firewall protection, to safeguard from viruses and infections and that you can keep track of what’s being tranferred.
  5. 5.     DO: Encourage workers to organise their contact lists to separate business contacts from family and friends: Reduces the chances of inadvertently sending company data to the wrong “Peter” or “Mary”.
  6. 6.     DON’T: fail to control IM use: IM is more immediate and more versatile than other forms of business communications but should be carefully managed to avoid the dangers.
  7. 7.     DON’T: Allow excessive personal messaging at work: This gives IM a bad name.  Using a corporate IM system with monitoring reminders will help keep workers mindful and more productive.
  8. 8.     DON’T: Forget to remind employees that IM in the workplace should be regarded in the same way as any other form of corporate communication: As with email, employees should be careful in what they say. Statements made in IM about other people, their company, or other companies could damage reputations and credibility.
  9. 9.     DON’T: Be complacent about security: In the same way as email, if not managed correctly, IM messages can carry malicious links or expose sensitive information. With a corporate IM service, messages are scanned so that suspicious emails, or those that violate your policy, are automatically blocked.
  10. 10.  DON’T: Put policies in place and walk away: Set-up, monitor and enforce company rules for IM this will help employees feel more secure in using it as they do email.

Symantec are very active in provided cloud based security support for all forms of digital communication, and increasingly in the IM space.

TomorrowToday Global