Looking for something else?
Learn an IT concept in 10 easy steps.
Here's how it works: We give you a little background about the concept, a glossary to look up related terms, some outside reading, and a self-assessment quiz. You spend as much (or as little) time as you like moving through the ten steps and exploring the concept.
Directions: Read steps 1-9 and their related links. In step 10, use the glossary to look up any terms you do not know. When you're done, take a quiz to see how much you've learned!
1. What is instant messaging?
Instant messages are basically a chat room for two and conversations flow rather like a telephone conversation; even during peak Internet usage periods, the delay is rarely more than a second or two. In addition to allowing the user to send either text or voice messages, many instant messaging services permit the sharing of Web links, images, sounds, streaming content and files. Most instant messaging applications also permit group chats.
Instant messaging falls into a category of IT called groupware, meaning programs that help people work together collectively while located remotely from each other.
2. What is EIM?
EIM is an abbreviation for "enterprise instant messaging." Instant messaging applications are generally categorized as either being public or enterprise. AOL's instant messenger (AIM), Yahoo Messenger and Microsoft .NET Messenger are examples of public IM services. Anyone on the Internet can sign up, download the software and begin messaging.
Sun ONE Instant Messaging, IBM Lotus Instant Messaging & Web Conferencing (formerly called Sametime) and Microsoft Office Live Communications Server 2003 (formerly called Greenwich) are examples of enterprise IM services. Access to the IM server is restricted and security precautions, such as encryption, are put in place to protect the enterprise network.
Jabber, an initiative to produce an open source XML-based instant messaging platform, is a relatively new player in the enterprise IM field. The advantages to Jabber are that it's free, it can be housed on a company's server and it can be isolated from the public Jabber network.
3. How does instant messaging work?
Most instant messaging systems work the same way. When you launch the application, the messaging client attempts to connect to the messaging server. The messaging server verifies your username and password and logs the client on.
Once it's logged on, the client sends the server its IP address, the port number that's been assigned to the IM service and the names of everyone on the user's contact list. The server creates a temporary session file that contains the connection information and checks to see who on the contact list is also logged on.
When the server finds contacts who are logged on, it sends a message back to your client with their connection information and sends your connection information to the contacts. As soon as all the connection information has been sent and acknowledged, instant messaging can begin. The connection process generally takes about ten seconds.
The question that prompts debate about how instant messaging should be implemented in the enterprise is, "Who controls the server?" In public IM systems, the service provider (AOL, for example) controls the server. This is not acceptable to many CIOs who would prefer to have control of the IM server themselves.
4. Who is using instant messaging?
According to the research firm Gartner, as recently as the first financial quarter of 2002, few businesses understood the importance of instant messaging as it relates to the enterprise. IM was thought of as a vehicle for social interaction and many businesses frowned upon its use, simply because it was seen as a threat to worker productivity.
End users, however, saw the benefit of being able to communicate in real time with their co-workers and began what industry experts call a "grass roots" effort to bring instant messaging into the corporate fold. They found the presence awareness IM contact lists provided useful. Instant messaging filled a communications niche somewhere between that provided by the telephone and e-mail. Because employees could see who was online and who was not, they could ask a quick question of someone who was available and not waste time waiting for a telephone call to be returned or an e-mail to be answered. They pointed out that instant messaging was a cost-effective alternative to travel, Web conferencing could met their communication needs just as nicely as a business trip and IMing a co-worker in another country was much less expensive than telephoning them.
As more IT departments become convinced of the value of IM as a business communications tool and begin looking for ways to exert control, implement security measures and integrate instant messaging with other groupware components, unmanaged IM use in the enterprise is likely to become a thing of the past.
5. Are all EIM systems alike?
No. Right now, instant messaging is the Wild West of the Internet; it does not have a protocol. There are two schools of thought when it comes to establishing an instant messaging protocol and the Internet Engineering Task Force (IETF) is looking at both to try and create one Instant Messaging and Presence Protocol (IMPP).
Industry leaders like Microsoft, IBM, Sun and Novell favor extending the Session Initiation Protocol (SIP) into a new protocol called SIP for Instant Messaging and Presence Leveraging Extensions (SIMPLE). The IETF developed SIMPLE as an extention to SIP for handling instant messaging and presence awareness. SIP was originally developed for voice over IP, but has since incorporated other functionality like Web conferencing, live video and other multimedia.
Hewlett-Packard, Intel and Sony are backing the eXtensible Messaging and Presence Protocol (XMPP), an open source transport layer for XML data. Supporters of XMPP point out that it was designed with instant messagingin mind, whereas SIMPLE was added onto SIP.
Because instant messaging is not standards-based, there is a lack of interoperability between different IM services. As a result, it is not unusual for people to have two or three clients running on one machine. This creates a number of challenges for IT departments, especially when it comes to ensuring security and compliance with federal regulations, such as the Sarbanes-Oxley Act.
There are basically three ways a CIO or IT department canmanage instant messaging.
The first, and historically the most common, means of IM management is just shutting down the default IM ports, which in theory prevents users from installing and using public IM services. This is easier said than done, however. Yahoo Messenger, for example, was designed to prevent blocking and will automatically attempt to connect to non-blocked port numbers, including port 23, which is used for telnet and is rarely blocked. Most other public IM services allow the use of a proxy server, so chances are, if an employee really wants to be able to use instant messaging, they will find a way to get around blocked ports.
The second solution is for the IT department to use policy-based management techniques to support one particular public IM service. By signing an acceptable use policy (AUP), the employee indicates that they agree to the employer's stipulations about which IM service is allowed to be used, what corporate screen name should be used and what kind of content is allowed to be shared in an IM. Just as with Web surfing, violation of the AUP can be considered grounds for dismissal.
The third solution is for the IT department to invest in an enterprise-class IM service, either by outsourcing their instant messaging to a third-party service provider (some public IM services now provide enterprise versions of their service for a fee), purchasing IM software that can reside on their current communications server, or maintaining a dedicated IM server.
7. What should a CIO take into consideration when deciding whether or not to purchase EIM messaging software?
First of all, the CIO needs to know what instant messaging will be used for within the organization. This will help a great deal in determining what level of control is required and that, in turn, will dictate what kind of instant messaging service a company needs.
Some small to medium-sized businesses, whose employees may use instant messaging to keep in touch with their kids, might want to consider using policy-based management as an alternative to investing in enterprise-class instant messaging.
If a CIO has concerns about privacy, security or compliance, however, then choosing one of several types of EIM is the way to go.
For example, if IMs are going to be used to enhance customer support, then an enterprise-class IM service like Lotus IM, which provides a gateway server to allow employees to safely connect with public IM users, might be an appropriate choice.
On the other hand, if instant messaging is going to be used as an internal collaborative tool, where sensitive information is being exchanged, then the CIO might want to set up an internal Jabber IM server and limit IM use to within the company.
Some industries, such as health care and finance, have regulations about archiving communications. If a business needs to comply with federal regulations, experts recommend they consider maintaining a dedicated IM server.
The number one reason why CIOs are looking at enterprise-class instant messaging is security. Experts predict that as IM becomes more accepted as a business tool, instant messaging will increasingly be the targetof attack.
8. If I were a CIO, what should I look for when choosing between available EIM systems?
First you should look for a system that provides a way to manage users. Ideally, the user should be able to log onto the system, including instant messaging, with one username and one password. Second, you should look for a system that provides security features, such as secure sign-on, digital signatures and encryption.
After you've addressed those two major concerns, experts recommend you consider asking yourself these questions:
10. Instant Messaging Words-to-Go Glossary