ZDNet UK


Skip to Main Content

  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Online business Toolkit

Instant messaging could land bosses in jail

Dan Ilet ZDNet.co.uk

Published: 15 Oct 2004 13:55 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

UK companies are fretting that employees using IM applications could be breaking compliance laws.

Lawyers said this week that more companies are consulting them over the use of IM because they are unsure of its legal implications.

"People are coming to us worried about it," said Mark Smith, a solicitor for Olswang. "There are two problems -- unauthorised use of IM, and from a legal perspective all the [compliance] issues that apply to email apply to IM too."

Many companies use IM in the belief that it is exempt from compliance laws, such as Sarbanes-Oxley and Basel II. These regulations demand that companies store all their data for at least seven years. If companies fail to deliver on the regulations, chief executive officers and chief financial officers could be liable to go to jail.

"A lot of employees use it [IM] as a way of communicating without using the content filters," said Smith. "Because IM is more informal than email, people say things on it they sometimes shouldn't. Where corporations use it, if they don't have the correct system implemented, there are loads of issues with monitoring and retention of data."

Smith added that security testers have discovered hundreds of unauthorised IM clients running on some corporate networks.

IM runs over port 80, the default channel for Web traffic. This often regarded as a trusted port and left open to allow users to surf.

"People use IM as a way of getting stuff in and out of the business, bypassing the security infrastructure," said Jason Hart, security director for Whitehat UK. "It's easy to run it without anyone knowing about it and people often use it as a way of getting around compliance laws."

Hart said that 40 percent of firms have banned the use of IM. "But that doesn't guarantee that people won't use it. It causes time-wasting viruses, possible use of spyware and cannot be detected by most firewalls."

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
104 out of 180 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

1 comment

  1. What a strangely paranoid perspective on such an i... Dennis B. Smith

Related Links

More In Online business



Company/Topic Alerts

Create a new alert from the list below:




Related Jobs

Computer Systems Validation Manager CSV LIVERPOOL North West

Technical Support Engineer (German)

Applications Engineers - Engineering Manufacturer

Sentry Posts Blog

The Technological Singularity

Are we approaching a point when machines may wake up and become self or seemingly self aware? Vernor Vinge in 1993 seemed to think so. He refered to this event as the "technological... More

2 comments

Mobile Operating Systems: MOPS At a Gl...

Mobile Operating Systems: At a Glance Author: Eric Everson, Founder MyMobiSafe Since posting my blog exposing the security Google G1 security issue, I have received a few emails... More

Post a comment

Met Police catch test cheats

I saw the funny side of this press release, I can just imagine the two people sitting in the car giving the answers to the questions. Why they had wires running from under the bonnet... More

Post a comment

Google Chrome

Roundup: Full coverage of the Google Chrome launch

The search giant has launched a beta of its own open-source browser, sending a clear challenge to Microsoft in the way it lets users work with applications More

Blog: Google Chrome has Microsoft's code inside, says MS manager

And furthermore, he says, that's a good thing... More

Blog: Google Chrome — nine things we've found since launch

Google must be very happy with the coverage Chrome has gathered. But it's not all good news... More