Finished your budget? Did you add money for a corporate instant messaging (IM) server to wean your users away from public IM client software? Is it too late to add that?

Advertisement On this topic ENTERPRISE NETWORKING Enterprise Networking. Sign up Now! Can Architecture Change the Rules of Enterprise Solutions? Multiprotocol Networks: Step into an Internet World Strategic Elements of Network Management Architecture German ISP launches public VoIP service Microsoft unleashes Exchange Server 2003 IBM announces availability, price of Lotus Notes 6.5 Exchange 2003 to come with new licensing options BT, Cisco team on IP services in Europe

Back in March we talked about keeping your public interface (sales and support) IM connections on public products (AOL, Yahoo, MSN, etc.) but using a separate system for use internally. Then put a really strong firewall between the two and keep your fingers crossed.

Want to get your budget bumped enough to add the IM servers you need? Mention to executives how "secrets" discovered by employees will be able to reach media outlets via IM with absolutely no audit trail whatsoever.

On the other hand, if you work for an Enron-type weasel factory skimming money with both hands, maybe you want an easy way to leak the invoice from the "gentlemen's" club for a vice president' birthday. Many of our 401K balances would be better off if we'd gotten a tip or three from drowning ships as employees noticed managers bailing out.

Would I go so far as to limit outside IM clients to a DMZ only available for sales and tech support? I think I would. Or at least host internal IM on a server separate from any public IM access.

With your own IM server for use internally, you can keep IM conversations in the archive. Those who work in regulated industries know that all electronic communications must be kept for auditors. E-mail and Notes and knowledge management systems make archiving easy, but IM makes it tough. If you have a corporate IM system and don't keep archives, you will be in trouble.

On the other hand, if you let employees use external IM systems for internal communications, you open a huge hole in your company secret firewall. Do you want a disgruntled employee to keep running conversations with outside regulators? How about with competitors, offering your secrets as an interview to work for the new company?

Hello, rock and hard place. But if you're in a public company, push your management toward internal IM servers. I'd worry less about what will be revealed in some potential future audit than I worry about inside information going out the IM door on a regular basis.