Chapter 7: Instant Messaging Compounds Confidentiality Concerns

Overview

Even more than e-mail, IM increases the risk of confidentiality breaches that may be triggered when employees chat (accidentally or intentionally) about confidential, proprietary, or personal matters that would be better (and more safely) discussed on the phone or in a face-to-face meeting.

Compounding the problem is that employees who use personal IM software—as most employees do—transmit messages via the public Internet. Once a message leaves your system, the likelihood of interception by a malicious hacker or cyberthief increases. If a malicious third party were on the prowl for your organization’s intellectual property, a good place to start might be the Web.

If your organization allows IM, particularly the use of consumer-grade IM, be sure to address confidentiality concerns, copyright law, and privacy rules in your IM policy.

Remember also to incorporate a discussion about confidentiality in your IM training program. Don’t expect employees to understand what type of content the organization views as too confidential, proprietary, or personal to be discussed via IM. Use your written policy and employee education program to clearly spell out how employees can best avoid a breach of confidentiality.

IM Rule # 16: Protect your organization’s assets, secrets, and future by monitoring instant messaging.