Spim, Like Spam, Is On The Rise

Research firms have different numbers, but all agree that there's no shortage of the unsolicited commercial instant messages.

Thomas Claburn, Editor at Large, Enterprise Mobility

March 30, 2004

3 Min Read
InformationWeek logo in a gray background | InformationWeek

Job growth may be anemic, but there's no shortage of spim. Unsolicited commercial instant messages, known to many as spim, are expected to reach 1.2 billion in 2004, up from 400 million last year, according to a report by the Radicati Group, a technology market-research firm. Another research firm, Ferris Research, puts the spim count at 500 million for 2003. The Yankee Group, yet another research firm, estimates that 5% to 8% of corporate IMs are spim.

Michael Osterman, president of Osterman Research, a messaging research and consulting firm, says spim isn't a severe problem, though it is growing. According to a survey his company just completed, 70% of corporate IM users get no spim, 18% get 1 or 2 spim messages a week, 4% get 3 to 5 a week, and 7% get more than five per week.

That's nothing when compared with the billions of E-mail messages sent daily--some 60% of which are spam--but they're nonetheless a significant security risk. The Radicati report, issued last week, says 70% of spim involves pornography. Moreover, notes Scott Chasin, chief technology officer at E-mail security vendor MX Logic Inc., E-mail worms that hijack a user's IM identity to send spam already have been documented. He compares the security threat posed by spim to the risks that accompany spam.

Enterprise IM systems--such as are offered by Bantu, Jabber, Lotus, Microsoft, and Novell--offer a degree of control absent from E-mail. They are inherently more manageable and secure.

The problem is that IM users are taking matters into their own hands. As research firm IDC observed last year, "An increasing number of employees are circumventing IT and installing public instant-messaging clients. Left unmanaged, public IM puts companies at greater risk of security vulnerabilities, breaches of confidentiality, virus infection, legal liability, and violation of privacy regulations."

According to IMlogic Inc., a maker of enterprise IM infrastructure software, there are more than 50 million enterprise users of the public IM networks maintained by AOL, MSN, and Yahoo--and IT oversight hasn't kept up with user demand. In May 2002, Giga Information Group, now part of Forrester Research, found that 60% or more of midsize and large companies use IM, but 90% had no formal IT support for it.

Messaging-management and content-filtering vendors such as Akonix, FaceTime Communications, IMlogic, Omnipod, and SurfControl have been working to bridge that gap. But the issue remains. "There are more IT departments that have taken a proactive stance with regard to IM, but the broad majority still don't have any IM management policy in place," says Francis Costello, chief marketing officer at IM management vendor Akonix.

IM adoption at petroleum marketing and distribution company Truman Arnold Cos. offers an example of the trend. Due to the business value of instant always-on communication, IM use grew on its own until the company's IT staff reined it in.

"IT noticed it and realized how much of a security hole it was," explains Josh Lawrence, E-commerce support, who adds that while IM spam was a concern, viruses and unauthorized file transfers were more troubling. The company, which uses Yahoo Instant Messenger, chose to implement Akonix's IM management product, L7 Enterprise.

With corporate IM users on the rise--numbers vary, but Osterman estimates there will be 37 million by 2005, up from 24 million by the end of this year--IT departments need to develop and implement IM-management policies and tools before IM spam and related security threats force the issue.

About the Author

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights