The Internet was built for open, unencumbered data exchange. That's what it does best. Yet a growing number of users rely on e-mail and instant messages (IM) to conduct business and hold sensitive discussions. Businesses are discovering that such unguarded use of the network can have dire consequences.
Recently, executives of Web site network eFront, straining under the collapse of the online advertising market, held a series of discussions using the ICQ IM system to discuss options to boost the company's fortunes. The lengthy transcripts from these discussions were later posted to a variety of public Web sites, much to the consternation of the participants who made a number of off-color and otherwise ill-advised remarks about their business affiliates. Although there have been allegations that the transcripts have been tampered with, sources including CNET News have verified their general authenticity.
While the culprit has not been positively identified, it is widely believed that the party was a disgruntled employee or affiliate of the company who may have swiped the log files directly from eFront CEO Sam Jain's PC when it was left unattended. In the aftermath, reports indicated that eFront's chief executive intended to keep the logs for his own records, but had not taken any steps to protect the data.
Indeed, for all the emphasis software vendors place on digital encryption and despite the fact that more than two dozen servers may touch an e-mail before it reaches its destination, the unprotected PC is often the greatest security risk of all. "Very few messages get intercepted in transit," says Jonathan Penn, senior analyst for Giga Information Group. "The issue is what happens after it gets sent--are people keeping it too long and you don't want them to have a copy? Are people forwarding it around?"
The perils of IM are coming under particularly close scrutiny as businesses work to improve their real-time collaboration capabilities. Just as the telephone is more interactive than a posted letter, IM trumps e-mail because messages are sent in short, rapid bursts and elicit immediate action or replies. None of the popular IM systems are inherently secure, and ICQ, the America Online unit that first popularized IM, even warns users in its security and privacy documentation to never send any content-sensitive material on ICQ. Unlike a phone call, however, it is extremely easy for any involved party to make a complete record of the conversation, and no clear wiretap statutes govern the practice.
Outfits like Jabber and QuickSilver are trying to establish commercial-grade, fully-encrypted IM systems, but it remains to be seen if a high-security communication client will be able to replace the entrenched consumer-friendly technologies. In general, Internet mass communication such as e-mail and Web browsing have been fueled by developments in the mass market that gain widespread acceptance, rather than proprietary systems. The lack of interoperability has already been proven a point of contention among the four major established IM clients, and the introduction of a dozen or more corporate variants will likely confuse the matter. Furthermore, the high-security IM products, America Online and Yahoo!, may soon face the "Netscape Effect" when Microsoft bundles its MSN Messenger client in the upcoming release of the Windows XP operating system.
The e-mail question remains open. Rock-solid technology to digitally sign, authenticate and encrypt e-mail has been freely available for at least five years, yet adoption remains low. For $24 per year per user, Dallas-based ZixIt feels the problem has been one of convenience. The company's namesake product integrates with Outlook or Lotus Notes, allowing secure delivery, receipt-enabled e-mail to be sent to any e-mail address. Unlike some other desktop systems, the encryption keys and algorithms are stored on ZixIt's central server, which alleviates some of the maintenance burden.
Businesses can establish their own, over-arching authentication keys that allow company-wide e-mail filtering and access, which may be necessary to meet regulatory requirements in some industries or to obtain records from a missing or recalcitrant employee. In order for noncustomers to receive secure transmissions, they go through an e-mail authentication process to access and reply to encrypted messages through a ZixIt Web portal. While hardly transparent, such workarounds will likely be necessary for as long as unencrypted e-mail dominates the landscape.
Some believe encryption isn't enough. Companies such as Disappearing and Authentica have released software that puts a time-destruct or "recall" feature on e-mail, which allows senders to exercise some control over how long a message can be viewed. Aside from the fact that reading such e-mail typically introduces an extra software burden on both sender and recipient, there's a fundamental problem to this idea. "There could be conflicts in the sender's policies and the receiver's archive policies," Penn says, especially in the case of government agencies that are often required to maintain records of all outbound and inbound correspondence for several years. "What do they do with this e-mail that they won't be able to open after 60 days...do they accept it at all?"
Whether your data is encrypted or carries a time bomb, prudence remains the best hedge against repercussions. "Go under the assumption that everything you're going to do [online] has some sort of permanence because of the ubiquitous nature of the Internet--data goes from where it is to where it is not," advises Peter Mudge Zatko, chief scientist at security consultancy @stake. He also suggests that evaluating the underlying security of an IM client, which by its nature waits expectantly for communication from the outside world, is of paramount importance before adopting it for enterprise use. "They're accepting extra input. Can someone send a malicious message that compromises all of the systems that receive it instantly?"