Web site InstantMessagingPlanet reported on Wednesday that AOL plans to host "Secure AIM Services" for companies that want to implement confidential instant messaging, while at the same time maintain interoperability with AIM members. AOL didn't comment on the story.
According to AOL documents seen by the site, the company will guarantee the confidentiality of instant messages sent inside and outside enterprises by encrypting them. AOL will also reportedly offer a Secure Document Delivery Service that promises to allow people and companies to securely send documents over the Internet.
AOL's Secure AIM Services will also log message exchanges for auditing and archiving, and will match screen names against corporate directories, which should make it easy for users to identify who they are messaging with. The service could be rolled-out this summer, the site said.
AIM is one of the most popular free instant messaging applications used in the workplace. According to INT Media Research, AIM is used by 30 percent of on-line employees in the United States, with MSN Messenger just behind at 28 percent.
However, along with the growth in use of such applications has come the inevitable security breaches. Several worms have successfully infected instant messaging clients in recent months, including Aplore, which spreads via AIM.
In addition, security organisation w00w00 recently discovered two vulnerabilities in AIM, which made it possible to steal buddy lists and spread malicious code throughout the entire AIM community, as well as on the infected computer. Patches for these vulnerabilities have since been made available by AOL. And earlier this month Microsoft issued a "critical" security update after the discovery of a vulnerability that allows attackers to execute malicious code against MSN Messenger.
According to Dermot Williams, managing director of security and communications company Systemhouse Technology Group, IM may have "snuck in below the radar" into companies who are generally more concerned about protecting e-mail systems. "This makes the IT systems of such businesses vulnerable because there have been a number of recent incidents where IM applications have been found to be not secure," he told ElectricNews.Net.
According to a report from Internet Security Systems, instant messaging applications will be the next target for malicious code and viruses. It also warned that anyone can intercept and read instant messaging chats if a corporate firewall is not in place because most of these applications do not use a secure layer for text messages.
The same report said that companies looking for secure enterprise instant messaging had several options. These included Communicator Hub software, which uses identity management, content aggregation and management, and auditing tools to trace user activity. Companies can also use Trillian, a chat application that offers 128-bit Blowfish encryption for AIM, as well as ICQ.
If AOL does decide to enter into the instant messaging enterprise sector, it will face stiff competition from the likes of Microsoft Windows Messenger and Lotus Sametime, who respectively have 33 percent and 15 percent of the market, according to INT Media Research.
More information can be found at the InstantMessagingPlanet Web site.