Risks and liabilities

Although instant messaging delivers many benefits, it also carries with it certain risks and liabilities, particularly when used in workplaces. Among these risks and liabilities are:
• Security risks (e.g. IM used to infect computers with spyware, viruses, trojans, worms)
• Compliance risks
• Inappropriate use
• Intellectual property leakage
Crackers (malicious "hacker" or black hat hacker) have consistently used IM networks as vectors for delivering phishing attempts, "poison URL's", and virus-laden file attachments from 2004 to the present, with over 1100 discrete attacks listed by the IM Security Center[7] in 2004-2007. Hackers use two methods of delivering malicious code through IM: delivery of virus, trojan, or spyware within an infected file, and the use of "socially engineered" text with a web address that entices the recipient to click on a URL that connects him or her to a website that then downloads malicious code. Viruses, worms, and trojans typically propagate by sending themselves rapidly through the infected user's buddy list. An effective attack using a poison URL may reach tens of thousands of people in minutes when each person's buddy list receives messages appearing to be from a trusted friend. The recipients click on the web address, and the entire cycle starts again. Infections may range from nuisance to criminal, and are becoming more sophisticated each year.
In addition to the malicious code threat, the use of instant messaging at work also creates a risk of non-compliance to laws and regulations governing the use of electronic communications in businesses. In the United States alone there are over 10,000 laws and regulations related to electronic messaging and records retention.[8] The more well-known of these include the Sarbanes-Oxley Act, HIPAA, and SEC 17a-3. Clarification from the Financial Industry Regulatory Authority ("FINRA") was issued to member firms in the financial services industry in December, 2007, noting that "electronic communications", "email", and "electronic correspondence" may be used interchangeably and can include such forms of electronic messaging as instant messaging and text messaging.[9] Changes to Federal Rules of Civil Procedure, effective December 1, 2006, created a new category for electronic records which may be requested during discovery (law) in legal proceedings. Most countries around the world also regulate the use of electronic messaging and electronic records retention in similar fashion to the United States. The most common regulations related to IM at work involve the need to produce archived business communications to satisfy government or judicial requests under law. Many instant messaging communications fall into the category of business communications that must be archived and retrievable.
Organizations of all types must protect themselves from the liability of their employees' inappropriate use of IM. The informal, immediate, and ostensibly anonymous nature of instant messaging makes it a candidate for abuse in the workplace. The topic of inappropriate IM use became front page news in October 2006 when Congressman Mark Foley resigned his seat after admitting sending offensive instant messages of a sexual nature to underage former House pages from his Congressional office PC. The Mark Foley Scandal led to media coverage and mainstream newspaper articles warning of the risks of inappropriate IM use in workplaces. In most countries, corporations have a legal responsibility to ensure harassment-free work environment for employees. The use of corporate-owned computers, networks, and software to harass an individual or spread inappropriate jokes or language creates a liability for not only the offender but also the employer. A survey by IM archiving and security provider Akonix Systems, Inc. in March 2007 showed that 31% of respondents had been harassed over IM at work.[10] Companies now include instant messaging as an integral component of their policies on appropriate use of the World Wide Web, e-mail, and other corporate assets.
Within the company there is also the risk of employees using instant messaging to release confidential information and project details to an outside source. This issue is best controlled by a combination of written policy and technology. An organization's policies on use of IM in the workplace should be an integral part of the overall computing and network use policies, and should be published and communicated at least annually. In addition to written policy, organizations should implement "gateways" or IM security products to monitor content of inbound and outbound messages. Products from IM security providers (See section on IM security) typically allow administrators to set alerts and enforce policy (i.e. allow or block messages) based on keywords and regular expressions within instant messages.
Employees may also misuse IM to communicate on a personal level with friends and family. This is poor use of a business’s time and resources, as the employee’s effectiveness will most certainly decrease due to the added distractions. (Licari, J., May 2005). Businesses often use IM security products to monitor and archive IM conversations for the purpose of minimizing this type of productivity drain.
BERTHOUD, CO -- April 16, 2007 E-Markets, Inc. the leading provider of software solutions and services to the agriculture industry is proud to announce a U.S. issued patent for Electronically Initiating and Managing Agriculture Production Contracts. The patent was applied for in 1998 and was issued in October of 2006.
The patent manifested into one of the company's premiere software solutions, AgContract, which has been in use for over 10 years. Over $600 million in grain, oilseeds, and other feed and food ingredients have been transacted using the AgContract information management tool. The tool offers easier management of buyer-driven procurement systems, purchase contract initiation and management, traceability of products through the supply chain and large-scale identity-preserved purchasing. Scott Cavey, President and CEO of E-Markets, Inc. is elated about the long-overdue approval of this patent. "This really signifies the beginning of E-Markets" stated Cavey, "the entire company is based around the AgContract application."
The patented technology showcases E-Markets, Inc. continuous strive to improve software solutions for the agriculture industry. Users of the AgContract solution include some of the industry's premiere agriculture, chemical and food companies including, Land O'Lakes, Inc., Dow AgroScience and BASF.
E-Markets, Inc. is a pioneer in delivering e-commerce solutions to the agriculture and food industries. The company introduced the industry's first online grain production contracting system in 1997, the first internet-based agricultural input ordering system in 1998, the first internet-based risk management tool for the grain industry in 2000, and most recently, an internet-based Attribute E-Xchange trading management tool. E-Markets' applications eliminate barriers between buyers and sellers; enable information sharing across the agri-food value chain; and streamline back office processes resulting in significant

No comments:

Post a Comment

Search This Blog

Powered by Blogger.