Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Businesses Technology

Enterprise IM? 73

Posted by Cliff from the yet-another-excuse-to-drain-productivity dept.
Jsf72672 asks: "With the recently-passed Sarbanes-Oxley legislation, and the looming HIPAA compliance requirements a constant thorn in the side of IT staff, Enterprise Instant Messaging seems to be overlooked. Most users are using AIM or MSN. Microsoft and Yahoo! both have products tailored to the Enterprise, but no one wants to rely their technology to keep them out of jail, or from paying huge fines. Jabber looks attractive but our already overtaxed IT staff does not have the time to compile, secure and test homegrown solutions. What are Slashdot-reading IT Managers doing? I found these guys and their InterIM line of products, and they look pretty good. Is anyone using them? Are there other low-cost solutions you have employed?"
This discussion has been archived. No new comments can be posted.

Enterprise IM? More

Enterprise IM?

Comments Filter:

  • Lotus Sametime (Score:4, Informative)

    by Craig Maloney ( 1104 ) * on Thursday January 15, 2004 @10:18PM (#7993873) Homepage
    the last two companies I've worked for have had Lotus Sametime. Not sure about licensing or whatnot, but it works.
    • Just so that you know, Samtimes sucks on non-Windows platforms.

      I mean, it really chews ass.

      Just so that you know.
    • AND SUCKS! Sametime is ugly, barely configurable for the end-user (graphics, font sizes, smileys, etc.), and a cheap AIM knockoff anyways. (Before our Lotus Notes got upgraded to R6 you could still use Sametime to connect to an external AIM server if you had a login; it was that obvious)

      Give your users Jabber. I've tried it out and it's probably the most built for Enterprise usage. Granted, I'm no IT manager, just an end user, but AIM, Yahoo!, and Sametime all more or less suck IMO. Trillian is great for h

  • Lotus Notes (Score:2, Insightful)

    by heliocentric ( 74613 ) *
    IIRC Lotus Notes (an IBM product) supports an instant messageing system called "Sametime [lotus.com]."

    How much more enterprise savy could you need?

  • Hmmm... (Score:3, Insightful)

    by Dr. Photo ( 640363 ) on Thursday January 15, 2004 @10:21PM (#7993900) Journal
    When someone using Jsf72672@aol.com (a throwaway address if ever there was one) starts posting about some wonderful product he "found", it's almost certainly a company representative astroturfing, or trolling for hits.

    No offense intended if this "Jsf72672" is a real person's usual moniker, but it seems a bit suspicious. Caveat emptor.

  • iChat (Score:3, Interesting)

    by heldlikesound ( 132717 ) on Thursday January 15, 2004 @10:21PM (#7993906) Homepage
    I am getting ready to set up a print house up with 12 OSX workstations and they are very interested in using iChat not just communicate in their office, but since they will be using the Rendevous side of iChat also, they will be able to move large files around easily as well, without the files having to go through AOL's servers.

    In addition, one of the main things they want is accountability, phone calls (unless you record and index them all) are really very temporary, while iChats can be saved and searched.

    On a side note, I was thinking networking at least 5 of the comps that are in close proximity together using Firewire Over IP, but having done a short test between two comps using that setup, i got no better than a pitiful 60KB/ sec, what is up with that?
    • Surely you mean "IP over firewire"?

    • Re:iChat (Score:3, Informative)

      by op00to ( 219949 )
      When would files normally "go through AOL's servers"? Since we're on the subject of Instant Messaging, I assume you're talking about AOL IM. Using AIM's file transfer feature does NOT send the files through AOL's servers. It merely sends the file directly from the sender's machine to the recipient's machine.

  • Jabber.com (Score:1, Informative)

    by Anonymous Coward
    There's a commercial version of Jabber at Jabber.com. It has support and was designed for enterprise use.

  • Take a better look at Jabber (Score:5, Insightful)

    by jeremie ( 257 ) on Thursday January 15, 2004 @10:26PM (#7993951) Homepage
    It's not just open source, the XMPP protocol is approaching RFC status, and there is a whole suite of commercial products utilizing it.

    Just take a gander at the Sponsors box on jabber.org [jabber.org] for starters. You'll find products that drop into almost any environment, are based on open technologies, and can be complimented by many hundreds of open source apps... what could be better?

    Closed IM systems are a thing of the past, if we want them to be.

    • Re:Take a better look at Jabber (Score:5, Interesting)

      by dasunt ( 249686 ) on Friday January 16, 2004 @05:21AM (#7996240)

      I'm trying to figure this out myself.

      The questioner doesn't have time to check out Jabber (a ``homegrown'' solution in his words) but seems to be willing to use a commercial product with presumably little or no testing.

      WTF?

      Perhaps I've been reading too many issues of Cryptogram, but it seems that its a crapshoot when a company advocates 'security'. For every product like PGP security, there seems to be a horde of products that are on par with ROT13 or XOR encryption.

      Guess what - you need to test and analyze that commercial solution as well. What sort of encryption does it use? Where does it store logs? Are the logs encrypted? What happens if there is no global server? What happens when the network is faulty?

      **Grumble** **Grumble**

      Look at Jabber, its a good protocol. It does support SSL-connections. Some of the clients support encrypted logs. Its cross platform. Its extendable. It supports local servers. What more do you need?

      If your company is going to be depending on an IM system, you better know how it works, how it scales, and what to do when it goes wrong.

      • Re:Take a better look at Jabber (Score:4, Informative)

        by barzok ( 26681 ) on Friday January 16, 2004 @08:59AM (#7996982)
        The questioner doesn't have time to check out Jabber (a ``homegrown'' solution in his words) but seems to be willing to use a commercial product with presumably little or no testing.
        "Solutions" you've purchased from a big company are automatically trusted and therefore require very little testing in the eyes of PHBs - you just plug it in the way the vendor says to and walk away.
      • More to the point, for me, is that people are actually using Jabber. There are a lot of clients to pick from and a lot of servers. If you settle on one combination, and either your server or your clients are discontinued, you can migrate to another at your convenience without re-doing your infrastructure. I could drop a different Jabber server on our LAN today and noone but IT would be the wiser. Can a proprietary IM vendor say the same?
      • Hey, don't worry! Our product used quadruple-ROT13! That's four times the protection!

    • Re:Take a better look at Jabber (Score:5, Insightful)

      by Earlybird ( 56426 ) <slashdot&purefiction,net> on Friday January 16, 2004 @09:05AM (#7997006) Homepage
      I second the Jabber recommendation. "Homegrown" is a strange term to use for this technology, as there are many implementations, including mature, commercial products [jabber.com].

      My only problem with Jabber is the lack of a good MacOS X client. The only mature client, Psi -- which I use on Windows -- is a Qt app hastily ported to MacOS, and so it neither looks nor behaves like a native app. Not a big problem for me, personally, but my colleagues refuse to go near it.

  • But at the hospital I work at we use Lotus Sametime which is based on AIM, but authenticates to the Lotus Domino servers and encrypts all traffic. It's not the greatest solution, but since we are currently forced to use Notes, it works well.

    Mewyn Dy'ner
  • I, like most of the /.ers not in your country, don't know what the new laws mean, so a summary would be handy.

    Aside from that, I'm seriously leaning towards a group-wide IRC network rather than using IM for business. Turn on all the security, install a few bots (help/faq, admin, relaying messages, etc) and log everything -- that would probably cover all legislative requirements there might be.

    • Re:What is HIPAA? (Score:4, Informative)

      by the Man in Black ( 102634 ) <jasonrashaadNO@SPAMgmail.com> on Thursday January 15, 2004 @10:42PM (#7994083) Homepage
      New legislation to get healthcare providers to secure patient records. BIg pain in the patoot, speaking as someone who had to sit through several long ass meetings about it earlier this week.

      Bottom line is, there should be no way for patient data to "escape" from the networks of a healthcare provider. THis includes machines with no removable storage (yes, I'm serious), no phone conversations about the data in common areas, etc. etc. etc. A lot of it is commonsense security, some of it is "WTF?", and all of it is a pain to retrofit into preexisting systems. Believe me.

      • Re:What is HIPAA? (Score:3, Insightful)

        by Kris_J ( 10111 ) *
        Ah. I would tend to think that the only solution then would be to ban IM clients that require an off-site server and either use something like Jabber with a local server or as I suggested a closed, monitored IRC network.
      • Bottom line is, there should be no way for patient data to "escape" from the networks of a healthcare provider. THis includes machines with no removable storage (yes, I'm serious)...

        Meaning, thin-clients, right?

        I actually think that is a good idea.. prevents data leaks and makes administration FAR easier, reduces cost too..

    • I, like most of the /.ers in his country, didn't know what the new law meant. I decided to look it up out of curiousity...

      Apparently, the law makes sure that workers keep their health insurance after they change jobs. It also is an attempt to standardize insurance transactions and privacy of health data.

      Source: http://www.cms.hhs.gov/hipaa/ [hhs.gov]
    • HIPAA is the new health care information protection acts. It protects people's health information, and holds hospitals responsible for leaks, when it is at fault of the hospital. Before these acts were enacted, there were leaks all over the place, and in some cases you could have just stepped into a hospital and got someone's complete records.

      Mewyn Dy'ner

  • trillian (Score:2, Informative)

    by CosmicDreams ( 23020 )
    Trillian is a great IM app because of its ability to incorporate MSN, AIM, ICQ, Yahoo, and IRC chat networks. They also have a great skin in Microscopic.

    I've needed to update it once in a year due to changes to MSN. But its been pretty dependable
  • the company I work for uses the regular version of Yahoo Messenger. Not my choice, would rather use something more secure with more interoperability myself. We don't have to worry about HIPAA, don't trade stocks for people, etc but still.
  • There's no reason to roll your own Jabber server.
    Just install a well-known and reliable binary
    package from a trustworth distribution such as
    Debian stable or RedHat 9.0.

  • Just do what most everyone does... (Score:3, Funny)

    by Fortunato_NC ( 736786 ) <verlinh75@msn. c o m> on Thursday January 15, 2004 @11:12PM (#7994292) Homepage Journal
    Get certified as HIPPA compliant by some scamming agency like TruSecure. They'll spend fifteen minutes onsite, take you to a nice lunch, then rubber stamp you as certified and send you a cool plaque. Tell all your customer's that you're "Certified". Then, keep instant messaging and sending unencrypted email like you always have. When you get busted for a HIPPA violation, sue the FUCK out of your certifying agency, since they "audited" your compliance measures. The extra $$$ you make off the lawsuits should buy you a nice iPod.
  • These guys [fivepointscompliance.com] provide outsourced SEC compliant messaging for the enterprise. Their big product is doing email archival and hosting, but they also provide some IM services powered by IMLogic software.

  • e-Week Speical Report on Enterprise IM (Score:5, Informative)

    by leoaugust ( 665240 ) <leoaugust@[ ]il.com ['gma' in gap]> on Thursday January 15, 2004 @11:25PM (#7994376) Journal

    Here is a Special Report from eWeek on Enterprise IM [eweek.com] and it has some good reviews and articles including

    Corporate IM Solutions [eweek.com]

    Instant Messaging in the Enterprise [eweek.com]

  • Lowcost? (Score:3, Interesting)

    by Anonymous Coward on Thursday January 15, 2004 @11:26PM (#7994379)
    We use IBM/Lotus's Sametime where I work. Among it's features are it allows user to chat to AIM users, and set up chat rooms. AFAIK it is all recorded (I work for a big financial company), so it must have some features that allow everything to be logged (probably to IBM's DB2 Database).

    Low cost it probably is not. And the client software sucks, be nice if they had at least 1/2 the functionality of Gaim.

    The Deviant Tech., products looks interesting and is probably cheaper than Sametime. There is an interesting article here [instantmes...planet.com]

    If you already have existing contacts w/ IBM U might be able to leverage them to get a deal on Sametime, especially if you have Deviant Catalog sitting on your desk. ;) Deviant looks almost like an applicance type of idea and looks worth investigating.

    For those who don't know, companies in the Financial Sector are now being required to same all e-mail, and IM communications for employees responsible for Financial decisions. In other words the Mutual Fund manager has all her communications recorded, but the lad cleaning the bog (loo/toilet/john ...) does not.

    I believe that this data has to be saved for seven years (or five or something). From what I've heard it's a tremendous amount of data. Where I work there are thousands of employees whose e-mail & IM have to be saved. We talking many terabytes of data here and it's a real nightmare. Thankfully I'm not involved in that!

    It will interesting to hear which solution you use, how easy it is to set up and run, and how the users like.

    Afraid I have to post Anon, part of working for big Fin companies is not talking about what their infrastructure, or at least not telling which company's infrastructure one's referring to! Luck!

  • Jabber (Score:2, Insightful)

    by Reality_X ( 23422 )
    You don't need to compile, secure and test the thing.

    Just install an RPM and run a client.
    It'll take you all of 10 minutes.
    • Jabber is great.

      Only problem is, the free Jabber has a number of bugs, and isn't really built for an enterprise deployment. It lacks support for integration into existing directories and authentication structures, an easy mechanism for pre-populating buddy lists, and many other "corporate" features and services.

      As it happens, most missing features are available in the commercial jabber.com [jabber.com] release, which costs big big bucks.. thousands to tens of thousands for licensing, plus annual fees of around ten b [unixreview.com]

      • I beg to differ.
        Given the context of the original question, being the "Enterprise", I would argue that "thousands to tens of thousands for licensing" is actually fairly cheap. This isn't big big bucks by enterprise standards at all. It's chicken feed.
        For a third party company to provide a supported solution which keeps you in compliance, I'd bet Enterprise companies would pay far more.
      • Do realize there is more than a single commerical vendor for Jabber? For instance Jive Messenger [jivesoftware.com] has an unlimited user license for $4500. Now granted you probably wouldn't want to handle 10,000+ users on a single Jive Messenger instance but there are less expensive options than Jabber Inc. However, with Jabber Inc's solution you can easily scale to hundreds of thousands of users, something that very few, if any, other IM products are capable of.
      • Just a nitpick:

        'Jabber.org' is not buggy, unless you are referring to the website having bugs. :)

        You're probably thinking of the 'jabberd' server software, but this is not a product of jabber.org, and it is not the only server software available. Saying "the free Jabber" would make about as much sense as saying "the free HTTP". Remember, Jabber is an open protocol, and anyone is free to implement it. Just as with any other standard protocol, such as email, there are many software solutions (free, comme
  • Why not setup an internal IRC server with all conversations logged and filed away? File them away as text files, and you could probably come up with some sort of web search through old conversations. If you got fancy enough with the permissions, you could even limit access to the files to only those who participated in the conversation.
    • IRC is not IM. Let's say I need to talk to Bob in Accounting. With IM, I can check if he's online, and if so, send him a message, get a reply.

      With IRC, everybody has to be logged in to the IRC room or you can't send a message. If there's a lot of people logging in/out, chatting, etc, any message you send to Bob will probably be lost if Bob is busy doing work instead of dicking around in IRC.

      • That's not true. Look at how gaim and trillian handle it - even without being in a chat room, they show up when connected. You can private chat with individuals or create a chat room.

        FYI, we use IRC at work for R&D discussion. We have our own server and run bots that can rebuild libraries during the day. It's extremely useful.
  • Jabber is the way to go, and many clients now support pgp/gpg integration.
  • We will be implementing Jabber at the lab I work at. Here is why. Its cheaper than anything else and its secure with ssl. A linux box running the server and you are good to go. Our test box was an old p2 box and it worked fine.
  • The guys you mentioned, Deviant [devianttechnologies.com], were at LinuxWorld in SF. They're running Jabber in a Shuttle case, with a bunch of extra logging and retention tricks. So you'd get the open standards and full support at the same time, for what I thought was a great price.

    That said, it was too expensive for my client, who is now using a basic Jabber setup...

  • SILC: Secure open source chat, GPL licensed. (Score:3, Informative)

    by Nonesuch ( 90847 ) on Friday January 16, 2004 @02:41AM (#7995687) Homepage Journal
    Secure Internet Live Conferencing [silcnet.org].

    It's like IRC, but with public key encryption built in from the ground up. And All SILC software is Open Source [silcnet.org] (GPL).

    So far, the only complaint I've received is the lack of a good MS-Windows client.

    The X and text clients for Unix are usable, and there's even an Irssi module. but the Windows clients lack the polished user interface that people have come to expect from their Microsoft-centric chat services.

    BTW, SILC Client 1.0.1 was released this week.

    • "Windows clients lack the polished user interface"? That is the understatement of the year. No wonder in the silc website i didn't see obvious screenshots. It is a text console application, even in Windows. I installed the client and was amazed. Do tell me, this thread is about enterprise IM, what do you think it would be the look on 99% of users faces when you showed them this client?

      Mate, i am all for text if it is faster and/or does the work better. I deploy Linux servers everywhere so i know the value

      • Actually, there are a couple of GUI clients for windows -- the one that comes in the standard package is just there as a example implementation to show what can be done with the library.

        The other SILC clients available for MS-Windows are GUI win32 binarie with a point-n-click interface with graphical icons. In some ways this is worse, since the icon imagery in some clients doesn't seem to have any relationship to what the buttons actually do!

        But users in a corporation have graphical interfaces, they u

  • Jabber Appliance (Score:2, Interesting)

    by mpr ( 446204 )
    ApplianSys [appliansys.com] in the UK do a Jabber server appliance - The IMbox200 [appliansys.com].

    This kind of thing has to be a good option for people not confident at rolling their own, or for the enterprise that wants a solution that's easily supportable.

    Just being able to plug a black-box into your network and have it authenticate with existing systems has got to be a bonus.

  • Parlano (Score:1, Interesting)

    by Anonymous Coward
    UBS Warburg span off their internal chat program into a company called Parlano [parlano.com]. It's designed for the enterprise and so has logging etc built in. You may want to have a look.

  • RM (Score:3, Interesting)

    by sql*kitten ( 1359 ) * on Friday January 16, 2004 @08:57AM (#7996972)
    Reuters Messaging [reuters.com]. Specifically designed for the corporate user, with encryption, logging, resilience, etc etc.
    • Reuters Messaging. Specifically designed for the corporate user, with encryption, logging, resilience, etc etc.

      From what I can tell [reuters.com], it's just a rebranded version of MSN Messenger. Same shit, different wrapping.

      • Re:RM (Score:3, Informative)

        by sql*kitten ( 1359 ) *
        it's just a rebranded version of MSN Messenger. Same shit, different wrapping

        The "standalone client" uses the MSN interface with a custom backend to handle the crypto, logging, etc. The real RM is a pane in a trading workstation.
  • As some have mentioned, Sametime is an enterprise IM client specifically designed for corporations. Among some of the nice features it supports are encrypted messages (as in all messages are encrypted by default) and typing notification (it's had this long before it became popular in AIM clients).

    I'm not sure what kind of clients are available publicly but all of IBM uses it quite effectively.
  • Plethora Technologies [wwwplethoratech.com] develops and licenses Plethora Perspective, an enterprise, Java-based, Linux-server, Windows-client IM/remote access product that has single-ended FIPS-compliant RSA encryption (that is, transmissions are encrypted, and no keying information is stored on the client). The client needs only Java Web Start + a download of the Plethora Java applet. I don't know how much it costs. It would appear to be good for HIPAA or other uses requiring security and privacy.
  • Osterman Research [ostermanresearch.com] has published several studies on this topic. One of their studies [ostermanresearch.com] from September 2002 indicates that "Among organizations that have adopted a corporate standard, 61% have adopted Lotus Sametime; among these organizations with more than 1,000 email users, 73% have adopted Lotus Sametime." More recent surveys have been conducted, but I haven't seen those results.
  • Just use a standard network such as AIM, and use a client that encrypts.. There are several open source ones that do.

    Then forbid anyone to contact people on the 'outside'. Perhaps even force 'contact lists' to be read-only to the users, and audited.

    That should be enough to satisfy the feds.
  • I've been working on an open source solution to just such types of problems. Written in java, it will (eventually) support IRC, AIM, YIM and MSN protocols as well as it's own protocol. While it can be used as a plain ol' client, I want to add support for heavy duty encryption. Although right now it's just a pretty crappy IRC client, the direction I am trying to take it is to allow deployment in secure environments.
    I've only been working on this for a couple of months now, so it's barely usable right now,
  • Check out http://www.versona.com. They have a new product called Versona Instant Messaging. They just had a review posted on www.instantmessagingplanet.com. It looks really cool and it interoperates with AIM, MSN, Yahoo and Sametime with some really impressive features. Might be worth checking out.

Slashdot Top Deals

"Protozoa are small, and bacteria are small, but viruses are smaller than the both put together."

Close