There is no denying that instant messaging is saturating today’s corporate environments—most recent research estimates report that nearly 70 percent of enterprises will be using IM by next year, and the number of corporate IM users is expected to increase exponentially, from 18.4 million this year to 229.2 million in 2005.

The increasing adoption is spurring the need for a formal IM policy in most enterprises. That was true for Kintec, LLC, a Kentucky-based manufacturer of wood and light-gauge steel roof trusses and floor trusses. The 26-year-old company recently created an IM policy from which we have built a template that TechRepublic members can download and customize to their needs.

Reasons for the policy
Kintec’s IT manager, Mitch Bryant, said that the company chose to use the AOL IM application, as the internal design software tech support staff were already using it to communicate on projects. Kintec users can solve problems faster due to the quicker response time IM technology provides, said Bryant.

“We realized it could be used for either quick questions from employee to employee or something as simple as allowing our receptionist the ability to tell specific folks they had an important call while they were already on the phone,” said Bryant, adding, “We have two plant locations and an additional eight remote users, so it works well for quick questions.”

As Kintec already had an e-mail and cell phone policy in place, it had a foundation to build its IM policy. With input from the senior management team—which included policy reps from accounting, IT, design, production, and sales—IT created a basic draft and allowed each member to evaluate the final copy.

After the policy was created, Bryant’s team sent an e-mail to all employees to introduce the policy and to ask employees to sign the policy, which is now a part of the employee handbook.

Building an IM policy
Although Bryant’s IT squad had already created several user policies, in addition to the e-mail, cell phone, and purchase procedure policies, the IM policy provided some important lessons. The fact that IM is such a new, and popular, technology required some extra consideration when building the policy, Bryant said.

“Consider the impact [of] giving everyone IM ability, or just allowing IM to be given to specific units or certain levels and types of employees—as sometimes, the influx of IM messages can be overwhelming, [affecting] productivity,” he said.

Bryant recommends that enterprises considering IM for customer or client interaction may want to consider a Web-based solution rather than a consumer commercial application, as it might offer greater control of use.

“We have a very strict policy of no file transfers, no games, and no personal IM chat sessions to keep the usage down to business-related as best you can,” he said.

Some errant application use—actually, misuse—has prompted Kintec to reissue a firm reminder of policy do’s and don’ts.

“We are seeing some abuse in regards to people either using IM for contact with friends and family, or they feel the need to load more than one IM service. We have issued an additional firm warning about infractions.”

No good reason to delay
The misuse factors, as well as related security concerns, clearly supports the need for a formal IM policy. Consider the fact that messages exchanged using Yahoo, MSN, or AOL IM services are not typically scanned by enterprises for viruses or malicious programs. This means hackers can exploit this security lapse by sending attachments holding viruses, worms, and other malicious software. Any of these could then enter a corporate network undetected.

Protect your enterprise, and your users, by downloading this IM policy template today.