Enterprise IM?

Jsf72672 asks: "With the recently-passed Sarbanes-Oxley legislation, and the looming HIPAA compliance requirements a constant thorn in the side of IT staff, Enterprise Instant Messaging seems to be overlooked. Most users are using AIM or MSN. Microsoft and Yahoo! both have products tailored to the Enterprise, but no one wants to rely their technology to keep them out of jail, or from paying huge fines. Jabber looks attractive but our already overtaxed IT staff does not have the time to compile, secure and test homegrown solutions. What are Slashdot-reading IT Managers doing? I found these guys and their InterIM line of products, and they look pretty good. Is anyone using them? Are there other low-cost solutions you have employed?"

Take a better look at Jabber

[jeremie]

It's not just open source, the XMPP protocol is approaching RFC status, and there is a whole suite of commercial products utilizing it.

Just take a gander at the Sponsors box on jabber.org for starters. You'll find products that drop into almost any environment, are based on open technologies, and can be complimented by many hundreds of open source apps... what could be better?

Closed IM systems are a thing of the past, if we want them to be.

Re:Take a better look at Jabber

[dasunt]

I'm trying to figure this out myself.

The questioner doesn't have time to check out Jabber (a ``homegrown'' solution in his words) but seems to be willing to use a commercial product with presumably little or no testing.

WTF?

Perhaps I've been reading too many issues of Cryptogram, but it seems that its a crapshoot when a company advocates 'security'. For every product like PGP security, there seems to be a horde of products that are on par with ROT13 or XOR encryption.

Guess what - you need to test and analyze that commercial solution as well. What sort of encryption does it use? Where does it store logs? Are the logs encrypted? What happens if there is no global server? What happens when the network is faulty?

**Grumble** **Grumble**

Look at Jabber, its a good protocol. It does support SSL-connections. Some of the clients support encrypted logs. Its cross platform. Its extendable. It supports local servers. What more do you need?

If your company is going to be depending on an IM system, you better know how it works, how it scales, and what to do when it goes wrong.

Re:Take a better look at Jabber

[Earlybird]

I second the Jabber recommendation. "Homegrown" is a strange term to use for this technology, as there are many implementations, including mature, commercial products.

My only problem with Jabber is the lack of a good MacOS X client. The only mature client, Psi -- which I use on Windows -- is a Qt app hastily ported to MacOS, and so it neither looks nor behaves like a native app. Not a big problem for me, personally, but my colleagues refuse to go near it.

Re:What is HIPAA?

[the+Man+in+Black]

New legislation to get healthcare providers to secure patient records. BIg pain in the patoot, speaking as someone who had to sit through several long ass meetings about it earlier this week.

Bottom line is, there should be no way for patient data to "escape" from the networks of a healthcare provider. THis includes machines with no removable storage (yes, I'm serious), no phone conversations about the data in common areas, etc. etc. etc. A lot of it is commonsense security, some of it is "WTF?", and all of it is a pain to retrofit into preexisting systems. Believe me.

e-Week Speical Report on Enterprise IM

[leoaugust]

Here is a Special Report from eWeek on Enterprise IM and it has some good reviews and articles including

Corporate IM Solutions

Instant Messaging in the Enterprise