Sigaba testing secure instant messaging

Sigaba Corp. has extended a test of a secure instant messaging product to include more financial services, health care and government organizations.

The company will unveil its Sigaba Secure Instant Messaging software in April 2003 but wants to make sure the product meets its customers' real-world requirements, according to Tanya Candia, Sigaba's vice president of marketing.

The San Mateo, Calif.-based company has received significant feedback from early beta testing, enabling it to add features that take the product beyond the chat capabilities of existing enterprise IM products, Candia said.

The use of IM and collaborative software is rising and information technology managers are trying to manage employee usage of it, especially because many of the consumer-based IM software products lack security features, according to industry analysts.

"About 70 percent of enterprise users of IM are using consumer-based IM such as AOL or Yahoo," which are not secure, said Maurene Grey, a research director at Gartner Inc. "In the last four to six months enterprises have started to seriously look at [ways] to secure IM very much like [they are doing with] secure e-mail."

As a result organizations are turning to companies such as IMlogic Inc. and FaceTime Communications Inc., which have products that detect consumer IM packets traversing a company's networks. These products offer capabilities for archiving IM conversations and virus protection, she noted.

These types of products are important for government agencies and financial services that need to protect sensitive information and conform to regulatory guidelines, Grey said. Companies also are deploying enterprise IM products that come with other collaborative software such as IBM Corp.'s Lotus Sametime and WiredRed Software's e/pop, Grey said.

But being a security company gives Sigaba some advantages when it comes to secure IM.

Sigaba will be able to offer an integrated framework where secure e-mail, IM and secure statements can be centrally managed from one console, Grey said.

"We took our base of security [functionality] for secure e-mail [and extended it] to support IM," said Terry Olkin, Sigaba's chief technical officer. This means that Secure Instant Messaging sports features such as authentication, encryption, digital signature services and key server management, Olkin said.

Sigaba's Secure Instant Messaging also will work with the company's Secure E-mail and Secure Statements products to more fully address business needs, Olkin said.

For example, a bank can use Sigaba Secure Statements to send out information with monthly statements. The template contains a button for secure IM, so the customer can contact a sales representative who can explain options for such things as a line of credit or a second mortgage.

In the meantime, a transcript of the conversation is sent to the customer through Sigaba Secure E-mail. Using the Secure Reply capability of Sigaba Secure Statements, the customer can then submit a pre-populated form to apply for the credit line. This communication is secure, audited and archived, according to Sigaba officials.

So far "there has been a surprising amount of interest from the government," in Sigaba Secure Instant Messaging, Olkin said. Government agencies typically look for production level products and are not usually interested in being part of a beta test, Olkin said. But secure IM is generating interest "in some pretty high places," he added.

Sigaba is accepting companies for the extended beta test, which will begin Dec. 27.