From emails to Skype/MSN/Yahoo

[Miss Swan]

Uh...guess I'm getting a little out of touch with the modern world, but I seem to be noticing a growing trend towards the use of MSN/Skype/Yahoo Messenger for communications between co-workers AND clients. Emails are still around for official discussions but IM's are increasingly being used for minor issues.

The companies I've been in so far, all encourage and accept this practice, and it's even more prevalent in Asian countries such as China, Taiwan and India (Skype is hugely popular)...I can understand why though - it's cost-effective and real-time

I guess the point I'm trying to bring up is the intriguing irony of it all. IM used to be extremely frowned upon (thought as extremely unprofessional) but starting to make its way into the corporate world

(Of course, this doesn't apply to banks or stat boards for natural reasons.)

[taxico]

don't let stat boards get in your way!

IM can be installed on most smartphones!

mundu's nice for palm.

i use fring on my symbian.

not had a blackberry in a while, but there's always good PIN messaging!

and what's the deal with "twitter"... god, i'm growing old.

[OogieBoogie]

(Of course, this doesn't apply to banks or stat boards for natural reasons.)

what do you mean?

[durain]

banks do use similar IM for internal but they are all fully logged for compliance purpose.

[OogieBoogie]

that's what i don't understand. Banks actually followed the same path you described.
Very frown upon few years ago when not totally prohibited, but now corporate tools with shared address list from the mail server.

So what's the natural difference with banks?

[Miss Swan]

Hmm I'm not too sure myself which banks allow/disallow IM but it'd be very easy to exchange clients' personal information, wouldn't you think so?

I'd think even if chats are logged, no one would be so free to sieve through the thousands of chat conversations that go through each day, just to see if sensitive information is leaked. And we're getting so smart that we can easily find ways to avoid being found out...

I'm thinking of how people disguise weblinks now... wikipedia.com becomes weekeepeedeeyah(dot)com --> saw this in another forum!
Very creative...

What happened in my previous Co was that the information was already leaked out before the management realised that and looked through the chat logs for evidence. So they fired the culprit, but what does it matter to him? He can jump over to the competitor's side...

[OogieBoogie]

ooooooh you mean bank like in "private bank"... Well i guess people working in direct contact with the customer don't need IM for the vast majority. But for other department probably use it a lot.
In the end there's no big difference between a mail and an IM. It's easy to exchange client information with an IM, as well as it's with a mail, it's easy with a cell phone, an iphone, a MMS, a SMS, paper and a pen, just with your very own memory... so many way to steal client information if you really want to.

the log are not for everyday check, but to find out who did wrong if the shit hits the fan. Then they have proof against the culprit if there's one. Don't think that you can go away freely after stealing client information if there's proof against you!! There's a big fine waiting for you, as well as losing your new job (nobody's want to be involved with a thief, very bad for you image), and maybe sometime in jail.

[Asian_Geekette]

so many way to steal client information if you really want to.

the log are not for everyday check, but to find out who did wrong if the shit hits the fan. Then they have proof against the culprit if there's one. Don't think that you can go away freely after stealing client information if there's proof against you!! There's a big fine waiting for you, as well as losing your new job (nobody's want to be involved with a thief, very bad for you image), and maybe sometime in jail.

That's why for the past decade, there has been several data security standards or regulations which have been released. Some which comes to mind: BS7799 (now called ISO/IEC 27002), Basel II, Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act of 2002, PCI DSS, etc. It's up to the company to implement good practices in protecting their infrastructure and their client information. Failure to secure the client information can lead to a lot of both financial (fines, etc) and non-financial (loss of customer trust in the brand/company name) issues for the company.

So there are times some companies which have been burned badly would suddenly decide to be very strict and not allow external email nor chat programs. Or after failing an IT security audit, they decide to be stricter than before.

[durain]

sorry... the IM used in banks are a "close system", meaning it is not connected to your MSN or AOL buddy list. they can IM outside the system only if it's been approved, again this is for compliance purpose. some of the IM banks use are mindalign, sametime or groove.