With its more than 70 million active users, many people associate social networking site (SNS) Facebook with the word "phenomenon." According to the site's own statistics it is the sixth most-trafficked website in the world, offering 55,000 different regional, work and school-oriented networks. Recently Facebook set another milestone when it rolled out its own chat messaging system, making it widely available to users in the last half of April.

Prior to launching its own chat app, users could install one of many third-party Facebook applications. Unlike these and most other Facebook applications that people on the site use every day, this fast and simple instant messenger application loads as a widget when you view your own profile page, removing the need for a direct installation. The new Chat always appears in the lower right hand corner of users' screens when they log in to Facebook. Of course this means that it gets rolled out to every Facebook user rather than just those who choose to add it to their profile.

Simple, Fast, and Lacking Privacy Controls

Compared to other public instant messaging clients, Facebook Chat most resembles Google Talk, or rather the resulting integration of Google Talk into Gmail. Unlike Live Messenger and AIM, for example, there are not hundreds of smileys and emoticons to flood your chat window. Facebook Chat messages are clean text with, at present, no font style or color options. A small green dot beside a friend's name indicates that the friend is currently online, and a half moon symbol appears when the friend is idle. Users can choose to view Facebook notifications in the application, but thankfully this is an option they can turn off.

Facebook's interface is clean and unobtrusive. (Click for a larger image.)

Another feature of the application is its pop-out window. It opens a dedicated Facebook Chat window with the option to easily exit the pop out session and return the chat back to the main browser window. Users can choose to turn it off completely, or leave it as a small, closed widget box on the bottom of the browser window where it doesn't interfere with Facebook surfing in any way. So far these are the main features, and while it may not sound like much it is still a pretty new release. There is also something to be said for simplicity; Facebook Chat works really well for short instant messages and it also works lightning fast. For use within Facebook, it offers users a two-way communication tool that is a bit better than the standard inbox message or wall post.

One thing sorely missing in Facebook chat is the option for multiple privacy setting controls that we're used to having from both Facebook and third party applications. As the Facebook Chat stands right now, users cannot block anyone on their friends list, which means they cannot choose to not receive messages from someone. Most people have an acquaintance or relative they added to Facebook, but only so as to not seem rude by not accepting a friend request. With Facebook Chat, these people can message users, too.

In an all or nothing choice, the only option to avoid chatting with unwanted Facebook friends is to change ones status to offline. Of course users will also stop receiving chat messages from those they might actually want to talk to. Facebook has indicated on its chat help page that the ability to block specific people is a feature it's working on, and it is a feature many will want implemented before using Facebook chat as they would any other public IM platform.

Facebook Chat - What Are The Security Risks To Business?

A recent survey conducted by FaceTime Communications, indicated that 60 percent of IT managers are more concerned about the risks of social networking use in the enterprise than are concerned with e-mail use. Nearly a third of those surveyed are in organizations that have policies against employee access of social networking sites at work, and 20 percent said their organizations have not yet established a policy. 

Frank Cabri, Vice President of Marketing and Product Management for FaceTime Communications, says that the risks of Facebook Chat are much like any other Web-based chat application." Because the Web-based IM traffic can be disguised as permitted Web traffic, IT managers need a solution that manages IM and Web traffic with a common policy – the ability to set consistent policies across all modes of communications."

Also for consideration is that, as with other communication tools, as popularity and usage grows, so do the threats.

"Attackers target the larger networks with worms and malware more often. Just as previous IM worms spread by appearing to be from 'buddies,' threats on Facebook chat applications will use social engineering techniques to propagate," Cabri said.

E-discovery and Archiving Issues

For corporations, the Facebook IM client poses all the same logging and archival requirements as other public IM networks like G-chat, Yahoo, MSN and AOL.  Since Facebook Chat uses HTTP, it can be difficult to distinguish from other legitimate Web traffic, but Facebook can be controlled and the social networking site does not need to be fully blocked.

In response to rapidly growing concern over the use of social network sites and Web 2.0 applications in the enterprise, FaceTime's Unified Security Gateway is now designed to provide IT managers with management, security and control over 140 social networking sites, 20,000 individual Facebook widgets and more than 400 Web and real-time applications. These new features are in addition to the USG's already existing URL filtering, anti-malware and IM and P2P management capabilities.

"As we're learning from our customers, blocking social networking applications like Facebook is simply not an option any more. Companies have difficulty recruiting top-notch talent if they don't allow many of the cutting-edge applications and tools the recruits are accustomed to using."

He said that some of FaceTime's own customers have HR departments that access Facebook as a recruitment and research tool. "They originally shut down the application, but eventually were forced to open access and now needed security. These days, it's become nearly impossible to shut out all greynet applications. Another customer actually has a written contract with their own customer for the right to communicate via instant messaging. In the new world of enterprise 2.0, Facebook just can't be shut out."