According to analyst firm Meta Group, more than half of people who use instant messaging (IM) tools at work use them for non-work reasons. Yup, Meta found that 57 percent of respondents used IM at work for social reasons, while 56 percent use it at home for business reasons.

Straightaway, I interrupted the conversation with my friends over IM to see whether they agreed. After much debate the conclusion was that we are all guilty of using IM for personal purposes.

But, like the phone on your desk and your work email account, IM offers an easy and quick means of communicating with the outside world. Indeed, Meta found 78 percent of respondents applauded IM because it gives a faster response than email, and 74 percent said it leads to faster problem solving.

There are arguments that staff should be given access to such means of communication, because there will be times during the working day when the outside world must be contacted, and if so they might as well do it quickly. This is fair enough, but in my experience the personal use of IM spreads like a meme. Once someone starts using it they suggest it to their friends and before you know it people are corresponding with the regularity of serial killers and "the women who love those that kill..."

This means that IM at work should be used only in a controlled way, with usage policies or properly sanctioned clients in place. Without this, the enterprise could be exposed to rogue desktop downloads, with no definitive way to manage them.

IM should be treated like any other client in the workplace, so at the very least the IT department should know it is being used. Unless IM has been rolled out company-wide, so that it is filtered, protected and properly sanctioned, it is the equivalent of allowing someone to bring a pet rat into a cheese factory and giving it a long leash.

According to Meta, just 35 percent of companies have an IM usage policy. This is bad news. Not only can messaging waste time, it also is open to viruses, trojan horses, worms and spam. But you cannot simply legislate against IM use.

With warnings being issued about online banking, increasing spam and viruses, phishing attacks and offensive material, it is time for firms to seriously consider how much and how often they give their staff the freedom to browse the internet.

Firms would be wise not to be heavy-handed, because history tells us that prohibition solves little. It's best to work with staff, working out what tools they need to use, and then to agree on a timetable that they can follow when using them.

The alternative - burying your head in the sand while your staff are sticking theirs above the trench - is a very bad idea indeed.