How can IM-based communication, especially in an enterprise context, be made more secure? How to exchange messages if one can neither trust the communication channels (i.e. internet; HTTP) nor the server processing the data to not reveal the data to unwanted third parties? As a concrete challenge, the most important security-related challenges should be identified, best practice solution to tackle them found, a concept for enhancing IM systems with additional security created, as well as prove the concept by doing a concrete implementation enhancing a real enterprise IM system.