True, but for this case it's more than adequate. An attacker would need to be able to tunnel through your companies network, and then what? Assuming they're that far, who cares if they can read what you talk about on IRC?
And even then, they'd further need to exploit some vulnerability in your IRC server to do it unnoticed.
