{"id":3910,"date":"2005-11-10T12:24:13","date_gmt":"2005-11-10T12:24:13","guid":{"rendered":"http:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/e-commerce\/ban-skype.html"},"modified":"2005-11-10T12:24:13","modified_gmt":"2005-11-10T12:24:13","slug":"ban-skype","status":"publish","type":"post","link":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/voip\/ban-skype.html","title":{"rendered":"Ban Skype"},"content":{"rendered":"<div><span style=\"FONT-SIZE: 10pt; FONT-FAMILY: \"><font color=\"#000000\">Info-Tech Research says you should ban corporate Skype usage ASAP. Should you? Well they cite a few reasons you should such as:<\/font><\/span><\/div>\n<ul>\n<li><span style=\"FONT-SIZE: 10pt; FONT-FAMILY: \"><font color=\"#000000\">Skype is not standards-compliant, allowing it and any vulnerability to pass through corporate firewalls.<\/font><\/span><\/li>\n<li><span style=\"FONT-SIZE: 10pt; FONT-FAMILY: \"><font color=\"#000000\">Skype&#8217;s encryption is closed source and prone to man-in-the-middle attacks. There are also some unanswered questions about how well the keys are managed.<\/font><\/span><\/li>\n<li><span style=\"FONT-SIZE: 10pt; FONT-FAMILY: \"><font color=\"#000000\">Enterprises using Skype risk a communication barrier with countries and institutions that have already banned the service.<\/font><\/span><\/li>\n<li><span style=\"FONT-SIZE: 10pt; FONT-FAMILY: \"><font color=\"#000000\">Skype is undetectable, untraceable, and unauditable, putting organizations that are subject to compliance laws at risk. <\/font><\/span><\/li>\n<li><span style=\"FONT-SIZE: 10pt; FONT-FAMILY: \"><\/span><span style=\"FONT-SIZE: 10pt; FONT-FAMILY: \"><font color=\"#000000\">The question of whether VoIP calls constitute a business record is a legal quagmire. Throwing Skype into the communications mix further clouds the issue.<\/font><\/span><\/li>\n<\/ul>\n<div><span style=\"FONT-SIZE: 10pt; FONT-FAMILY: \"><\/span><\/div>\n<div><span style=\"FONT-SIZE: 10pt; FONT-FAMILY: \"><span style=\"COLOR: navy\"><font color=\"#000000\">If that doesn&#8217;t scare you, consider this:<\/p>\n<p><\/font><\/span><font color=\"#000000\">&quot;Approximately 17 million registered Skype users are using the service for business purposes,&quot; says Armstrong. &quot;Unless an organization specifies instances where Skype use is acceptable, and outlines rules for client-side Skype settings, that&#8217;s 17 million opportunities for a hacker to invade a corporate network.&quot; <br \/><\/font><span style=\"COLOR: navy\"><font color=\"#000000\"><br \/>I have heard many of these security concerns before so this report is timely. Any time you have encrypted p2p communications you risk spreading who knows what between peers. Is it a matter of time before there is some massive virus or work outbreak? Possibly. Imagine a phone-based denial of service attack for example where American Airlines is shut down. In other words instead of having many computers sending traffic to a site, Skype clients could all SkypeOut to American Airlines at once.<\/p>\n<p>This is a feasible scenario that is not limited to Skype but something we need to be prepared for.<\/p>\n<p>For more check out comments from <\/font><a href=\"http:\/\/blog.tmcnet.com\/blog\/tom-keating\/skype\/firm-urges-banning-skype-in-the-enterprise.asp\"><font color=\"#000000\">Tom Keating<\/font><\/a><font color=\"#000000\">.<\/font><\/span><\/span><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Info-Tech Research says you should ban corporate Skype usage ASAP. Should you? Well they cite a few reasons you should such as: Skype is not standards-compliant, allowing it and any vulnerability to pass through corporate firewalls. Skype&#8217;s encryption is closed source and prone to man-in-the-middle attacks. There are also some unanswered questions about how well<\/p>\n","protected":false},"author":44,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[191],"tags":[275,276,277,278,279,226,233,273,17,238,274],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/3910"}],"collection":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/comments?post=3910"}],"version-history":[{"count":0,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/3910\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/media?parent=3910"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/categories?post=3910"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/tags?post=3910"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}