Firm urges banning Skype in the enterprise

Tom Keating : VoIP & Gadgets Blog
Tom Keating
| VoIP & Gadgets blog - Latest news in VoIP & gadgets, wireless, mobile phones, reviews, & opinions

Firm urges banning Skype in the enterprise

Well, this industry analysy firm's stance on Skype blocking will certainly irk a few Skype fans. Technology industry analyst firm Info-Tech Research Group is telling enterprises to ban Skype - the freely-available Voice over Internet Protocol (VoIP) phone service - from their organizations. "Companies that are already banning peer-to-peer applications, such as instant messaging, should add Skype to its list of unsanctioned software programs," says Info-Tech analyst Ross Armstrong.

"Approximately 17 million registered Skype users are using the service for business purposes," says Armstrong. "Unless an organization specifies instances where Skype use is acceptable, and outlines rules for client-side Skype settings, that's 17 million opportunities for a hacker to invade a corporate network."

In a research note prepared for Info-Tech Research Group members, Armstrong outlines five reasons for an enterprise to ban Skype in a corporate environment:

• Skype is not standards-compliant, allowing it and any vulnerability to pass through corporate firewalls.
• Skype's encryption is closed source and prone to man-in-the-middle attacks. There are also some unanswered questions about how well the keys are managed.
• Enterprises using Skype risk a communication barrier with countries and institutions that have already banned the service.
• Skype is undetectable, untraceable, and unauditable, putting organizations that are subject to compliance laws at risk.
• The question of whether VoIP calls constitute a business record is a legal quagmire. Throwing Skype into the communications mix further clouds the issue.

Comments Armstrong, "The bottom line is that even a mediocre hacker could take advantage of a Skype vulnerability. If you are going to use Skype within enterprise, manage it as you would any other IT service: with policy and diligence."

Related Articles to 'Firm urges banning Skype in the enterprise'


Featured Events