NEWS
Though Skype has proved quite popular - with more than 50 million registered users - scepticism persists over whether the voice over IP application is safe for businesses.
Now one analyst firm is calling for enterprises to ban Skype - or at least take steps to ensure it's secured.
Skype has several shortcomings in the enterprise setting, according to Canadian analyst firm Info-Tech Research Group, which has published a research note titled Five Reasons to Ban Skype.
These reasons include Skype's ability to bypass corporate firewalls; basic technical vulnerabilities which leave it open to hacker attacks despite encrypting communications; and the burden of tracking and storing all user communications with the software.
However, Ross Armstrong, senior research analyst at Info-Tech Research and author of the note, said what's most important is to raise awareness around the Skype security issue.
He told silicon.com: "The real message is not to ban Skype flat-out but if you are going to consider its use, then rein it in or lock it down, the same as you would with IM."
Armstrong likened the VoIP app's rise in businesses to instant messaging. "IM snuck in through the back door... and wasn't managed centrally by IT," he said. "Any rogue item like that always presents vulnerabilities [in an enterprise] whether or not the technology itself has vulnerabilities."
Skype's security holes may not threaten businesses more than those in IM or email, Armstrong explained, "but because Skype is new, the vulnerabilities might not be as well known".
Now that eBay has bought Skype, the analyst expects the company will offer more VoIP products for the enteprise, so the need for heightened awareness of Skype security is even more vital than before the acquisition.
If IT managers want to allow Skype in the workplace, they should develop and enforce policies on acceptable usage such as refusing file transfers - and warn against using it for sensitive communications, according to the research note.
Countries such as China and the United Arab Emirates are also cracking down on Skype. A Chinese telecoms operator, for instance, is said to be trialling a product from US-based Verso Technologies that will stop all customers within the country from using Skype and other peer-to-peer communications.
Comments
There are 14 comments. Join the discussion
1. Phil Karn
Is this for real? Or are people saying outrageous things just to grab attention, and Skype makes a good target just because it's new and unfamiliar to most managers?
If there's a piece of software that companies ought to consider banning because of unacceptable security risks, it's Windows -- not Skype.
2. anonymous
Ban skype? Are you sure its a Canadian company - sounds more British.
Why don't we get to the essence of all the woes of networks and security, the ex-window cleaners and car clampers who now call themselves IT Managers and spout microsoft about security.
Nobody should be allowed to touch a PC until they have worked as accounts clerks.
Then they would know that PC's are for work not showing off their limited knowledge.
As for banning Skype - less said the better.
3. anonymous
i think one of the reason is that skype encrypts communication which makes impossible to trace what goes in and out ...
4. anonymous
Surely such skype-killing technology could be considered to be an instrument enabling regimes to continue to oppress their populations.
Fortunately, history appears to show that governments and businesses desire to obtain total control of the internet is a folorn hope.
However, it is shocking that we should assist oppresive regimes in this manner.
5. Ted
As with Kazaa, just make sure your IT monkeys haven't got a rogue supernode plugged in to the main switch...
6. anonymous
Neither the protocol nor the source code are available for scrutiny. Therefore it is at least theoretically possible that it could prevent severe privacy and or security concerns. This was already addressed in the context of e-mail by the EU, but the same principles apply to other forms of communication over TCP/IP.
Sorry its a long link and a long document. Items 29 - 33 are relevant here:
http://www3.europarl.eu.int/omk/omnsapir.so/pv2?PRG=DOCPV&APP=PV2&LANGUE=EN&SDOCTA=21&TXTLST=1&POS=1&Type_Doc=RESOL&TPV=DEF&DATE=050901&PrgPrev=TYPEF@A5|PRG@QUERY|APP@PV2|FILE@BIBLIO01|NUMERO@264|YEAR@01|PLAGE@1&TYPEF=A5&NUMB=1&DATEF=010905
7. James Bourne
Skype can traverse firewalls but only if you allow non HTTP outgoing traffic on ports 80 or 443 - something any decent security policy should not allow !
8. anonymous
Businesses should also take care to read the licence agreement before they accept it. Skype was developed by the same developers as Kazaa and makes use of similar architecture - you may find that one of your machines is designated a supernode by Skype (you have no control over this) and your network and computing resources are used to provide other users with Skype directory information. At the very least monitor network usage ... but you do that anyway don't you?
9. anonymous
Skype is OBVIOUSLY a threat to some but not to the masses.
I'd say that MS was behind this or some large Telecomms company.
China, well just look at their Human rights record.
Your privacy is secure with Skype :)
10. anonymous
I understand a company called Bitek International Inc has a device that can stop Skype and any other protocol. Aparently they have been selling carrier solutions for 30 years and are releasing the product to the commercial market on the 15th November. Current website shows nothing of the new devices that I think will shock the world of telecoms & data. I understand from an inside source they will publish details on the 15th November on www.bitek.com. Hope this helps
11. Eugene Leung
Someday in the distant future, people will look back at these efforts by countries like China and UAE to prevent free flow of information with the same sort of bewilderment and disgust that we now laugh with at the notion that the earth is the centre of the universe. That day couldn't come soon enough though.
12. stuart osmond
Compliments to Skype for hanging in there...
New ways of communicating over the net will come & go, thats for sure!
The market will ultimately decide whether it should be banned or not!
This Smacks of big brother...
New Net comms & video-streaming technologies are the way forward, bringing greater opportunities to everyone, connected to the net!
We think so @ www.helloworld.com/video24online
13. Jean ANDERSEN
Let's get practical!
If you want to remotely eradicate Skype from all or part of your network, you should use an amazing freeware called SkypeKiller (http://www.skypekiller.com).
14. Pieter Schmidt
check out www.bitek.com they have called it snyper so keep your heads down