Careers & Certifications

02:51 PM
Connect Directly

Analyst Firm: Enterprises Should Ban Skype Due To Security Risks

Claiming the VoIP software introduces numerous vulnerabilities, Info-Tech warns "even a mediocre hacker could take advantage of a Skype vulnerability."

The analyst firm Info-Tech Research Group has recommended that enterprises ban the use of Skype on their networks, citing security problems with the VoIP software.

Info-Tech analyst Ross Armstrong claims that "even a mediocre hacker could take advantage of a Skype vulnerability."

The firm cites these vulnerabilities and issues with Skype:

  • It claims that Skype's encryption is closed source and vulnerable to "man-in-the-middle attacks," and says it is unclear how well the encryption keys are managed.
  • It claims that because Skype is not standards-compliant, it will allow attacks through corporate firewalls.
  • It claims that Skype is "undetectable, untraceable, and unauditable," and so puts enterprises at risk with regard to compliance laws.
  • It claims that the issue of whether VoIP calls "constitute a business record is a legal quagmire," and that "throwing Skype into the communications mix further clouds the issue."

“Approximately 17 million registered Skype users are using the service for business purposes,” Armstrong said in a statement. "Unless an organization specifies instances where Skype use is acceptable, and outlines rules for client-side Skype settings, that’s 17 million opportunities for a hacker to invade a corporate network.”

Comment  | 
Print  | 
More Insights
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Twitter Feed