Careers & Certifications

02:51 PM
Connect Directly
RSS
E-Mail
50%
50%

Analyst Firm: Enterprises Should Ban Skype Due To Security Risks

Claiming the VoIP software introduces numerous vulnerabilities, Info-Tech warns "even a mediocre hacker could take advantage of a Skype vulnerability."

The analyst firm Info-Tech Research Group has recommended that enterprises ban the use of Skype on their networks, citing security problems with the VoIP software.

Info-Tech analyst Ross Armstrong claims that "even a mediocre hacker could take advantage of a Skype vulnerability."

The firm cites these vulnerabilities and issues with Skype:

  • It claims that Skype's encryption is closed source and vulnerable to "man-in-the-middle attacks," and says it is unclear how well the encryption keys are managed.
  • It claims that because Skype is not standards-compliant, it will allow attacks through corporate firewalls.
  • It claims that Skype is "undetectable, untraceable, and unauditable," and so puts enterprises at risk with regard to compliance laws.
  • It claims that the issue of whether VoIP calls "constitute a business record is a legal quagmire," and that "throwing Skype into the communications mix further clouds the issue."

“Approximately 17 million registered Skype users are using the service for business purposes,” Armstrong said in a statement. "Unless an organization specifies instances where Skype use is acceptable, and outlines rules for client-side Skype settings, that’s 17 million opportunities for a hacker to invade a corporate network.”

Comment  | 
Print  | 
More Insights
Slideshows
Cartoon
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed