Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analyst Firm: Enterprises Should Ban Skype Due To Security Risks

The analyst firm Info-Tech Research Group has recommended that enterprises ban the use of Skype on their networks, citing security problems with the VoIP software.

Info-Tech analyst Ross Armstrong claims that "even a mediocre hacker could take advantage of a Skype vulnerability."

The firm cites these vulnerabilities and issues with Skype:

  • It claims that Skype's encryption is closed source and vulnerable to "man-in-the-middle attacks," and says it is unclear how well the encryption keys are managed.
  • It claims that because Skype is not standards-compliant, it will allow attacks through corporate firewalls.
  • It claims that Skype is "undetectable, untraceable, and unauditable," and so puts enterprises at risk with regard to compliance laws.
  • It claims that the issue of whether VoIP calls "constitute a business record is a legal quagmire," and that "throwing Skype into the communications mix further clouds the issue."

“Approximately 17 million registered Skype users are using the service for business purposes,” Armstrong said in a statement. "Unless an organization specifies instances where Skype use is acceptable, and outlines rules for client-side Skype settings, that’s 17 million opportunities for a hacker to invade a corporate network.”