In one of its regular research notes, Canadian analyst
firm Info-Tech Research Group is calling on businesses to impose an
outright ban of Skype, the undisputed leader in Voice over IP
(VoIP).
In May this year, Skype CEO and co-founder Niklas Zennström told
Computer Weekly that Skype would introduce more enterprise-oriented
services and be more relevant to enterprises. Skype has made good
on this promise and has become a hit with business users.
Of the 50 million-plus current Skype users worldwide, 17 million
use it for business purposes, according to Info-Tech Research
Group. The recent acquisition of Skype by eBay is likely to swell
these numbers even faster.
Yet Info-Tech says that Skype offers weak defences against hackers
and bypasses corporate firewalls. As Skype is 'undetectable,
untraceable and unauditable', the product will also threaten
companies' ability to satisfy compliance regulations, as well as
opening up them up to a legal quagmire notes Info-Tech.
"The bottom line is that even a mediocre hacker could take
advantage of a Skype vulnerability," says Info-Tech senior research
analyst Ross Armstrong. "If you are going to use Skype within the
enterprise, manage it as you would any other IT service: with
policy and diligence."
Another potential problem-highlighted by UK analyst Butler
Group-comes from 'super nodes', which occur when lots of Skype
users need a route onto the wider internet from behind the
firewall. This could mean that a machine and its network segment
could become deluged with Skype traffic.
To combat these problems, you and your fellow IT directors must
educate business users and set policies on acceptable usage in the
same way as was done for instant messaging.
