Sunday, November 13, 2005

Stop Skype, Research group tells its members.

to remove, stop or detect skype, read this article.

Info- Tech Research Group,Technology industry analyst firm is advising Corporations to ban Skype use. I reported about Skype network misuse, VOIP IP Telephony: Skype Seems to be hazardous to your network!.

"Companies that are already banning peer-to-peer applications, such as instant messaging, should add Skype to its list of unsanctioned software programs," says Info-Tech analyst Ross Armstrong.

"Approximately 17 million registered Skype users are using the service for business purposes," says Armstrong. "Unless an organization specifies instances where Skype use is acceptable, and outlines rules for client-side Skype settings, that's 17 million opportunities for a hacker to invade a corporate network."

In a research note prepared for Info-Tech Research Group members, Armstrong outlines five reasons for an enterprise to ban Skype:

- Skype is not standards-compliant, allowing it and any vulnerability to
pass through corporate firewalls.
- Skype's encryption is closed source and prone to man-in-the-middle
attacks. There are also some unanswered questions about how well the
keys are managed.
- Enterprises using Skype risk a communication barrier with countries
and institutions that have already banned the service.
- Skype is undetectable, untraceable, and unauditable, putting
organizations that are subject to compliance laws at risk.
- The question of whether VoIP calls constitute a business record is a
legal quagmire. Throwing Skype into the communications mix further
clouds the issue
.

Comments Armstrong, "The bottom line is that even a mediocre hacker could take advantage of a Skype vulnerability. If you are going to use Skype within enterprise, manage it as you would any other IT service: with policy and diligence."

0 comments:

Blog Widget by LinkWithin