« April Fools Day jumps the shark | Main | Generous to a fault »
Is Skype safe?
April 04, 2006
Bruno Giussani continues his examination of the vulnerabilities that Skype may introduce into corporate networks (previously discussed here). He links to an in-depth technical dissection of Skype by researchers at the European Aeronautic Defense and Space organization (EADS), which will be of interest to network administrators.
UPDATE: I missed this Wall Street Journal article from last week, which takes a broader look at corporate concerns about employees' use of free web services like Skype:
Some companies worry the new services will overwhelm their networks with unwanted traffic. Others are primarily concerned about security or their ability to track workplace communications, especially in industries like financial services, where regular monitoring is required by regulators. Instant messages from the outside, for example, often aren't logged and archived the way email is, creating a potential backdoor for illicit communications or breaches of client privacy.
Skype claims the fears are overblown. Says executive Michael Jackson: "Many organizations were initially scared of the Internet and email. Now there's hardly a workplace on the planet that doesn't have an Internet connection." That's a good general observation, though the fact that past fears dissipated says little about whether current fears are warranted.
Comments
French research ministry has solved the problem since almost 1 year : Skype is purely and simply prohibited in french public labs...
When the solution is as simple as this, why should we complicate ? :)
Posted by: Will at April 4, 2006 10:47 AM
The security threats posed by Skype and other free services can be mitigated. The real question is the services' impact on productivity, that of the employees using the services, as well as those in charge of keeping networks secure. Companies must be made fully aware of the costs on both sides of the house. Are they? I doubt it---corporate types still tend to view IT as something that happens in the basement. If they scrutinized the impact on the bottom line, they would ban all non-business uses of their IT.
Posted by: Marian at April 4, 2006 12:58 PM
Actually the risks of Skype can not be mitigated if you work in a regulated industry. There exists no means to archive Skype calls, IMs or file transfers. For once, I find myself agreeing with a French government agency...
Posted by: Chris_B at April 5, 2006 04:19 AM
"organisation" might be somewhat misleading for EADS. It is in fact a publicly traded company, which is best known for its wholly owned Airbus division.
http://www.eads.com
Posted by: Francois at April 5, 2006 08:22 AM
Post a comment
Thanks for signing in, . Now you can comment. (sign out)
(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)
Now in paperback:
Pulitzer Prize Finalist
"Riveting" -San Francisco Chronicle
"Rewarding" -Financial Times
"Revelatory" -Booklist
The Cloud, demystified:
"Future Shock for the web-apps era" -Fast Company
"Ominously prescient" -Kirkus Reviews
"Riveting stuff" -New York Post
Greatest hits
Avatars consume as much electricity as Brazilians
The love song of J. Alfred Prufrock's avatar
Flight of the wingless coffin fly
Other writing
The end of corporate computing
Nick's first book:
Order from Amazon
Visit book site