General, mnrx

Gartner: Skype Bugs Bad News For Enterprise

June 1, 2006

from techweb

The most recent bug in Skype is another clue to enterprises that they should steer clear of the VoIP service, research firm Gartner recently warned.Two weeks ago, Skype patched a critical vulnerability that could let an attacker send a file to another user without his or her consent, and potentially obtain access to the recipient’s computer and data.

“This vulnerability follows three in 2005 (two high-risk, one low-risk) and highlights the risk of not establishing and implementing an enterprise policy for Skype,” wrote Gartner research director Lawrence Orans in an online research note. “Because the Skype client is a free download…most businesses have no idea how many Skype clients are installed on their systems or how much Skype traffic passes over their networks.”

The problem, said Orans, is that Skype doesn’t demand that vulnerable clients be updated, and sans administrative management controls to force this, the VoIP client leaves corporate networks open to attack.

“In contrast, Microsoft immediately restricted access to its MSN Messenger instant messaging (IM) service in 2005 when it discovered a vulnerability in its IM client. Only users with an updated and nonvulnerable [sic] client were allowed to access the service, which meant Microsoft essentially performed the vulnerability management process on behalf of businesses. Skype provides no such protection,” Orans added.

Although Gartner has previously recommended that enterprises stay away from Skype, Orans repeated the advice in his note.

“The most secure option is to block Skype traffic completely,” he said. “However, if after weighing the risks, a business decides to allow Skype use, it should actively manage version control of Skype client — and its distribution to authorized users — using configuration management tools.”

designer

CCT

Are You Ready?

When you are ready to get more specific information about your project, click here and fill out our handy online form for a free web design quote.

Get My Free Quote

you need a website?
we can help

    order a project

    arrow

    Recent Posts

    In Web Design

    Responsive Website Design Services in Morehead City NC

    General, mnrx

    Domain Name Services Scam - Kind of

    Jun 1, 2006

    from techweb The most recent bug in Skype is another clue to enterprises that they should steer clear of the VoIP service, research firm Gartner recen...

    Captivating Website Design - Morehead City NC

    General, mnrx

    Web Design Basics

    Jun 1, 2006

    from techweb The most recent bug in Skype is another clue to enterprises that they should steer clear of the VoIP service, research firm Gartner recen...

    Dynamic Web Design in Morehead City NC

    General, mnrx

    Three Common Web Design Mistakes

    Jun 1, 2006

    from techweb The most recent bug in Skype is another clue to enterprises that they should steer clear of the VoIP service, research firm Gartner recen...

    arrow

    Go to our blog