Re: Looking for information regarding the use of Skype in an Enterprise network
- From: rohnskii@xxxxxxxxx
- Date: 7 Jan 2009 21:18:46 -0000
Good idea to be heads up on the question.
At the high level, going to VoIP, ie Skype, means that you have to consider phone communications now just like any other computer application. You need server space for it, firewall rules, the application needs to be kept patched up to date, the server needs to be secured. And if the power goes out, don't for get that so does skype, but the POTS (Plain Old Telephone Service) dial-tone keeps on buzzing.
Another issue I've read about but don't have a link to is the possible (US) legal requirement VoIP traffic be treated like any other digital "document" and be archived for discovery, like emails and IM. I don't know if it is true or not.
The worst case situation is the Chineese "hack" of Skype. The redirected their citizens to an "upgraded" version of Skype that just happens to post conversations to a server where they gov't can read them see:
http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=privacy&articleId=9116099&taxonomyId=84&intsrc=it_blogwatch - Chinese Skype spies on users, researcher says
http://blogs.computerworld.com/skype_caught_in_chinese_pr_snafu?source=NLT_AM&nlid=1 - Skype caught in Chinese PR SNAFU
Some of these links are a couple of years old, but they discuss issues to consider:
http://www.securitywatch.co.uk/2008/01/30/german-police-skype-hack-leaked/ - German Police Skype Hack leaked
Skype: Its dangers and how to protect against them is a 2 1/2 year old article that discusses issues with Skype.
http://searchunifiedcommunications.techtarget.com/generic/0,295582,sid186_gci1201132,00.html?track=NL-443&ad=557368&asrc=EM_NNL_392582&uid=4739563 - Executive Guide: VoIP
http://searchunifiedcommunications.techtarget.com/generic/0,295582,sid186_gci1214686,00.html?track=NL-443&ad=563905&asrc=EM_MUP_574371&uid=4739563 - Fast Guide: VoIP encryption, although as I understand it, skype is already encrypted, it doesn't hurt to keep VoIP encryption in mind.
http://searchunifiedcommunications.techtarget.com/news/article/0,289142,sid186_gci1219828,00.html?track=NL-443&ad=566220&asrc=EM_USC_617835&uid=4739563 - Column: The myths and realities of VoIP security
http://www.hackingvoip.com/sec_tools.html - This site is support for the book "Hacking VoIP Exposed: VoIP Security Secrets and Solutions", this page is specifically for links to tools that can be used to hack VoIP (not specific to Skype)
http://searchunifiedcommunications.techtarget.com/news/article/0,289142,sid186_gci1235719,00.html?track=NL-443&ad=576955&asrc=EM_USC_914781&uid=4739563 - This page is a review of the book mentioned above
- Prev by Date: Re: Looking for information regarding the use of Skype in an Enterprise network
- Next by Date: Re: Looking for information regarding the use of Skype in an Enterprise network
- Previous by thread: Re: Looking for information regarding the use of Skype in an Enterprise network
- Next by thread: Re: Looking for information regarding the use of Skype in an Enterprise network