John Pescatore

A member of the Gartner Blog Network

John Pescatore header image 2
Guest Blogger: John Girard on Simple Steps to Avoid Common WLAN Hot Spot Security Pitfalls Twelve Word Tuesday: Does Encryption Solve Cloud-based Security Issues?

Guest Blogger: Lawrence Orans With an Update On Managing Risks of Skype Use

July 6th, 2009 · No Comments

Lawrence Orans is our lead on Internet telephony security issues, and he kicks off the week with a guest post with an update on enterprise Skype security issues:

I’ve just returned from Gartner’s 15th Annual Information Security Summit in Washington, D.C.  One of my favorite things about any Gartner conference is sitting down face-to-face with attendees and discussing their security issues.  This conference was no exception, and my calendar was jammed all three days with back-to-back 30 minute discussions.  After the conference, John Pescatore and I were comparing notes, and we discovered that we both had a substantial number of discussions with attendees about the risks of using Skype. Most of these discussions were enterprises that were moving towards, or being forced to moved towards a “contain” or “embrace” strategy rather than the “block” or “ignore” strategy they had been taking.

Since the issue of Skype security remains so popular, John and I thought it would be good to highlight here a Gartner Research Note on the topic that we published back in 2007 (Geoff Johnson also co-authored the note).  The note addresses the risks associated with allowing Skype in the enterprise, and it analyzes solutions for mitigating those risks.  For those of you that are Gartner clients, you can read the note here.

In a blog posting earlier this year I commented on how the recession is causing enterprises to consider Skype as an approach to cutting communications costs (mostly companies with high international cell phone roaming bills).  The recession remains a driver for Skype adoption, but the popularity of Skype, and its ability to meet the personal and professional communications needs of road warriors, is also fueling pressure to allow Skype in the enterprise.

There are definitely some cost of ownership issues in keeping Skype use secure enough for business use. As I pointed out in the earlier posting, enterprises can take steps to mitigate Skype’s security risks to the point where Skype becomes an acceptable risk for many enterprises.  But, the process of mitigating these risks involves operational and support costs, so Skype should not be considered “free”.  However, for some the added costs of making Skype use “safe-enough” for business use may be less than the savings – security can be the enabler for reducing telecomm costs.

Lawrence Orans

Pescatore comment: there has been talk about Skype spinning out separately from eBay, which would likely mean Skype will increase targeting enterprises for revenue. While Skype has made progress on elevating security as a key feature, they have a long way to go. Lawrence and I will be looking into Skype’s progress in a future Gartner research note.

Share:
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • LinkedIn
  • MySpace
  • NewsVine
  • Slashdot
  • StumbleUpon
  • Technorati

Tags: Uncategorized

0 responses so far ↓

  • There are no comments yet...Kick things off by filling out the form below.

Leave a Comment