Although cost savings and improved communications are luring enterprises to Skype, the popular voice over IP service may violate security policies, industry experts have warned.
Burton Group recommended enterprises assess the risks vs. rewards of Skype as the simplest solution for evaluating its use.
In the analyst firm's report entitled "Debunking the Hype About Skype," senior Burton Group analyst Irwin Lazar pointed out that enterprise use of Skype is growing. Those contacted by the analyst cited significant reduction in long distance and mobile phone costs due to extremely low global long-distance rates, as well as Skype's ability to deliver unified communications service for both internal and external use as primary business drivers to investigate Skype.
However, evaluating whether Skype fits into an organization's overall security and information protection policy is the biggest concern for enterprises.
Burton Group warned that Skype is a proprietary application that does not publish its protocols for public review. It also stated that the service "may offer a backdoor into enterprise networks." In addition, the analyst noted that Skype's security model does not support strong authentication.
Additional potential issues with the voice over IP service were identified as the lack of ability to provide centralized management and control and the inability to log (and record) conversations with external entities.
Lazar pointed out enterprises must weigh the risk versus the reward of allowing the service to be used: "If the risk is too high – ban Skype. If the reward outweighs the risk – consider Skype as part of your overall communications strategy."
Lazar also noted that the success of Skype has led to a slew of competing services, both from traditional IM providers (AOL, Yahoo and MSN) as well as startups such as Tello and Gizmo. Lazar expects the market for integrated communications services to continue to rapidly grow.