Is Skype cost effective from a security standpoint?
The risk of Skype is an unchecked vector into the enterprise network; Itís a P2P network overlapping the physical network and all traffic is encrypted using a closed algorithm (meaning third parties are unable to even validate the strength of the encryption). Encryption means any malicious traffic on that network makes it all the way to the desktop before it is decrypted and becomes actionable. By that time the only realistic defenses are patch management, antivirus, and HIPS software if itís deployed.
[ Read more ]