Latest Telepresence and Visual Collaboration News:
Skype Takes Heat for Security - Both Too Little and Too Much
November 20, 2012 | Telepresence Options
Skype had an on-and-off kind of week, fixing an embarrassing flaw in its password reset system and then being called too secure for many corporate networks because its encryption could allow company secrets to escape undetected. Then, it had to deal with a report that it had given out information on one of its users to a private investigator who simply asked for it.
Technewsworld, By John P. Mello Jr.,
Microsoft had to temporarily disable Skype's password reset feature last week after a Russian hacker revealed a simple way to lock users out of their accounts.
All an attacker needed to know was an email address associated with an account in order to hijack it. That address could be used to create a new account, which could then be used to reset the password and lock out the original user.
Ironically, Skype's robust security features are one reason some organizations bar it from their networks, said Tom Nichols, vice president for corporate marketing for Endace. "Skype is a risk because it's deeply encrypted and it can be used to transfer information out of an organization without anybody knowing what's going on," he told TechNewsWorld.
Skype is one of many applications running on corporate networks in defiance of company security policies, a study by Endace released last week revealed. Of the more than 100 senior network IT professionals from Fortune 500 companies, 53 percent confessed that their employees use applications that violate corporate policies, the study found.
After Skype fixed its password problem, it found itself in a bad light again when it was reported that the company had handed over the user information of a Dutch teenager and fan of WikiLeaks to a Texas cyber intelligence firm that just asked for it.
Workers Resent BYOD Logging
Workers like using their own devices to increase their productivity at the office, but they don't like the security measures that need to be imposed on those devices to keep their company's data safe.
That was the finding of a study released last week by Blue Coat, a provider of mobile device security services.
Fewer than a quarter -- 24 percent -- of the respondents were willing to have their companies log their access to corporate data through their personal device.
Even fewer wanted their bosses logging the Web content they accessed with their personal devices (19 percent) or restricting the types of sites and content they accessed (12 percent).
However, more than half the respondents were willing to have corporate-sponsored malware protection on their personal gadgets (55 percent) and comply with passcode requirements (58 percent).
"Users are knowledgeable enough now to want to have malware protection," Sasi Murthy, Blue Coat senior director of product marketing, told TechNewsWorld. "The contention shows up when we start talking about logging their personal data or personal access to the Web and also restricting personal access to things."
Malware's Future Is Mobile
As the end of the year approaches, it's customary to look forward and muse on what the next 12 months will bring. For malware researchers, those next 12 months will be mobile.
"You're going to see a continued shift into mobile vulnerability research," Brian Gorenc, manager of HP Enterprise Security's DVLabs, told TechNewsWorld. "There are conferences around the world now completely focused on mobile."
Malware will also become more of a team sport in the coming months, he added. "In the past, malware was done by one person," he observed. "Now you have things like Stuxnet and Flame with full-fledged development teams behind them."
"You're going to see stronger development efforts put behind this stuff in the future and an increase in those types of malware families," he predicted.
Add New Comment
Telepresence Options welcomes your comments! You may comment using your name and email (which will not be displayed), or you may connect with your Twitter, Facebook, Google+, or DISQUS account.
27 March 2017 27 March 2017
Alphabet Inc (NASDAQ:GOOGL) Google Talk Service To Be Shuttered In Efforts To Streamline Messaging Tools27 March 2017
27 March 2017 22 February 2017 2 February 2017
See what happens when YouTube and TPO come together at the Telepresence Options YouTube Channel.