Gold Sponsors
Array Telepresence Logo   Human Productivity Lab Logo   Ashton Bentley Logo
Silver Sponsors
Bronze Sponsors
Telepresence Options Magazine

Latest Telepresence and Visual Collaboration News:
Full Article:

Skype Takes Heat for Security - Both Too Little and Too Much

November 20, 2012 | Telepresence Options
securityskype.jpg



Skype had an on-and-off kind of week, fixing an embarrassing flaw in its password reset system and then being called too secure for many corporate networks because its encryption could allow company secrets to escape undetected. Then, it had to deal with a report that it had given out information on one of its users to a private investigator who simply asked for it.

Technewsworld, By John P. Mello Jr.,

Microsoft had to temporarily disable Skype's password reset feature last week after a Russian hacker revealed a simple way to lock users out of their accounts.

All an attacker needed to know was an email address associated with an account in order to hijack it. That address could be used to create a new account, which could then be used to reset the password and lock out the original user.

Ironically, Skype's robust security features are one reason some organizations bar it from their networks, said Tom Nichols, vice president for corporate marketing for Endace. "Skype is a risk because it's deeply encrypted and it can be used to transfer information out of an organization without anybody knowing what's going on," he told TechNewsWorld.

Skype is one of many applications running on corporate networks in defiance of company security policies, a study by Endace released last week revealed. Of the more than 100 senior network IT professionals from Fortune 500 companies, 53 percent confessed that their employees use applications that violate corporate policies, the study found.

After Skype fixed its password problem, it found itself in a bad light again when it was reported that the company had handed over the user information of a Dutch teenager and fan of WikiLeaks to a Texas cyber intelligence firm that just asked for it.

That appears to be a violation of Skype's privacy policy, which states it will not surrender user data "unless it is obliged to do so under applicable laws or by order of the competent authorities."

Workers Resent BYOD Logging

Workers like using their own devices to increase their productivity at the office, but they don't like the security measures that need to be imposed on those devices to keep their company's data safe.

That was the finding of a study released last week by Blue Coat, a provider of mobile device security services.

Fewer than a quarter -- 24 percent -- of the respondents were willing to have their companies log their access to corporate data through their personal device.

Even fewer wanted their bosses logging the Web content they accessed with their personal devices (19 percent) or restricting the types of sites and content they accessed (12 percent).

However, more than half the respondents were willing to have corporate-sponsored malware protection on their personal gadgets (55 percent) and comply with passcode requirements (58 percent).

"Users are knowledgeable enough now to want to have malware protection," Sasi Murthy, Blue Coat senior director of product marketing, told TechNewsWorld. "The contention shows up when we start talking about logging their personal data or personal access to the Web and also restricting personal access to things."

Malware's Future Is Mobile

As the end of the year approaches, it's customary to look forward and muse on what the next 12 months will bring. For malware researchers, those next 12 months will be mobile.

"You're going to see a continued shift into mobile vulnerability research," Brian Gorenc, manager of HP Enterprise Security's DVLabs, told TechNewsWorld. "There are conferences around the world now completely focused on mobile."

Malware will also become more of a team sport in the coming months, he added. "In the past, malware was done by one person," he observed. "Now you have things like Stuxnet and Flame with full-fledged development teams behind them."

"You're going to see stronger development efforts put behind this stuff in the future and an increase in those types of malware families," he predicted.


           Continue Reading...







Add New Comment

Telepresence Options welcomes your comments! You may comment using your name and email (which will not be displayed), or you may connect with your Twitter, Facebook, Google+, or DISQUS account.