For those of you who still have Skype, here is a notice that my corporate sent out to all 27000 employees:
Removal of Skype Software Effective Immediately
IT has been instructed to remove/disable Skype software from all computers accessing the corporate network, effective immediately.
IT, in conjunction with the Office of General Counsel, has recognized Skype software as a threat to our intellectual property protection practices and has authorized the removal of the Skype application from all corporate systems. In addition to application removal, the Office of Information Security & Risk Management (OISRM) will now be monitoring and blocking Skype-related traffic to mitigate the threat to the global computer operating environment.
How is Skype a Threat?
Skype enables users to place uncontrolled and unregulated voice calls and chats (Instant Messages) and perform file transfers via the Internet to another end user running the Skype application. Such behavior leaves enterprise organizations open to a variety of liabilities and potential virus infections as well as loss of intellectual property.
Due to Skype’s encryption, it is impossible to monitor the contents of communications via this medium. Additionally, recent Skype software exploits have increased the susceptibility of system compromise for those computers with the Skype application installed.
Preferred Alternatives
Employees should see minimal impact due to the removal of Skype software and are encouraged to use other currently approved methods or services for communications, such as:
Chat: AIM, MSN, Yahoo, ICQ
Telephony: phones, cell phones and VOIP (limited availability)
File transfer: a variety of approved internal methods (i.e. eRoom, file shares)
Encryption: OISRM approved technologies (i.e. PGP, VPN)
Regards,
Office of Information Security & Risk Management
