Slashdot Mirror
Does Your Employer Ban Skype?
neutralino asks: "This morning, we received an company-wide email stating that the Max Planck Society (a German government funded research organization) has outlawed the use of P2P software at all of its institutes (including ours). The statement specifically singled out the use of Skype for internet telephony. The reasons given for this were that 'the exchanged data cannot be controlled' (therefore it might be illegal) and that 'Max-Planck or research resources in general might be abused, if "only" for commercial purposes.' This caught us by surprise, since many of us use VoIP to communicate with friends and family and collaborators, in our respective home countries. Is it now standard practice for companies, government organizations, and universities to outlaw Skype? Should it be?"
So someone spending all day chatting with friends about things is in clear violation of this policy, but someone checking in on a sick mother or to arrange something that requires then to call some place "during office hours", is ok.
That has always been my policy as well. If I am expected to work at home beyond normal hours (and when I was a systems programmer for a critical mainframe, boy was that ever the case) then I expect to be able to do personal things at work. I've always been lucky to work in positions where that is accepted (and often encouraged, some people understand that hitting ebay or slashdot occationally helps keep people from burning out).
That said though, even though I happened to know they were not monitoring everyone's computer and phone habits, I still never had any expectation of a "right" to privacy.
Finkployd
If you read the EULA, you are agreeing to allow Skype access to your bandwidth should your machine become a supernode. Well, employees don't own the business's bandwidth and so are generally not in a position to accept those terms. In our case, they are absolutely not in a position to accept those terms.
Since our users cannot agree to the EULA, our organization has banned Skype. While I dislike the traffic, the deciding issue for administration was that the license was totally inappropriate.
Over here, in the small software company I work for - we specifically use skype for all intra company communication. We have a number of offsite works and this helps alot.
snowulf.com
At Oxford University P2P is strictly banned from University servers. Ostensibly the rationale for this is that it prevents outside users from using resources paid for by Oxford. They expressly stipulate that Skype is among the banned applications. I find this bizarre because while I would vastly prefer to use Skype - I can also use google talk or msn. Using msn for voice chats however uses more bandwidth, so instead of distributing the load, they prefer more bandwidth to be used on a matter of principle.
My employer does ban Skype but goddamn it's hard to stop. The latest version tunnels over HTTPS and even autoauthenticates (with NTLM) against the proxy. It's like fricking magic. I have read the mailing list entry where somebody suggested banning all CONNECT statements to IP addresses (using a simple regexp in Squid) but that's no good for any Fortune 500 because there is so much going on that banning all IP addresses will almost certainly break an important application; our own audit found dozens of examples of legit B2B traffic using IP addresses in the CONNECT statements and we'll be buggered if we can identify them all. Also that strategy is doomed because you just know the next version of Skype will do a reverse lookup and CONNECT to the hostname.
The desktops aren't locked down well enough to stop people installing Skype and that's unlikely to change in the near future. The desktops are not even my department so it's not something I can directly influence. I have influence over the proxies, the firewalls and the routers. I'd love to know how to effectively ban Skype. Please tell me.