Slashdot Mirror
Does Your Employer Ban Skype?
neutralino asks: "This morning, we received an company-wide email stating that the Max Planck Society (a German government funded research organization) has outlawed the use of P2P software at all of its institutes (including ours). The statement specifically singled out the use of Skype for internet telephony. The reasons given for this were that 'the exchanged data cannot be controlled' (therefore it might be illegal) and that 'Max-Planck or research resources in general might be abused, if "only" for commercial purposes.' This caught us by surprise, since many of us use VoIP to communicate with friends and family and collaborators, in our respective home countries. Is it now standard practice for companies, government organizations, and universities to outlaw Skype? Should it be?"
I'm not going to tell you what company I work for but it is easily in the top 50 of the Fortune 500. And, yes, Skype is banned--my employer would never let anyone use Skype.
On top of that, I don't have administrative rights to install anything on my computer. I have to go through a large control process to achieve that which requires me to explain what the software will be used for (and it better be a company resource). Therefore, it's almost out of the question to ask for it to be installed.
My company (and I have the feeling that many others are like this, too) would far rather throw truck loads of money at AT&T rather than risk something going wrong with the P2P aspects of Skype.
Furthermore, any kind of free software scares my employer. Big time. I know Skype isn't necessarily free so this is about other software I may want to use. They have this fear that they would be a large target if whoever wrote said software decided to take legal action upon discovering that employees of company X all used it to complete their daily jobs.
Not even stadiums full of lawyers claiming that, due to some software licenses, there's nothing to worry about could convince them otherwise.
My work here is dung.
From their point of view it is simple.
You want to talk to friends or family do it on your time.
If it is work related use their phone system.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
My employer (which is pretty small, but spread out) currently embraces skype for free voice communications between our many offices and telecommuniting employees. My employer also embraces most OSS software not only for the fact that it is more cost effective in most situations, but our inhouse programers can tweak the crap out of it.
Can all fish swim?
My employer bans Skype (yes, also singled out by name in the company-wide memo), and the explanation we got is (and, I'm paraphrasing here) "it takes a lot of bandwidth to support all that streaming, and you've already got a phone."
Kinda makes sense from that point of view.
Any sensible admin would do that.
Skype eats network traffic, and when you multiply a Skype call by several hundred that's a lot of resources being consumed. Not to mention the impact on productivity and the security risk that is presented by unverified software.
Also, any corporate lawyer will tell you that no company wants to risk legal problems caused by employee misconduct. They certainly don't want to get blindsided because of a Skype call that they have no way of monitoring, tracking, or keeping record of.
120 characters for a sig? That's bloody useless.
then it would be the perfect spyware.
The perfect spyware would punch through firewalls. Skype does just that for its legitimate purposes.
The perfect spyware would encrypt its outgoing communication. Skype does also.
The perfect spyware would be a program with plausible-sounding reasons to connect to unknown computers without notice. Skype has to do just that to take advantage of its supernode system.
The perfect spyware would be hard to reverse engineer. Skype refuses to run under SoftICE (apparently to inhibit development of competing clients).
In our own real world, Skype's been minding its own business. Nobody's lost a machine due to having Skype on it (at least not since the callto: buffer overflow). Nobody's reported suspicious activity in filemon while Skype was running. By normal standards it's trustworthy. But to a business which lives by "you can EXpect what you INspect" Skype is a terrifying unknown.
Last year, we started recommending that employees use Skype for most routine meetings (most sensitive meetings are still recommended to use phone lines since people questioned Skype's author's previous company's business model).
Why skype? It was the best cross-platform (Mac & Windows & Linux) voice conference system we could find.
it doesn't disappear.
;-)
Just sort of like your sleezy cousin Vinny, it waits outside for you to get off work
People in cars cause accidents....accidents in cars cause people
My employer already has a contract for telephone services. My employer can control and audit use - if they need or want to. If confidential information is divulged / threats promulgated/ illegal activity conducted through the existing telephone system, there are clear employment practices and laws to deal with that. Skype is not easily audited. Skype use -may- define the bandwidth provider (the employer) as the telephone service provider; leaving them open for subpeonas and other unwanted attention. Skype users might configure workstations to act as relays, giving away company resources. Right or wrong, they'd rather use POTS.
My employer bans it, and one of the reasons is that *any* type of VoIP system is banned in some of the countries we do business in (UAE being one of them). If the ISP in the region (effectively a state monopoly) found evidence of VoIP on their links, then they'd cut the links, simple as that. Interestingly, we examined the ToS of the link in UAE & we believe it's actually a criminal offence to use VoIP services on the connection we have.
I'm a huge fan of privacy, but where on earth do people get the idea they have free reign to privately use company resources? Some companies are cool about this sort of thing but there is certainly no "right" to make private, personal use of company network and phone systems.
Finkployd
Yes, Skype is blocked where I work. Ostensibly, this is primarily because it opens a hole in the firewall, thus making it a security threat.
It might also have something to do with the fact that we're a phone company.
So someone spending all day chatting with friends about things is in clear violation of this policy, but someone checking in on a sick mother or to arrange something that requires then to call some place "during office hours", is ok.
I work in the IT department of a local authority. We don't 'ban' Skype as such, but it is blocked at the firewall just like any other non-essential traffic. Out of several thousand users we have had two or three requests to use Skype, which we've complied with. If we had hundreds of requests we'd have to review the situation, since we obviously have limited bandwidth just like everyone else.
MacBook Pro. Worst name since the Bicycle
I work for a small software company that is widely distributed; we have developers in 3 different countries and 5 different time zones. We use Skype almost exclusively for all of our voice communication as well as for casual IM'ing. Every employee is required to install Skype and create and publish a Skype ID. I can't even imagine how much time and money we save this way.
I read Usenet for the articles.
That has always been my policy as well. If I am expected to work at home beyond normal hours (and when I was a systems programmer for a critical mainframe, boy was that ever the case) then I expect to be able to do personal things at work. I've always been lucky to work in positions where that is accepted (and often encouraged, some people understand that hitting ebay or slashdot occationally helps keep people from burning out).
That said though, even though I happened to know they were not monitoring everyone's computer and phone habits, I still never had any expectation of a "right" to privacy.
Finkployd
Since we have an internet setup with unlimited bandwidth, there's no cost overhead for using Skype. And not to pimp Skype or anything, but we've saved a couple of grand a month on phone bills :-)
(We have offices in three countries, so we make a LOT of overseas calls just within the company.)
I wish my employer would use something else. Something standard like SIP/RTP over IPSec. Skype is not open source, and uses a proprietary protocol, with a non-inspectable encryption implementation.
Skype is gratis, not libre.
If you read the EULA, you are agreeing to allow Skype access to your bandwidth should your machine become a supernode. Well, employees don't own the business's bandwidth and so are generally not in a position to accept those terms. In our case, they are absolutely not in a position to accept those terms.
Since our users cannot agree to the EULA, our organization has banned Skype. While I dislike the traffic, the deciding issue for administration was that the license was totally inappropriate.
I work for a major US cell phone carrier, and we have the exact same problems. Pretty much all non-HTTP, FTP, or SSH traffic outside of the LAN is blocked. We don't have administrator rights to our laptops, and there is a huge bureaucratic lag on getting things installed that requires a lot of justification. Getting log-ins on machines we need access to do our jobs can take two weeks to get approval. Personally, I'm of the opinion after butting heads a few times that the job of our IT department is to prevent work from getting done.
(Our excuse du jour is "SOX compliance." What's yours?)
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
Firewalls that are "deny by default" are standard at most large corporations. I know it's been the default at every large corporation I work at.
No need to explicitly ban Skype, even without corporate policies, Skype wouldn't be able to get through many firewalls. It's designed to do NAT traversal, not punch through firewalls that block everything and only allow through whatever the proxy machine lets through. (Plus even if Skype could fake the proxy into thinking it was one of the allowed protocols, the latency through the proxy would make Skype practically unusable.)
retrorocket.o not found, launch anyway?
Over here, in the small software company I work for - we specifically use skype for all intra company communication. We have a number of offsite works and this helps alot.
snowulf.com
I also work for a Fortune 500 firm, in the security department. I don't have any particular problem with Skype as a product, but we opted to advise our userbase against it.
The lack of control is the #1 reason, since we can't ensure confidentiality (not that the probability of eavesdropping is worth discussing, but risk management demands a level of due diligence here,) and bandwidth was another concern, not because of the supernode issue, our network would wreck that, but rather because we have enough crap to deal with and didn't need another "free product" to muck up our works with issues of code validation, accountability, confidentiality and service availability.
I don't like the way things have gone, but at least in Corporate America, I don't have enough peers to cover all the bases and management above me is expecting risks to be minimized, and even that is a huge challenge with just the stuff we paid for.
Hey, at least you have IM!
At Oxford University P2P is strictly banned from University servers. Ostensibly the rationale for this is that it prevents outside users from using resources paid for by Oxford. They expressly stipulate that Skype is among the banned applications. I find this bizarre because while I would vastly prefer to use Skype - I can also use google talk or msn. Using msn for voice chats however uses more bandwidth, so instead of distributing the load, they prefer more bandwidth to be used on a matter of principle.