United States
Live worldwide spam monitor detects outbreaks as they occur. See what's swarming.
WatchGuard Technologies, Inc.
WatchGuard Technologies, Inc.
ProductsPartnersSupportAbout UsHow to BuySearchProfile
 
Products  

Security Articles

Video Tutorials

WatchGuard Feeds

WatchGuard Wire

Radio Free Security

White Papers

Case Studies

Network Security Glossary

WatchGuard Wire
Improve Your Security IQ

Skype: More than just a way to do VoIP?

I noticed this story last week about how people are taking Skype, a peer-to-peer based VoIP application, and extending it to other purposes. Skype as an application fills me with both dread and admiration. After reading the article, I think Skype is also a harbinger of significant changes in how IT professionals will implement network security.

I dread Skype because it's extremely difficult to stop in the network without touching a desktop. Touching desktops quickly gets expensive. I admire Skype because the ease with which it ghosts through firewalls and avoids being stopped is something elegant.

So what does all this have to do with how IT is done? From time immemorial (in computer years), we have imposed access controls on network resources to keep users from doing foolish or inappropriate things. Skype represents an evolution in software design which intentionally evades those controls. Moreover, its success in the business place proves that, in evolutionary terms, it is "survival oriented;" worthy of being imitated and improved on. Therefore, we can expect that the next generations of software will each surpass today's Skype at evading our controls.

How should IT professionals respond to this? We have a choice. We can become the jack-booted control freaks our users believe us to be, strictly controlling everything that connects to our nets. Or we, too, can evolve.

As tempting as it is to control everything, I think ultimately that's a doomed approach:

  • We're outnumbered
  • We're already extremely busy just trying to keep things running
  • We're already fighting a losing battle in this area while the complexity and scope of our networks continue to grow.

So, how do we evolve?

I have no glib answers. But maybe Skype itself suggests a direction. If peer-to-peer software creates a "coalition of the willing" to pass data efficiently, what would a peer-to-peer network security paradigm look like?

  • Would each peer monitor the others for bad behavior?
  • Is it possible that this might turn the entire network and those who use it into a security sensor?
  • Would it include a greater emphasis on end user knowledge, participation, and responsibility?
  • Would it be fault tolerant?
  • Could you actually end up more ‘secure' with lower overhead costs?

Skype interests me because it is both useful and hard to control. It's evolutionary. Darwin suggests that successful species evolve to meet new challenges. I think that applies in the battle for survival between Skype and IT professionals, too. We must evolve, or we'll go the way of the guys who ran mainframes.

Think I'm over-reacting to Skype? Write me back at your.opinion.matters@watchguard.com. --Steve Fallin

Copyright© 2010 WatchGuard® Technologies, Inc. You may copy and distribute this article freely in any medium as long as you copy and distribute the entire article without change and preserve this copyright statement and notice.