Skype’s Challenge
The most attractive new form of Internet telephony is also the most threatening to corporate security — for now.
It was one of those little-noticed incidents that in hindsight turned out to be a significant hint of something big to come. In February 2004, Daiwa Securities analyst James Enck wrote in the Web log EuroTelcoblog (http://eurotelcoblog.blogspot.com) that project teams at the consulting firm Accenture were bypassing their usual mode of communication — mobile phones equipped with GSM, a widely used protocol for enhanced privacy and security — during a shared job between Madrid and Pakistan. The teams had become frustrated with the erratic connections and dropped lines. Instead, according to Mr. Enck, they used Skype, a renegade Internet-based telephone service. They took this route “for obvious cost reasons,” said Mr. Enck, “but also because of the superior” voice quality.
Because Skype eliminates the middleman, calls between its users are free. |
Because Skype eliminates the middleman, calls between its users are free. The company generates revenue by selling services that allow subscribers to make calls to people who haven’t downloaded the software. A connection from a Skype-loaded device to a traditional telephone in most places generally costs about 2 cents per minute. And, according to the company (and some of its subscribers), Skype’s sound quality is better than typical telephone reception, primarily because it is not limited to the standard telephone transmission spectrum of 300 Hz to 3 kHz, a relatively narrow bandwidth.
In the peer-to-peer sector, Skype boasts an unmatched pedigree. It was launched in August 2003 by Niklas Zennström and Janus Friis, the Swedish entrepreneurs who founded Kazaa, the file-swapping, music- and video-sharing network that at one time was the most downloaded software on the Internet. Messrs. Zennström and Friis, who run Skype out of Luxembourg, claim that it costs their company about a penny to acquire a customer. That compares with about $150 for Vonage, a leader in traditional VOIP.
Since its debut, Skype has signed up 35 million users and, at any one time, well over 3 million people are logged into its network. One of Skype’s most high-powered adherents is former Federal Communications Commission Chairman Michael Powell, who said in January 2004 at a telecommunications conference at the University of California–San Diego: “I knew [the traditional telephone system] was over when I downloaded Skype…. The world will change now inevitably.”
With all of this, Skype would seem to be on a smooth trajectory, but that’s not quite the case. In fact, Accenture’s use of Skype instead of GSM mobile was significant because its project teams were bucking the prevailing bias among corporations. Most corporate IT and telecom managers are trying to avoid Skype at all costs.
Skype is an IT manager’s nightmare. For one thing, Skype encrypts all its traffic, which makes it impossible to monitor what employees are doing, sending, or saying when they use this communications tool. In addition, Skype doesn’t follow the path of most VOIP services. It enters the corporate network as an application embedded in a mobile device; it is activated whenever a user accesses the Internet from within the corporate network to make a call. In this way, Skype could open holes in a corporate firewall from the inside. The fear is that Skype users could expose corporate networks to hackers, viruses, and malicious software (“malware”), or shield the activities of malicious employees.
For the immediate future, these conditions make it risky for most large companies to embrace or even consider adopting Skype. And employees can expect memos like those issued at many companies these days warning against using peer-to-peer networks for any form of communication. But as the Accenture incident illustrated, that won’t stop employees who are dissatisfied with the quality of other forms of communication from accessing Skype anyway. Which means that, before long, management will have to address the potential of Skype or Skype-like technologies — and determine the peer-to-peer applications whose benefits outweigh their risks — rather than simply outlaw the technology and hope it goes away.
Management will have to address the potential of Skype, rather than simply outlaw the technology. |
Soon it will become imperative for larger companies to take Skype seriously, if for no other reason than that peer-to-peer architecture is one of the most efficient, most direct, and least wasteful systems of digital interaction. The eventual answer will probably be software fixes that smooth over Skype’s rough spots. These could come in the form of licensed versions of Skype customized to match a company’s security requirements — a development that could bring additional revenue to Skype.
But perhaps the most lasting influence of Skype will be that it will force management and IT executives to consider how to structure a network that exists both inside and outside the corporate firewall. To improve innovation and their own productivity, employees will gravitate to the most advanced collaboration and communications tools with the most reliable levels of quality, no matter what price is paid in weakened security. Companies will have the task of figuring out how to integrate new technologies like Skype into their businesses — and how to get the most out of them. Or, they could take the opposite course: keep them out by banning cellphones, PDAs, and laptops.
Gordon Cook (cook@cookreport.com) is the editor and publisher of the COOK Report on Internet Protocol: Technology, Economics, Policy, an online newsletter (http://cookreport.com) founded in 1992 and devoted to telecommunication and Internet strategies.