Re: Skype / Vsee

["M.D.Mufambisi" <mufambisi () gmail com>]

The risk around such applications really is the easy leakage of
corporate information. Chat applicatios present a great risk around
this. Corporate documents can be easily transmitted out the network.
Another issue is that individuals do not normally know where to draw
the line between occasional "chatting" and wasting company time.
Viruses and malware could also be transmitted this way. Chat traffic
is encrypted and as such, these baddies can make it well past your
firewall. There are lots of considerations around this. I suggest you
frist establish a business case for the use of chat within the
organisation.....otherwise do not allow it. Once a business case is
established....find out how you can effectively mitigate against the
above mentioned risks.


On 3/18/10, Shawn Merdinger <shawnmer () gmail com> wrote:
> Hi WW,
>
> While dated (December, 2006) Skype's giude for network admis might be
> helpful
>
> http://www.skype.com/security/network-admin-guide-version2.2.pdf
>
> Cheers,
> --scm
>
>
> On Wed, Mar 17, 2010 at 3:58 PM, W W <crackd () gmail com> wrote:
> > Does anyone have any recommendations or thoughts on the use of Skype
> > or Vsee in the enterprise.  I have done some research on the
> > vulnerabilities found in the products themselves.  Quite frankly most
> > software have vuls so that doesn't buy me a whole lot.  What security
> > risks are we exposing ourselves too by allowing these products into
> > our network?  Are there any good references or guidelines for locking
> > these products down in order to mitigate any risks?
> >
> > (I know this may have been talked about in the past, but there isn't a
> > way to search through the archives of this list.  At least not through
> > the "new" web interface" of SecurityFocus.)
> >
> > Thanks.
> > W
> >
> > ------------------------------------------------------------------------
> > Securing Apache Web Server with thawte Digital Certificate
> > In this guide we examine the importance of Apache-SSL and who needs an SSL
> > certificate.  We look at how SSL works, how it benefits your company and
> > how your customers can tell if a site is secure. You will find out how to
> > test, purchase, install and use a thawte Digital Certificate on your
> > Apache web server. Throughout, best practices for set-up are highlighted
> > to help you ensure efficient ongoing management of your encryption keys
> > and digital certificates.
> >
> > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> > ------------------------------------------------------------------------
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL
> certificate.  We look at how SSL works, how it benefits your company and how
> your customers can tell if a site is secure. You will find out how to test,
> purchase, install and use a thawte Digital Certificate on your Apache web
> server. Throughout, best practices for set-up are highlighted to help you
> ensure efficient ongoing management of your encryption keys and digital
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------