Skype for SIP, an answer to the IT manager’s prayer?

In a move that for the first time sees Skype embrace open standards, the company has announced the start of a beta program for a Skype/SIP Gateway, called Skype for SIP.

While it is hard to deny Skype’s success and popularity, the facts that its protocols are proprietary and specifications unpublished have found favour with business users, or a least not with IT and compliance managers. Where Skype has gained some traction in the business community, it has been as a result of end-user pressure.

Skype’s design and its ability to find a worm-hole through most firewalls, make it ideal for consumer and interpersonal use. The same features make it difficult or impossible to control on a corporate network. This lack of control is a major headache for both compliance managers and IT security managers.

Skype for SIP changes this. Skype’s gateway will enable most VoIP PBXs to route calls directly to Skype and to accept incoming calls from Skype. The operational benefits are obvious; the entire Skype community can now be reached from the corporate phone system and Skype users will be able to call in completely bypassing the PSTN.

The ability to accept inbound Skype calls will undoubtedly be popular with any organisation handling calls from consumers.

The most significant aspect of Skype’s announcement is that it addresses security and compliance concerns. Corporate phone systems will connect to Skype using the Session Initiation Protocol (SIP). SIP is an open standard which means that security gateways can be constructed to control inbound and outbound calls and even to provide call recording and archiving to meet regulatory requirements.

This at last means that IT security managers can meet their end-user’s demands to allow calls to and from Skype but can retain control of those calls.

Just one note of caution, as Steve Blood of Gartner has pointed out, for some calls Skype may not provide the encryption services necessary to safeguard confidentiality and integrity of some of the more sensitive calls.

For this reason SIP may be a better option for extending corporate voice and video calls to branch offices and remote users. SIP offers a number of encryption options.

Skype’s announcement provides yet another compelling reason for treating corporate VoIP systems as IP network applications and gaining the full connectivity benefits by allowing external connections. The majority of corporate phone systems are VoIP capable, but too many operate in isolation.

While it’s true that any remote VoIP connection requires security controls, these controls can easily be provided with a well designed VoIP security gateway.