Author: Yoav

Skype for Business Mobile Security UC Solutions

Ethical wall solution offers granular control over Skype for Business federation

Post author By Yoav
Post date October 21, 2015

SkypeShield launched a new Federation Ethical Wall solution, which offers granular control over federation to address security and data protection when federating with external companies.

Enabling federation raises serious business and security issues that need to be addressed by applying granular policy rules defining permitted operations between communicating parties.

Companies wanting to extend communication outside the company boundaries require protection and control over the different flows of data offered by Skype for Business.

Federation raises also privacy issues related to reviling personal and executive users details including availability (online/away), mobile phone number and location.

In order to meet security threats, while using Skype for Business, organizations need to be able to allow federation from a specific company only to specific internal users or groups.

The federation Ethical Wall offers the following features:

Defines granular policy rule based on a user/group communicating with a specific company (SIP domain)
Specific modality policy control: IM, audio, video, conference (meeting), desktop sharing, file transfer
Blocks presence information from external users depending on policy
Blocks external user from initiating an IM conversation while still allowing internal user to initiate and communicate with external user
Allows user some local policy management by applying different policies based on inclusion in a user’s contact list. This way, by adding the federated user to the internal user’s contact list, the policy will allow more federation such as presence information
Enforces policy in the DMZ and blocks non-approved traffic from entering the network

Tags Federation Ethical Wall, IM conversation, modality policy control, UC Solutions

Skype for Business LyncShield Microsoft Lync Two Factor Authentication UC Solutions

SkypeShield presented new Skype for Business security solutions at Microsoft’s partner meeting in Hong Kong

Post author By Yoav
Post date September 14, 2015

SkypeShield has presented a complete security suit for safely connecting to corporate Skype for Business (Lync) servers from mobile and external devices at the upcoming Microsoft partner meeting Channel Kick-off 2015, which took place in Hong Kong on September 11, 2011.

SkypeShield’s solutions had been presented at the event by Continuous Technologies, which has recently become SkypeShield’s distributer in Hong Kong.

At the Microsoft event, SkypeShield showcased solutions to protect the organization’s Active Directory, Skype for Business and Exchange infrastructure. Among others, the company presented new security solutions including:

Network protection – Protect against account lockout in DDoS attack.
Two Factor Authentication – TFA by requiring the device as the second factor in addition to credentials to Lync & Exchange (EWS). Optionally can require three factor based on VPN access / certificate.
Device Access Control – Restrict the usage of Skype for Business & Exchange only to registered devices. Solution can limit usage to corporate or managed devices (with MDM) or control BYOD deployment.
Active Directory credentials protection – Avoid using and storing AD credentials on device by defining dedicated Skype for Business credentials or using RSA tokens.

Established in 1989 and headquartered in Hong Kong with offices in Beijing, Shanghai, Guangzhou and Nanjing, Continuous Technologies is a Microsoft Gold Communications Partner. With more than 20 years of implementation experience across multiple industries, Continuous Technologies are experts in customer interaction systems with a proven track record in implementing Skype for Business.

The Channel Kick-off 2015 was aimed at showing Microsoft partners the latest technology and innovation. Local partners, IT community leaders and Microsoft executives attended the event.

Tags Channel Kick-off 2015, Continuous Technologies, control BYOD deployment, UC Solutions

Skype for Business SkypeShield Two Factor Authentication UC Solutions

Keep your corporate email safe while publishing Skype for Business

Post author By Yoav
Post date August 18, 2015

Skype for Business (Lync) is gaining popularity among organizations that wish to benefit from high-quality communication within the corporation.

These organizations should realize, however, that as part of the Skype for Business deployment, Exchange Web Services (EWS) are required to be published externally in order to allow meeting information to be available to the Skype for Business client. This carries the risk of enabling a potential attacker to obtain access to all of the Exchange’s resources including emails, attachments and contacts.

These risks are divided into two categories:

The EWS service allows for retrieving events, mails and attachments, tasks and contacts. Therefore, once exposed, all the Exchange data is also exposed.
The deployment of EWS requires authentication, thus exposing the network to account lockout in case of a DDoS attack.

SkypeShield has identified these risks and has eliminated them, blocking any information requests arriving from unregistered devices and adding a Two Factor Authentication (TFA) layer for the Exchange.

The solution is based on a Two Factor Authentication process, which requires for the authentication to have both the user’s password and device. The result is that unauthorized usage of the user’s credentials is not sufficient to connect to Skype for Business or Exchange without having access to the device itself.

Tags corporate emails, DDoS attack, EWS authentication, Exchange Web Services, publishing Skype for Business, UC Solutions

Sign up to get the latest AGAT News.