INTEGRATIONS

DLP/Threat
Prevention

Task
Management

Recording

MDM/UEM

Protecting EWS while publishing Skype for Business

Using Skype for Business (Lync), the client interacts with the Exchange server to obtain meeting information. In order to implement this connection, the deployment of Skype for Business requires Exchange Web Services (EWS) published externally to the world.

This exposes the client to several threats:

  • The deployment of EWS includes an authentication service, thus exposing the network to account lockout in case of a DDoS attack.
  • The EWS service allows for retrieving events, mails and attachments, tasks and contacts. Therefore, once exposed, all the Exchange data is also exposed.

So, for example, users using Outlook Web Access (OWA) have access to their full mail data, creating the risk that an attacker with valid AD credentials will also obtain access to the users’ organizations’ mail by using this services.

To minimize this risk, SkypeShield blocks any request for information that arrives from a device that is not registered, and adds a Two Factor Authentication (TFA) layer for the Exchange.

SkypeShield is based on a Two Factor Authentication using the client’s password and device. Thus, unauthorized use of the user’s credentials will not be sufficient to connect to Lync or Exchange without having access to the device itself. This also allows for restricting the usage of these services to approved or registered devices only.

Subscribe


Category Post

Latest Posts

AI For Understanding How Employees Feel At Work

How AI Sentiment Analysis can help HR Managers understand employee feelings, improve productivity and retain top performing employees.

Shared Channels in Microsoft Teams: How to Use Them, Copy and Merge Them

In this blog, we’ll explain everything you need to know about how to use, copy and merge Shared Channels in Microsoft Teams

Get a Free Trial

Sign-up for a free trial and demo with a SphereShield expert

For support please login to our support portal.

AGAT

ABOUT US

AGAT is an innovative software provider specializing in security and compliance solutions. AGAT’s award-winning flagship product - SphereShield, is a leading solution providing control of data and activities for Unified Communication (UC) & Collaboration services.
SphereShield AI RegTech capabilities analyze messages, files, audio and video for policy enforcement required by regulations such as FINRA, GDPR, HIPAA & MiFID II. It enables real-time content inspection addressing Data Leak Prevention (DLP), Ethical Wall as well as Anti Malware and eDiscovery requirements. SphereShield’s  conditional access capabilities and AI-based risk engine features add significant security improvements to on-prem or cloud UC service.

© 2013-2023 AGAT ALL RIGHTS RESERVED

NEWSLETTER  SIGN-UP


linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram