Skype for Business MDM Binding


  • Restricts the usage of Skype for Business to devices with MDM
  • Supports market leading MDM vendors
  • Multi factor authentication
  • Verifies Skype for Business is used with a device that complies with the security policy
  • Available as server side, or by using SkypeShield’s mobile app

SkypeShield has developed an innovative authentication solution for corporate clients enabling them to restrict workers to using Skype for Business (Lync) on managed devices only.

The Mobile Device Management (MDM) Binding solution limits Skype for Business usage only to devices with MDM installed. The solution is compatible with leading MDM vendors including AirWatch, MobileIron, IBM MaaS360, Good Technology, XenMobile, and others.

SkypeShield MDM module, addresses one of the most common requirements of enterprise customers is to limit Skype for Business access to managed devices with installed corporate MDM software, and verify that the device meets the company’s security requirements. It allows the company to verify that entering the Active Directory (AD) credentials is done only from a device that safe according to companies’ security policy.

SkypeShield offers several deployment approaches to fit the specific MDM implementation. It can be implemented based on one of the following MDM capabilities:

  • Certificate enrollment
  • VPN access control
  • Mobile Application Management (MAM)

Implementation based on MAM capabilities requires SkypeShield’s mobile app for Skype for Business usage. In this case, the LyncShield server expects to obtain an encrypted background handshake request from the mobile app once the Skype for Business client starts. As a result, only devices with the SkypeShield app can connect to corporate Skype for Business servers.

SkypeShield can be configured to require the app to be used only for the registration stage or for every authentication request, depending on security requirements.

Implementing SkypeShield offers Multi-Factor Authentication by adding two additional factors besides the password. The solution offers a high security level by preventing authentication in case of Man-in-the-Middle (MITM) attacks.

Read more on direct integration with MobileIron, AirWatch, MaaS360 and XenMobile here: MDM Conditional Access