AGAT

CONTACT US
CONTACT US

Category: Mobile Security

Categories
BYOD Mobile Security Skype for Business Two Factor Authentication Uncategorized

Mobile Skype for Business connectivity security threats need to be addressed

BYOD (Bring-Your-Own-Device), in which a growing number of workers use their smartphones for both personal and work purposes is a hot trend.

A recent report by research company Gartner predicts that by 2017 half of all employers will require  employees to supply their own device for work purposes. The report, entitled “Bring Your Own Device:  The Facts and the Future,” indicates that security remains the top concern for BYOD.

Another survey, published by the Ponemon Institute and Zix Corporation, indicates that the majority of  IT and IT specialists believe their companies do not use any tools or policies to protect corporate data  from risks arising from BYOD.

The research shows that 60 percent of IT professionals are dissatisfied with  current BYOD solutions, mostly due to cost and inadequate security.

The problem is not limited to organizations that deploy a BYOD policy, but also includes companies which provide their workers with mobile devices. So for example, workers who use the corporate network to connect to services such as Microsoft Skype for Business (Lync) may expose their employers to serious security threats.

The major risks for the organizations’ networks include:

Hacking of network active directory credentials

Active Directory usernames and passwords can be hacked and used to provide unauthorized access to many core business applications. Using Active Directory credentials in the non-secured environment of a mobile device introduces major risks.

The exposed credentials might be hacked and used to either receive emails or log in to other corporate applications. Hacking is typically achieved by “eavesdropping” on public networks, through hostile applications installed by users or received by SMS. Another danger is that the user will allow other people, such as friends and family members, to use his or her device, and unintentionally expose the corporate network to risk.

The best solution for such problems is to try to refrain from using or storing the Active Directory credentials on the mobile device.

Usage of uncertified devices

The worker might connect to the corporate network by using his or her name and password on other unauthorized devices, therefore companies need to adopt a policy in which workers can access the system only from authorized devices.

An addition risk is posed when someone has access to a user’s credentials and can connect unnoticeably from a different device.
To avoid these two issues, the required solution is to allow only registered devices to connect, thus implementing a Two Factor Authentication connection.

Brute Force attack and denial of service (DoS)

The exposure of internal services, such as Skype for Business, through the use of a BYOD policy introduces a risk of brute force attacks and denial of service attacks.

The authentication of these services must be publicly available in order to allow the worker to connect anytime from anywhere, thus exposing the Active Directory authentication interface to potential attacks.

Brute-force attacks are conducted by systematically checking all possible keys or passwords until the correct one is found.

Denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) are attempts to make the corporate network unavailable to its intended users. They generally consist of efforts to temporarily or indefinitely interrupt or suspend the services of a host connected to the Internet.

These attacks can make the network unavailable and cause significant business damage. The best way to defend the organization from such attacks is by blocking them at the gateway level by configuring a block-failed login policy that prevents the attack attempts from reaching the Active Directory by implementing a gateway layer blocking these attacks before they enter the network.

Identifying the risks arising from adopting BYOD policies and from making internal services available for external mobile devices is the first step that organizations need to take before they authorize such a strategy.

As the BYOD trend is expected to play a major role in the future, IT managers should explore the possible solutions and find the ones that are most suitable for their organization.

Categories
BYOD LyncShield Microsoft Lync Mobile Security Two Factor Authentication Uncategorized

Israel’s Foreign Ministry deploys LyncShield’s Two Factor Authentication solution

 

The Israel Ministry of Foreign Affairs has implemented LyncShield‘s innovative solution for secure mobile Lync connectivity.

LyncShield was developed by security company AGAT Software Solutions to allow workers safely use approved mobile devices outside the corporate network to connect through Microsoft Lync.

The Foreign Ministry is using LyncShield’s innovative two factor authentication to determine which devices will be granted access to the system based on a self-service registration process.

The two-factor authentication ensures that the Foreign Ministry benefits from another protection layer by adding device identification to the user name and password. It allows the ministry to control and manage the approved device and prevent uncertified devices from using the service.

In order to protect corporate passwords, LyncShield defines application authentication credentials exclusively for Lync. The Active Directory credentials are not stored on a mobile device. LyncShield also protects from DoS, DDoS and brute force attacks.

By adopting LyncShield’s unique approach, the Ministry has eliminated the usage of network credentials on workers’ mobile devices, and resolved the threat of unauthorized connection.

“We were looking for a solution that would allow us to decide which workers would have access to Lync through their mobile devices and to specify which smartphones would be granted such access,” said Yaniv Cohen, system administrator at the Foreign Ministry. “Our experience with LyncShield was very positive and we are currently exploring ways of using more LyncShield features.”

“LyncShield’s solution, which ensures that workers use only a predefined device, has enabled Foreign Ministry workers to benefit for the first time from the advantages of Lync when they are outside the office,” said Yoav Crombie, Business Manager of AGAT Software Solutions. “This successful project illustrates the benefits of using LyncShield for organizations that adopt a BYOD policy.”

 AGAT intends to launch soon a similar solution for Microsoft’s SharePoint and business apps for supporting all mobile devices.

Categories
BYOD Mobile Security Uncategorized

Survey: 86% of workers use smartphone for personal and work tasks

While the trend of employees using their own mobile devices for work purposes is expected to intensify further in 2014, a recent survey indicates that workers are still doing almost nothing to protect their mobile devices and in not doing so are risking their workplace.

The survey, conducted by Coalfire for the second consecutive year on the topic of Bring Your Own Device (BYOD) policies, revealed an ongoing lack of security with smartphones and tablets used to access company data.

 The report indicates that the majority of those surveyed (86 percent) use the same smartphone for personal and work tasks. At the same time, 47% have no pass-code on their mobile device and 36% make use of a single password for all digital access.

BYOD Infographic2

The survey, based on 400 workers in North America who are not affiliated with their company’s IT department, indicates that companies are not educating employees on mobile device security to help protect company data.

“The results demonstrate that businesses are still not using effective methods to protect critical infrastructure. Although new developments are regularly coming to the market to help protect corporate data, the main concern is still human error,” said Rick Dakin, CEO and chief security strategist with Coalfire.

 “Security awareness training for tablet and smartphone users should be a top priority for all organizations,” he added.

Other key findings show that 61% write down passwords on a piece of paper, 44% said their company does have a mobile device usage policy and 34% stated their companies do not have the ability to remotely wipe data from mobile devices if they are locked, lost or stolen.

Get a free trial

Sign-up for a free trial and demo with an AGAT expert

    Select your service

    For support please login to our support portal

    Get in touch

    Har-Hotzvim Hi-Tech Park, Jerusalem, Israel

    +972-2-579-9123

    info@agatsoftware.com

    Facebook Twitter Youtube Linkedin

    Compliance

    Ethical Wall

    Real Time DLP

    Archive & eDiscovery

    Recording AI Compliance Analysis

    Productivity

    AI Meeting Assistant

    Channel Management

    AI Sentiment Analysis

    Privacy Policy

    Terms and Conditions

    Resources​

    Company overview

    Partners

    Careers

    Blog

    Contact

    © 2013-2023 AGAT ALL RIGHTS RESERVED