Enabling federation is an important feature for extending communication outside company boundaries. SphereShield has therefore developed a Federation Ethical Wall which addresses ethical regulations and compliance, security and data protection issues for Skype for Business federation by establishing granular ethical firewall policies.
SphereShield also offers the ability to use the same functionality internally, applying specific rules between different users or groups.
Allowing federation raises several business and security issues that need to be addressed by applying granular policy rules defining permitted operations between communicating parties.
Applying a policy can also be required from a compliance prospective, preventing conflicts of interest that might result in the inappropriate and dangerous release of sensitive corporate information. Federation itself exposes privacy sensitive information that a company might not wish to share with all external federated users. Such private information includes availability (online/away) and personal details such as mobile phone number and location.
Another example is when a company wishes to conceal from externally federated companies any information on executive team availability via presence information.
To prevent such a situation, organizations need to be able to allow federation with a specific company only for specific internal users or groups.
Additional security measures can be achieved by controlling which modalities are permitted for each conversation, such as IM, audio, video, conference (meeting), desktop sharing and file sharing.
SphereShield’s Ethical Wall addresses security requirements and offers the following capabilities:
The Ethical Wall can be configured to control traffic between internal and external sides and between different users or groups in the same company, helping to implement compliance regulation in companies and solving security issues.
The user interface (UI) of the ethical firewall offers a clean and simple interface allowing control of each activity and the ability to control communication direction. For example, it is possible to allow one side only to start a chat with the other side.
SphereShield’s capabilities support blocking a specific group in the company from communicating with another group in the same company. For example, a certain employee group may be prevented from calling management level group, or communication may be blocked between the procurement group and the tender writing groups or between the research and the traders groups in a finance company.