Uncategorized Skype for Business SkypeShield

SphereShield enables internal use of Ethical Wall for Skype for Business

Following SkypeShield’s successful launch of the Federation Ethical Wall solution, customers have been requesting the ability to use the same functionality internally, applying specific rules between different users or groups. SkypeShield has therefore extended the Ethical Wall to support controlling internal traffic as well as external.

SkypeShield’s Ethical Wall offers granular control over federation to address security and data protection when federating with external companies. Now, SkypeShield offers the ability to use the same functionality internally, applying specific rules between different users or groups in the same company.

The new user interface of the Ethical Wall has a clean and simple interface allowing control of each activity and the ability to control communication direction. For example, it is possible to allow one side only to start a chat with the other side.

These new capabilities support blocking a specific group in the company to communicate with another group in the same company. For example, a certain employee group may be prevented from calling management level group, or communication may be blocked between the procurement group and the tender writing groups.

The new feature therefore helps in implementing compliance regulation in companies.

SkypeShield’s Ethical Wall offers the following features:

  • Defines granular policy rule based on a user/group communicating with a specific company (SIP domain) or another group in the same company
  • Provides independent control of each activity : IM, audio, video, conference (meeting), desktop sharing, file transfer
  • Blocks presence information from external users depending on policy
  • Supports one way initiation of communication. For example, it blocks external users from initiating an IM conversation while still allowing internal users to initiate and communicate with external users.
  • Changes policy for users that are added to contact list. Allows user some local policy management by applying different policies based on inclusion in a user’s contact list. This way, by adding the federated user to the internal user’s contact list, the policy will allow more federation such as presence information.
  • Enforces policy in the DMZ and blocks non-approved traffic from entering the network
Skype for Business SkypeShield Uncategorized

NeWay to distribute and implement SkypeShield’s security solutions in the US

AGAT Software has teamed up with NeWay Technologies, which will distribute and deploy SkypeShield in the United States.

As part of the agreement, Neway Technologies will market and implement SkypeShield’s authentication solutions for Skye for Business and other cyber security solutions by AGAT Software in the lucrative American market.

“We chose NeWay because of its extensive experience in the execution of complex and challenging projects in Microsoft environments in general and Skype for Business in particular,” said Guy Eldan, CEO of AGAT Software. “As the usage of SkypeShield in the US is expanding rapidly, we were looking for an on-the-ground integrator with proven abilities, and found Neway Technologies to be the perfect match.”

“A growing number of American corporations realize that they need to protect themselves against the risks arising from connecting mobile devices to Skype for Business servers,” said Ronen Ashkenazi, NeWay Technologies CEO. “We explored the security solutions offered on the market and came to the conclusion that SkypeShield is the best and most extensive one.”

NeWay provides end-to-end customer solutions for unified communications, including architecture, design, development and implementation of advanced communication systems. As part of its portfolio, Neway Technologies develops complementary solutions for Skype for Business and provides third-party products manufactured by its business partners.

As a pioneer in Skype for Business-based unified communications, NeWay has implemented large-scale projects for leading companies, including Dun & Bradstreet, Shearman & Sterling LLP and Deutsch Inc., Health First, and is working with others, such as Credit Suisse, to optimize and streamline their Skype for Business deployment.

NeWay benefits from the full support and recognition of Microsoft as a Gold Certified Partner in Communication. In addition, NeWay Technologies has been chosen as Lync Premier Support Partner providing 24/7 worldwide premium support, remote access for proactive troubleshooting, gateway monitoring, support for hardware replacements, installations, and more.

These advantages are supplemented by the unique range of products that NeWay Technologies develops on the Skype for Business platform and the integration of third-party solutions by business partners such as AudioCodes, Polycom and AGAT Software.

Uncategorized MDM Microsoft Lync Skype for Business SkypeShield

How to deal with security vulnerabilities while publishing Skype for Business

Microsoft’s aggressive move of switching the enterprise world from its old branded unified communications platform (Lync) to Skype for Business, has not solved entirely all the security vulnerabilities arising from connecting mobile and other external devices to the corporate network.

Here are some security vulnerabilities arising from external access to Skype for business that organizations should pay attention to:

  • Account lockout – someone who knows your user name can lock your internal account by sending failed login attempts. Generic solutions fail to monitor all authentication channels exposed, including SIP and SOAP. SkypeShield offers a unified monitoring and protection solution.
  • Malicious code accessing internal server – In order to support guests joining meetings, some service support anonymous access. From a security perspective, there are requests that can reach the web servers in the domain without the need to authenticate and without inspection. SkypeShield offers a four-layer application firewall for Skype for Business including session termination, application and protocol inspection and rewriting requests.
  • Password theft from infected device – A valid employee can use any device, including his personal device that might be jail broken or infected, to connect to the network. In such a case, domain credentials can fall to the wrong hands. Even with an MDM solution implemented, there is no control when using a non-managed device. Protect yourself by using device access control and limit the usage only to devices with MDM.
  • Exposing emails – If calendar information is enabled on the organization’s Skype for Business clients, someone with valid credentials can have access to all emails. SkypeShield offers a solution for protecting the corporate Exchange by blocking any Exchange request, unless coming from a registered device and from a Skype for Business client.
  • Data and privacy information exposed – While implementing federation trust with external companies, privacy (availability) and server information data is exposed. The federation is available globally for all company members with all federated external companies with no control over the different modalities allowed, such as file sharing. Deploying SkypeShield ethical wall handles these issues by defining granular control based on user, groups and companies based policies.
  • Data loss prevention (DLP) – As the usage of Skype for Business extends outside the network boundaries, enabling communication with external parties via federation meetings poses some serious security and data protection risks. This arises from the fact that data flow between parties is very accessible and easy to use at any time, any place, and by any device.Preventing data leaks going through Skype for Business is a serious challenge because of the variety of mobile, Web and desktop clients Skype for Business offers and because of the SIP protocol in use by the clients. SkypeShield offers a new concept based on a server side inspection covering all of the data channels. The DLP solution supports both a built in DLP engine as well as integration with commercial DLP vendors.

SkypeShield is continuously adding security layers to make sure your company can allow external access to Skype for Business with the highest level of protection available.