SphereShield for Skype for Business

Here are some security vulnerabilities and threats arising from external access to Skype for business that organizations should pay attention to:

Account lockout

Network account can be locked by an attacker simply sending authentication attempt while only knowing user name and not password (DDoS attack). Attack can be on multiple protocols (SIP/HTTPS), Multiple channels (sign in, Exchange, web api..) and multiple methods (basic, NTLM, SOAP) services.

Device Security Control

User can download SfB (Skype For Business) on a personal device which is not under MDM control and is not aligned with company security policy (Jail broken for example) and bypass all MDM security layers by connecting to SfB server.

Communication Control

  • Compliance and security require controlling modalities between communication participants
  • No ability to define what is allowed to do and see – IM, file sharing, audio etc. between federated users and internally
  • Privacy issues related to presence
  • Server info exposure

Secure Authentication

Attacker can get access to SfB & Exchange by only knowing user name and password

Unauthorized Devices

Control which devices can connect to company infrastructure

Anonymous Traffic

Allowing external guests required unauthenticated and anonymous requests to enter the network without inspection. Topology allow malicious traffic to get to internal servers and to overload internal servers with fictitious meeting requests

Credential Theft

Domain credentials required by SfB can hacked while stored and used on device out of network control.

Sensitive Data Leaking

  • Prevent sensitive information from being passed through Skype for Business to devices outside of company control.
  • Require solution for all type of SfB client

Trial Version

Documents

SphereShield for Skype for Business Product Presentation
4.08 MB PPTXpowerpoint-icon

SphereShield for SkypeShield Product Page
1.55 MB PDFPDF-icon

SphereShield for SkypeShield Datasheet
1.48 MB PDFPDF-icon

SphereShield for Skype for Business Security Threats
1.12 MB PDFPDF-icon

Highlights

  • Secure mobile Skype for Business connectivity
  • Active Directory (AD) protection
  • Two-factor authentication
  • Eliminates need to use AD credentials on mobile device
  • Block DDoS, DoS attacks &  Brute force attacks
  • Solution for smart card authentication
  • Available as a filter for Forefront (ISA/TMG) servers or as a gateway

More Resources: