SkypeShield has developed an innovative security solution for smart card authentication enabling safe mobile Skype for Business (Lync) access for organizations with a network policy that requires their workers to use smart card login.
The simple and easy-to-implement security solution allows organizations to continue maintaining the smart card authentication policy enabling mobile users connect to the corporate network from any outside network without using Active Directory credentials.”
The need for the solution arose from the growing number of organizations that provide their workers with a smart card device to strengthen the identity authentication process. These organizations face a problem while implementing Skype for Business mobile authentication requiring the user to enter his or her Active Directory (AD) credentials.
In such organizations, users do not have Active Directory credentials as they use the smart card for authentication instead. This in turn may cause a problem, as Microsoft Skype for Business requires Active Directory credentials to connect from handheld devices.
SkypeShield’s smart card solution addresses this challenge by applying the authentication process in two separate steps:
- The user creates dedicated Skype for Business credentials from a self-service registration web site after using his/her smart card for authentication to the site from a PC.
- The user then needs to connect his/her mobile device within a limited timeframe by entering the dedicated Skype for Business credentials on the mobile device.
During the first authentication attempt, the device is registered to add Two Factor Authentication (TFA) for external Skype for Business clients.