AGAT

CONTACT US
CONTACT US

Category: SkypeShield

Categories
Uncategorized Skype for Business SkypeShield Smart card for authentication Two Factor Authentication

What’s broken with Skype for Business security and how to fix it

Two factor authentication (2FA) security solutions are gaining popularity as they add a meaningful extra level of protection against phishing, keyloggers, password reuse and other threats.

At the same time, users of Microsoft’s on premises products, such as Skype for Business (Lync) and SharePoint are left behind. The vast majority of Skype for Business users are limited to authentication practices that became insufficient already in the mid 90’s.

Skype for Business offers only one option for securing yourself using two factor authentication – smart cards. These cards work, however, only on a Windows desktop client, making this an option only for organizations that are willing to issue workers smart cards and are not planning mobility deployment in the future.

Using Skype for Business Online (part of Office 365) is problematic as well. Microsoft claims it offers 2FA but it does not work for Skype for Business desktop or mobile. These mobile and desktop clients require “App Passwords”, which only offer one factor authentication.

Enabling Microsoft’s native 2FA, whether on the cloud or on premises, disables essential parts of Lync, such as access to Exchange for meeting info and to any contacts in the Unified contact store.

So what can be done?

SkypeShield hardens Skype for Business security and provides essential new features, which work with Lync 2013 as well as Skype for Business.

It offers device management that allows users to self-register their mobile devices easily, so that malicious parties cannot authenticate, even if they manage to obtain a user’s password.

SkypeShield also offers two factor authentication using existing RSA secure ID tokens or the widely used Google Authenticator as well as plenty of other significant security features.

All of these additional security options protect access to MS Exchange too, providing uninterrupted access to meeting information and contacts.

The writer is Technical lead at SkypeShield

Categories
Skype for Business SkypeShield Uncategorized

SkypeShield appoints NextiraOne as its distributor for Skype for Business security solutions in France

SkypeShield has chosen NextiraOne, a European multinational company that designs, installs, maintains, and supports business solutions and communications services throughout Europe, as its leading distributor in France.

“As part of our overall strategy to further expand our activities in Europe, we have chosen to work with NextiraOne in order to substantially widen their offerings and add security layers to NextiraOne’s Skype for Business services,” said Guy Eldan, CEO of AGAT Software, which developed SkypeShield.

“NextiraOne, with its leading position in the French unified communications market, is an ideal partner, allowing us to provide a complete suite for those looking for the most advanced Skype for business authentication solutions.”

NextiraOne, which serves over 43,000 private and public sector clients throughout Europe, will distribute SkypeShield’s innovative Skype for Business (Lync) security solutions in the fast-growing French market.

NextiraOne has already deployed SkypeShield with one of the top largest professional services companies in the world.

Using its expertise in leading-edge communications, including data centers, contact centers, unified communications, secure network infrastructures and managed services, NextiraOne helps its customers to transform their organizations by making the complex simple.

Categories
Skype for Business SkypeShield Two Factor Authentication Uncategorized

Keep your corporate email safe while publishing Skype for Business

Skype for Business (Lync) is gaining popularity among organizations that wish to benefit from high-quality communication within the corporation.

These organizations should realize, however, that as part of the Skype for Business deployment, Exchange Web Services (EWS) are required to be published externally in order to allow meeting information to be available to the Skype for Business client. This carries the risk of enabling a potential attacker to obtain access to all of the Exchange’s resources including emails, attachments and contacts.

These risks are divided into two categories:

  • The EWS service allows for retrieving events, mails and attachments, tasks and contacts. Therefore, once exposed, all the Exchange data is also exposed.
  • The deployment of EWS requires authentication, thus exposing the network to account lockout in case of a DDoS attack.

SkypeShield has identified these risks and has eliminated them, blocking any information requests arriving from unregistered devices and adding a Two Factor Authentication (TFA) layer for the Exchange.

The solution is based on a Two Factor Authentication process, which requires for the authentication to have both the user’s password and device. The result is that unauthorized usage of the user’s credentials is not sufficient to connect to Skype for Business or Exchange without having access to the device itself.

Get a free trial

Sign-up for a free trial and demo with an AGAT expert

    Select your service

    For support please login to our support portal

    Get in touch

    Har-Hotzvim Hi-Tech Park, Jerusalem, Israel

    +972-2-579-9123

    info@agatsoftware.com

    Facebook Twitter Youtube Linkedin

    Compliance

    Ethical Wall

    Real Time DLP

    Archive & eDiscovery

    Recording AI Compliance Analysis

    Productivity

    AI Meeting Assistant

    Channel Management

    AI Sentiment Analysis

    Privacy Policy

    Terms and Conditions

    Resources​

    Company overview

    Partners

    Careers

    Blog

    Contact

    © 2013-2023 AGAT ALL RIGHTS RESERVED