Organizations, which use Skype for Business (Lync), are exposed to security threats arising from the interaction with the Exchange server. The Skype for Business client approaches the Exchange server to obtain meeting information and this in turn requires Exchange Web Services (EWS) published externally.

This exposes the client to the following threats:

• The deployment of EWS includes an authentication service, thus exposing the network to account lockout in case of a DDoS attack.
• The EWS service allows for retrieving events, mails and attachments, tasks and contacts. Therefore, once exposed, all the Exchange data is also exposed.
• One of the problems is that users, which use Outlook Web Access (OWA) have access to their full mail data, raising the risk that an attacker, equipped with valid Active Directory (AD) credentials, can access the users’ organizations’ mail.

SphereShield eliminates this risk. It blocks any information requests arriving from unregistered devices and adds a Two Factor Authentication (TFA) layer for the Exchange.

The solution is based on a Two Factor Authentication process, which uses the client’s password and device. The result is that unauthorized usage of the user’s credentials is not sufficient to connect to Skype for Business or Exchange without having access to the device itself. This also enables restricting the usage of these services to approved or registered devices only.