Exchange Web Services Protection for Skype for Business
Organizations, which use Skype for Business (Lync), are exposed to security threats arising from the interaction with the Exchange server. The Skype for Business client approaches the Exchange server to obtain meeting information and this in turn requires Exchange Web Services (EWS) published externally.
- The deployment of EWS includes an authentication service, thus exposing the network to account lockout in case of a DDoS attack.
- The EWS service allows for retrieving events, mails and attachments, tasks and contacts. Therefore, once exposed, all the Exchange data is also exposed.
- One of the problems is that users, which use Outlook Web Access (OWA) have access to their full mail data, raising the risk that an attacker, equipped with valid Active Directory (AD) credentials, can access the users’ organizations’ mail.
Features & Benefits:
Prevent Unauthorized Devices
Prevent connecting unauthorized devices which carry corporate credentials
Two Step Verification
Matching the device and user
Avoid connection to Skype for Business servers by malicious actors and other unauthorized users