Data Leak Prevention

Skype for Business MDM Binding

Highlights

  • Server side adaptor for content control
  • Inspect traffic from any Skype for Business client type (PC, Mobile, Web)
  • Built-in DLP engine with configurable policy rules
  • Support block, mask or notify of DLP incident
  • IM sent to user when incident detected
  • Integration with commercial DLP vendors via ICAP like Websense & Symantec

Many companies invest significant effort and resources in their Data Leak Prevention (DLP) systems. By doing so, they cover the main content channels such as email and Web services. At the same time, however, most of them fail to cover the data going through unified communication channels such as Skype for Business (Lync).

As the usage of Skype for Business extends outside the network boundaries, enabling communication with external parties via federation meetings poses some serious security and data protection risks. This arises from the fact that data flow between parties is very accessible and easy to use at any time, in any place, and by any device.

Preventing data leaks from going through Skype for Business is a challenging undertaking because of the variety of mobile, web and desktop clients that Skype for Business services, and because of the SIP protocol in use by the clients.

Skype for Business offers a new approach for content and data transfer inspection outside the regular inspection areas of most vendors. The concept is based on a server side inspection and therefore covers all of the channels possible by Skype for Business infrastructure regardless of the client in use.

The solution is based on a content inspection module with an adapter that is able to send the content via ICAP protocol to a DLP provider. The adapter can be configured to work with DLP commercial vendors, such as Symantec DLP or ForcePoint (Websense), or any standard DLP vendor that supports ICAP.

In addition, SkypeShield offers a built-in DLP engine for customers that do not have an existing DLP commercial solution in place.

The DLP module modifies the messages according to incident response from the DLP provider. This includes blocking the content, masking sensitive parts, sending an IM message warning notification to the sender, or just monitoring and alerting.

SkypeShield built-in DLP engine

For companies that do not have an existing DLP product, SkypeShield offers a built-in DLP engine.

The DLP engine inspects the content going through Skype for Business IM and binary files, preventing content from exiting the network based on a set of out-of-the-box and configurable rules detecting content such as credit card numbers, social security numbers, and others.

Content is scanned “on the fly” and action is taken – depending on the policy defined – blocking the full content, masking the forbidden text or notifying the DLP team.

Commercial DLP adapter

For companies that are already using commercial products such as Websense and Symantec, the DLP module can be configured to pass the content of inspection by the vendor via ICAP protocol.