SphereShield MDM Integration for Skype for Busines

AGAT Software Development LTD

Ensure that users can only log in to Skype for Business from an MDM managed device.

SphereShield offers Mobile Device Management (MDM) Conditional Access Solution, which verifies that only devices that are compliant with company’s security policy, as defined by the MDM vendor, can access the corporate network through Skype for Business (Lync).

MDM Conditional Access is available to vendors including MobileIron, AirWatch, MaaS360, XenMobile and, Intune BlackBerry.

SphereShield’s solution validates that devices are compliant with the settings defined by the MDM vendor. Once a device fails to comply, all Skype for Business sessions are terminated automatically and access is immediately blocked. For example, Skype for Business access may be blocked to a device that has become jail broken or rooted, or if the user has removed MDM control from the device.

During the sign-in process and throughout the Skype session, SphereShield verifies that the device is listed as a valid device on MDM server and is not listed as Out Of Compliance.

SphereShield leverages the MDM device owner identify to add another security factor to the authentication process.

Based on this capability, SphereShield now offers a no-password Single Sign On authentication by trusting the MDM identity for the authentication.


  • Device access control to Skype for Business & EWS
  • Limit access to corporate device only
  • Maintain control over connecting devices
  • Limit access to managed devices only
  • Central admin approval control
  • Self service device registration web site
Hurtigt overblik