Securing Outlook Anywhere using Two-Factors

December 17, 2010

in 2010, Exchange, Forefront, Microsoft, Security

Over the course of deploying Exchange 2010 at clients, numerous discussions have occurred on the topic of securely deploying Outlook Anywhere externally. Many security teams are concerned that anyone with an ID and Password could install Outlook on a non-secure machine and connect to OA. Unfortunately RSA doesn’t provide a two factor authentication add-on for Outlook (that I know of) and the only other solutions for securing a deployment of external OA involves using a 3rd party like Deepnet or going with Direct Access using UAG (which has some very steep requirements).

The good news, the MS Exchange team has just released a new whitepaper that attempts to address this very common issue with Outlook Anywhere. Also included is a new whitepaper on securing Exchange ActiveSync with Certificates.

Read of for further details…

http://msexchangeteam.com/archive/2010/12/06/457128.aspx

Click here to directly download the whitepapers…

7,494 views
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...
David Law July 20, 2012 at 11:28 am

For all the reasons we all know, smart card authentication has not been popular. Instead, OTP tokens have become the most popular authentication method for two-factor authentication because of its simplicity and low cost to implement and deploy.

Microsoft does not support OTP with Outlook Anywhere. You will need a 3rd-party authentication server that supports Outlook Anywhere with two-factor authentication. Currently, there is only one such product, Deepnet DualShield:

http://www.deepnetsecurity.com/solutions/outlook/anywhere/