Microsoft Skype for Business 2016 Security Technical Implementation Guide
Overview
| Version | Date | Finding Count (3) | Downloads | ||
| 1 | 2016-11-02 | CAT I (High): 0 | CAT II (Medium): 3 | CAT III (Low): 0 | |
| STIG Description |
| The Microsoft Skype for Business 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil. |
Findings - MAC I - Mission Critical Classified
| Finding ID | Severity | Title | Description |
|---|---|---|---|
| V-70901 | The ability to store user passwords in Skype must be disabled. | Allows Microsoft Lync to store user passwords. If you enable this policy setting, Microsoft Lync can store a password on request from the user. If you... | |
| V-70903 | Session Initiation Protocol (SIP) security mode must be configured. | When Lync connects to the server, it supports various authentication mechanisms. This policy allows the user to specify whether Digest and Basic auth... | |
| V-70905 | In the event a secure Session Initiation Protocol (SIP) connection fails, the connection must be restricted from resorting to the unencrypted HTTP. | Prevents from HTTP being used for SIP connection in case TLS or TCP fail.... |