TimeGuard 2010 – User-friendly OWA Session Inactivity Security

TimeGuard protects a user’s Outlook Web App session and company data from unauthorized access, by providing the tools for a corporation to enforce security policies related to the amount of time a session can be inactive and the total amount of time an active session can continue before the user is required to reconfirm their identity. Active enforcement of these security policies with TimeGuard substantially limits the risk of a third party gaining access to your system by hijacking an abandoned user session.

TimeGuard provides a friendly prompt to a user when their OWA session has been inactive for a defined period of time, giving the user the option to either extend the session or logout. If the user does not respond the session is automatically terminated. TimeGuard also provides a maximum timeout option which requires users to re-authenticate after a predefined maximum session time.

TimeGuard can be configured by the Exchange Systems Administrator to apply different security policies based on criteria such as logon ID or Security Group membership, IP address and Corporate Device Recognition. For example, timeout limits could be reduced for users on a public machine at an airport kiosk and increased for a user on a company-secured desktop computer in the corporate office.

TimeGuard works with other security solutions such as ISA, Forms Based Authentication (FBA) and perimeter based security systems such as RSA to offer total protection for OWA users.

Security Features

TimeGuard prompts a user when they have exceeded their session inactivity limit with the opportunity to extend the session or log off.

Exchange System Administrators can customize security policies according to their corporate policies, user’s hardware and current locations (zones, groups, CDR, ect.).

TimeGuard provides a maximum timeout option which requires users to re-authenticate after a predefined maximum session time has passed.