Hackers. Attacks. Security.
In the ever-growing world of information technology and cloud computing, these three words are probably uttered the most in every conversation. It’s one of the most widely discussed topics and businesses worldwide are doing everything they can to always be one step ahead.
Read on to find out more!
The End of Basic Authentication
If your business has moved to Exchange Online, October 13, 2020 is a date you'll want to mark in your diaries. Why you may ask? This is the day Microsoft will officially be turning off Basic Authentication in Exchange Online. If you haven't moved across to Exchange Online, get in contact with us today to discuss how Microsoft FastTrack can help your business move to Exchange Online.
Basic Authentication makes it easier for attackers to capture a user’s credentials and re-use against other services. So, Microsoft is turning it off and forcing you to use Modern Authentication.
Modern Authentication enables authentication features like multi-factor authentication (MFA) and certificate-based authentication (CBA) and is based on the OAuth 2.0 protocol, which allows access to resources without exposing credentials. Check out this link for more info on what services and protocols will be impacted by this change.
An important note to remember: you need to ensure your Exchange Online tenant has Modern Authentication turned on.
The Latest Attack on Exchange Servers
Running Exchange Server 2010, 2013, 2016 or 2019 on-premises and haven't installed the latest updates? Firstly, don't forget the end-of-life date for Exchange Server 2010 (October 13, 2020).
Secondly, if you can't move to Exchange Online just yet, make sure your on-premises Exchange infrastructure is patched with the latest Update Rollup (Exchange 2010) or Cumulative Update (Exchange 2013, 2016, and 2019), released in February AND any security updates as soon as you can.
The reason for the urgent call to action? Various websites are talking about the possibility of an attacker using a valid user account (which doesn't need to be an admin), to gain SYSTEM level privileges within your environment. If they are able to obtain the credentials, tools can be used to run various codes on the Exchange Server.
If you've already moved your mailboxes to Exchange Online, the above is less of a worry as Microsoft ensures all their Exchange Online infrastructure is patched with the latest security updates. If your business is yet to move to Exchange Online, get in touch with us today to find out how our FastTrack team can assist.
New to Microsoft 365 this Month
Customer search result pages in SharePoint Online, Office "What's New" Management feature and Yammer eDiscovery just to name a few. Watch this video to see all of the cool new features available and explained in more detail.
Why Insentra and Microsoft?
Have an active Office 365 subscription and need assistance getting the intended workload across the finish line? Insentra’s qualified FastTrack consultants will work closely with your technical teams, project sponsors and stakeholders to help drive workload adoption and maximize the value of your Office 365 subscription.
If you would like more information on anything you've read here, please download our FastTrack Brochure, or get in contact with our Senior FastTrack Consultant - Hambik Matvosian.
Download FastTrack Brochure