Exchange Best Practices: Administrator Access to User Mailboxes
As a best practice, it is recommend that you don't configure blanket, persistent access for IT administrators to end user Exchange mailboxes.
June 1, 2016
Latest Articles
Exchange Analyzer v0.2.1 Beta 5 Released
The Exchange Analyzer team are happy to release v0.2.1-Beta.5. This release contains several new tests and some bug fixes.
May 25, 2016
Exchange Best Practices: Secure POP and IMAP Access
For POP and IMAP access to Exchange Server mailboxes the best practice is to require secure logins.
May 24, 2016
Exchange Best Practices: Server Local Administrator Passwords
The servers running Exchange Server in your environment should have unique, complex local administrator passwords that are unknown.
May 18, 2016
Exchange Best Practices: Configuration of Database Hosting Journal Mailbox
When you configure journaling in an Exchange organization you should also review the configuration of any databases that will be hosting journal mailboxes.
May 17, 2016
Exchange 2016 Antivirus Exclusions
It is a recommended practice to configure any antivirus software running on Exchange servers to exclude specific paths, processes, and file types.
May 12, 2016
Detecting SSL 3.0 Configuration Changes with Exchange Analyzer
It was recently discovered that Exchange Server cumulative updates are re-enabling SSL 3.0 on servers where it has been disabled.
April 29, 2016
Exchange Best Practices: Least Privilege Administrative Rights
When it comes to Exchange Server the the principle of least privilege applies, and is considered a best practice.
April 28, 2016
Exchange Best Practices: Device Encryption for Mobile Devices
Encryption is important for protecting corporate data stored on mobile devices from being accessed by anybody who has physical access to the device.
April 18, 2016
Exchange Best Practices: Datacenter Activation Coordination Mode
It is recommended to enable Datacenter Activation Coordination (DAC) mode for Exchange database availability groups that meet the criteria.
March 31, 2016
Exchange Best Practices: Automatically Remote Wiping Mobile Devices
Exchange Server and Exchange Online mobile device mailbox policies allow automatic remote wipe of devices after failed sign-in attempts.
March 28, 2016
Exchange Best Practices: PIN/Passcode Requirements for Mobile Devices
The default Exchange and Exchange Online mobile policies do not enforce PIN/passwords for mobile devices, which is not recommended for security reasons.
March 21, 2016