It’s often helpful when security researchers like Guardicore shed light on flaws in Microsoft Exchange – however, the Autodiscover protocol isn’t flawed in the way they describe. Even though the issue is hard to replicate, it shouldn’t distract from the work you need to do to protect your organization from the underlying reason why people want your credentials.
Despite the growing acceptance of Azure AD to manage identities, one of its main advantages as a platform that manages and secures identities is Azure AD join (AADJ), which still elicits hesitation amongst many IT professionals. This article delves into the justifications for switching to Azure AD join, breaks down some myths around it, and explains why your default position should be Azure AD join.
Microsoft has recently made major strides to improve the capability and resiliency of multi-factor authentication in Azure AD; however, this article highlights the four practical ways in which you can take advantage of MFA in your Microsoft 365 estate, and just turn the darn thing on already!
There are many ways in which you can improve the security of your Exchange Online environment. In this article, Sean McAvinue details the most important steps that admins can immediately implement to align Exchange Online tenants with a good security baseline and posture.
Steve Goodman writes on how you can use Authentication Policies in Exchange Online for blocking Basic Authentication in your Exchange Online tenant.