Welcome to the first installment of Practical Protection. This week's focus is on Security Principles for your Exchange Environment.
It's often helpful when security researchers like Guardicore shed light on flaws in Microsoft Exchange - however, the Autodiscover protocol isn't flawed in the way they describe. Even though the issue is hard to replicate, it shouldn't distract from the work you need to do to protect your organization from the underlying reason why people want your credentials.
Lots of excitement was generated when Guardicore revealed a purported vulnerability with the Exchange Autodiscover service. However, the almost total lack of detail about the configuration used for testing and to generate the reported results makes it impossible for Exchange administrators to check the theory against their own deployment. I don't think a problem exists with Exchange Online, but it's possible that poor DNS practice or flawed third-party clients could cause an issue with on-premises servers. The case remains to be proved.
On the show this week, Steve is joined by Patrick van Bemmelen to talk about how you can stop internal sharing with Information Barriers., And in important news we discuss the latest Exchange Server updates you need to apply TODAY, how the FBI have been accessing Exchange Servers - and we cover the latest updates available for Microsoft Teams, OneDrive, Outlook and more.
Microsoft MVP Amy Babinchak reveals how Office365 administrators can turn Microsoft Cloud App Security (MCAS) into a manageable and indispensable tool for organizations. This is achieved with several simple, tried and true methods that will reduce the amount of information alerts while highlighting severe, actionable alerts which are detailed in this article.
Microsoft has issued critical security updates for Exchange on-premises servers. The fixes close off four known vulnerabilities which expose Exchange to day-zero attacks. It's important to apply these updates ASAP.
Part Two: How to use MCAS and PowerAutomate to prevent malicious activity when employees extract confidential corporate information from cloud repositories.