How to use role based access control to manage Exchange administrative permissions, and create and assign custom role groups for specific management tasks.
A security researcher claims that Exchange has a vulnerability that allows Exchange Web Services to be accessed by bypassing multi-factor authentication.
How to use mail flow rules in Exchange Server and Exchange Online to block outbound email to specific domain names.
Microsoft has published security bulletin MS16-108, which includes critical security updates for all currently supported versions of Exchange Server.
The Office 365 Secure Score tool analyzes your tenant and provides you with detailed advice about securing your Office 365 services.
In this episode of the Exchange Server Pro Podcast I talk with Brian Reid about securing corporate data with Information Rights Management.
The June 2016 security bulletin includes an update for all supported versions of Microsoft Exchange Server that is rated Important.
As a best practice, it is recommend that you don't configure blanket, persistent access for IT administrators to end user Exchange mailboxes.
For POP and IMAP access to Exchange Server mailboxes the best practice is to require secure logins.
The servers running Exchange Server in your environment should have unique, complex local administrator passwords that are unknown.
It was recently discovered that Exchange Server cumulative updates are re-enabling SSL 3.0 on servers where it has been disabled.
When it comes to Exchange Server the the principle of least privilege applies, and is considered a best practice.
