""With the threat to Exchange servers remaining persistent, enforcing a prevention posture and adhering to these best practices is crucial for safeguarding our critical communication systems," Andersen said. "This guidance empowers organizations to proactively mitigate threats, protect enterprise assets, and ensure the resilience of their operations." Anderson added that CISA recommends organizations also "evaluate the use of cloud-based email services" rather than "managing the complexities" of hosting their own."
"So what does the advisory recommend? First and foremost, organisations should restrict administrative access, implement multi-factor authentication, enforce strict transport security configurations, and adopt zero trust security model principles. On top of this, as certain Exchange Server versions have recently become end-of-life (EOL), they strongly encourage organizations to take proactive steps to mitigate risks and prevent malicious activity. Attackers frequently target these servers, which usually receive less monitoring and security updates than cloud-based alternatives."
CISA and NSA advise organizations to harden on-premises Microsoft Exchange Server instances amid a surge in attacks. They recommend restricting administrative access, implementing multi-factor authentication, enforcing strict transport security configurations, and adopting zero trust principles. They urge organizations to decommission end-of-life on-premises or hybrid Exchange servers after transitioning to cloud-based Microsoft 365. They emphasize keeping Exchange servers updated with the latest version and Cumulative Update as the most effective defense. They note unsupported Exchange versions increase risk and encourage migration to supported editions or cloud services and evaluation of cloud-based email to reduce hosting complexities.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]