IT Best Practices that Get Missed: Microsoft Exchange Server

Sam Bloedow
Cell phone on a table with security on screen toggled to on

In early March 2021, the White House warned of an “active threat” from hackers exploiting four flaws in Microsoft’s Exchange email application. A big attack hit that created massive exploitation, and every month it has gotten worse since. Has your IT firm informed you of this event? Are they actively working to move you off of Exchange? The Microsoft Exchange Server’s functionality and credibility is deteriorating rapidly to the point where insurance companies are moving to no longer insure organizations that continue to use it. 

Read: White House warns of ‘large number’ of victims as Microsoft Exchange server compromise escalates

An IT best practice that gets missed is continuing to use the Microsoft Exchange Server, and this is a rapidly growing issue, so now is the time to act. The Microsoft exchange server used to be the gold standard for email, calendars, and task management, but it is now a huge vulnerability to your business on three fronts, whether on-premises or hosted: 

1. Multiple cybercriminal groups are continuing to exploit vulnerabilities in the platform in new and different ways each day.  This allows them to gain access to your exchange server and thereby give them a foothold, allowing them entry to your entire network.   

2. Microsoft is not keeping up with fixes for these vulnerabilities at the rate they are happening. Instead, they created a replacement from the ground up in Office 365 (O365), which doesn’t contain the same security vulnerabilities. O365 was built with security in mind. 

3. We are seeing cyber liability insurers warn their clients, that if they have a Microsoft exchange server in their environment come policy renewal time, they will not allow them to renew their cyber liability policy. 

This exploitation of a once trusted solution for your business has changed rapidly. Is your IT team rising to the challenge? As technology continues to evolve, so does the need for strategic guidance. That’s why for the last 20 years, Thriveon has deployed an approach that proactively eliminates IT risk and supports business growth. Schedule a Technology Audit with us to see hear more about potential vulnerabilities in your systems.


Get the Webinar


Subscribe to our email updates


Subscribe to our email updates