Proactive IT Strategy at Thriveon

IT Best Practices that Get Missed: Microsoft Exchange Server

Written by Sam Bloedow | 9/23/21 7:01 PM

In early March 2021, the White House warned of an “active threat” from hackers exploiting four flaws in Microsoft’s Exchange email application. A big attack hit created massive exploitation, and every month, it has worsened. Has your IT firm informed you of this event? Are they actively working to move you off of Exchange? The Microsoft Exchange Server’s functionality and credibility are deteriorating rapidly to the point where insurance companies are moving to no longer insure organizations that continue to use it. 

Read: White House Warns of Increasing Victims: Microsoft Server Compromise

An IT best practice that gets missed is continuing to use the Microsoft Exchange Server, and this is a rapidly growing issue, so now is the time to act. The Microsoft Exchange Server used to be the gold standard for email, calendars and task management, but it is now a huge vulnerability to your business on three fronts, whether on-premises or hosted: 

1. Multiple cybercriminal groups continue exploiting vulnerabilities in the platform in new and different ways daily. This allows them to gain access to your Exchange Server and gives them a foothold, allowing them entry to your entire network.   

2. Microsoft is not keeping up with fixes for these vulnerabilities at the rate they are happening. Instead, they created a replacement from the ground up in Office 365 (O365), which doesn’t contain the same security vulnerabilities. O365 was built with security in mind. 

3. We are seeing cyber liability insurers warn their clients that if they have a Microsoft Exchange Server in their environment when policy renewal time comes, they will not allow them to renew their cyber liability policy. 

This exploitation of a once-trusted solution for your business has changed rapidly. Is your IT team rising to the challenge? As technology continues to evolve, so does the need for strategic guidance. That’s why for the last 20 years, Thriveon has deployed an approach that proactively eliminates IT risk and supports business growth. Schedule a technology audit with us to hear more about potential vulnerabilities in your systems.