No matter where your organization's email system resides, you need to secure email servers, the network those servers use and -- as much as possible -- the end users. You must take on a number of tasks on a regular basis, sometimes daily, to make sure your servers are secure.
If your organization has on-premises Exchange Server, you know that servers aren't immune to attacks that can lead to data breaches or worse. If your organization moved its email messaging service to Office 365, you aren't entirely absolved of security administration duties. Microsoft has been pushing IT shops to move to the cloud since it introduced its "cloud-first" approach for delivering future updates and features. But even with this cloud focus, many organizations still use on-premises Exchange for their email needs. With a mix of email services on-premises and in the cloud, you have to stay on top of securing two different platforms with two different architectures.
Each Exchange setup requires a different method of keeping a secure email server. Use this guide to learn about the features and tools in each deployment mode that can help you keep your organization safe from attacks.
1Securing on-premises Exchange-
Tools to keep on-premises Exchange secure
Exchange Server is not immune from security attacks that can compromise sensitive data and bring down an entire environment. These tools and practices help boost Exchange email security.
Exchange is vulnerable to attacks. A recent survey found four main areas to address for secure, available and resilient Exchange environments, so it's important for admins to know the basics to protect their organization's data. Continue Reading
SMTP and IMAP have several built-in security features to protect Exchange Server's external communications, adding an extra layer of protection to mail transmissions. Continue Reading
Expand your Exchange vocabulary
Get to know these terms as you familiarize yourself with the different ways you can secure your Exchange setup.
3Lock down cloud email-
Security for Office 365
Office 365 features offer heightened security against attacks for enterprises that have moved their messaging systems into the cloud. Methods to control email access range from login security to client policies.
Office 365 offers a number of security features and configuration options to keep end users and email messages safe, such as threat intelligence and malware analysis capabilities -- albeit with some gaps. Continue Reading
The AD FS extranet lockout feature, a security feature of the Web Application Proxy server role, can help protect organizations from denial-of-service and brute-force password attacks by locking out end user accounts after a number of unsuccessful login attempts. Continue Reading
A Client Access Policy restricts access in several ways, including blocking all external connections to Office 365 services, or blocking all external access except from ActiveSync devices. Continue Reading
4Stay safe in any setting-
Security for hybrid Exchange
Hybrid Exchange and Office 365 messaging setups reduce your on-premises workload, in terms of management and capital expense. At the same time, hybrid means securing two email platforms, monitoring users and attack potential on two architectures -- and can be twice the headaches if you're not properly prepared.
Are you spending too much time managing Exchange servers? Is legal discovery bumpy? What's the mobile situation? Use these questions to determine the right email security strategy for your organization. Continue Reading