Carl Fransen Shares His Thoughts on On-Premise Microsoft Exchange

Recently, Microsoft and DHS CISA announced the confirmed exploitation of various vulnerabilities in Microsoft Exchange Server.

Carl Fransen Shares His Thoughts on On-Premise Microsoft Exchange

If there is one thing we can acknowledge from the recent year that was filled with disruption is that cybersecurity should remain a mission-critical priority for every business and organization. We have learned that dangers in the cyber world are constantly changing and moving. Any business or organization can be under attack, regardless of how powerful the technology and networks may be.

Recently, Microsoft and DHS CISA announced the confirmed exploitation of various vulnerabilities in Microsoft Exchange Server. Exchange email servers make such a provoking target due to the amount of email information they hold about any business or organization. Microsoft detected numerous zero-day exploits that were used to target and attack on-premise versions of Microsoft Exchange Server.

The vulnerabilities in the server allowed hackers to remove data, access numerous email accounts, move laterally in victim environments, and install malware and access to allow future access to the networks. Microsoft Threat Intelligence Center (MSTIC) contributed the recent attacks to a group that is operating out of China.

Fixes and patches are available, and all businesses and organizations that are using Microsoft Exchange have been encouraged to patch as quickly as possible. However, it is important to know that a patch will not remove any access that has been gained by hackers, and any additional capabilities that were placed in victim environments cannot be removed by patches.

As a result of the proven vulnerabilities in Microsoft Exchange Server and the dangers that could arise in the future, the Multi-State Information Sharing and Analysis Center (MSISAC) recommends remaining vigilant in investigating any current or potential activity in the environment.  The MS-ISAC also recommends looking for any evidence of unauthorized access.

Thoughts on On-Premise Microsoft Exchange

After the latest attack, several experts in the IT industry shared their thoughts on the issue and offered useful valuable advice to users who are still using on-premise Exchange Servers. Carl, founder and CEO of CTECH Consulting Group, shared his thoughts by stating there is no technical or economic reason why anyone should be running a traditional Exchange server.

Businesses no longer need to shell out hard-earned capital on servers that are going to depreciate over 4 to 5 years or static pay-per-user licensing.  Microsoft continues to invest a significant amount of money in its Hosted Exchange service. As Microsoft focuses on its cloud-first model, various improvements will be made to Office 365 Exchange.

Businesses and organizations have the ability to use advanced features, such as data loss prevention and enforceable data governance. These features are not available in the traditional self-hosted servers. Businesses and organizations that continue to dally in making the switch will continue to be behind in their respective industry.

Carl believes the hosted email model is far superior to the on-premise solution. Off-premise servers store data in tier 4 data centres that are worth billions of dollars. Also, the software will be administered 24 hours a day by the software’s technical support team rather than a member of the IT staff that learned the software. Carl also pointed out that hosted email can result in significant cost savings since businesses and organizations will only pay for the services they use instead of making the maximum payment upfront without being presented with an opportunity to reduce the count in the future.

Finally, Carl noted the various security issues that remain present in on-premise Microsoft Exchange. Microsoft has invested a substantial amount into the current security landscape. Microsoft spends one billion dollars every year in an effort to maintain its security. Microsoft continues to release new security features that can be used to enhance a business or organization.

Protecting Your Business From The Threats

It is important that companies educate themselves on the advantages and disadvantages of self-hosted servers. The recent exploit should serve as a reminder of the dangers that will accompany on-premise systems. Achieving a system with no vulnerabilities is challenging. Therefore, it is recommended that businesses and organizations allow tech giants to provide their email servers.

When this approach is taken, the burdens the internal tech departments feel on a daily basis can be released. Risks and dangers are ever-present, and there will be some issues even after the updates and patches. Email-based threats will continue to be a major problem for businesses all over the world. There is a belief that Microsoft will eventually stop providing support for the on-premise Exchange environment.

Making The Switch To Office 365

Many tech experts recommend making the switch to Office 365 sooner rather than later. There are various enterprise tools offered by Office 365, especially Exchange Online Servers. When this switch is made, the security risks and rising costs associated with on-premise email servers will be minimized. Businesses and organizations that choose to make the switch from on-premise servers will enjoy better productivity and operations because they will be able to continue their operations without worrying about maintenance and security.

On-premise Microsoft Exchange servers will require businesses and organizations to take a proactive approach to security. However, this approach can be challenging for many businesses and organizations due to the amount of money, time, and energy that will need to be invested. Any exposure to online dangers can be a devastating blow to all that continue to use on-premise Microsoft Exchange.

Small businesses that continue to use on-premise servers typically face more dangers due to the lack of resources, finances, and staff. However, small businesses can enjoy greater data protection after switching from on-premise Microsoft Exchange. Any business or organization that is looking for greater flexibility concerning security patches and data protection can find it by using Office 365 Exchange.

Increasing Vigilance

One of the most important steps to take when you want to improve your security stance is employee awareness. Employees should be made aware of the current situation, so they will remain vigilant and suspicious of their email communications. There are industries that are constant targets because of their high value. The tech experts at CTECH Consulting Group are here to help you get the most out of your workforce. We are ready to help protect your environment while empowering a connected workforce. We strongly urge businesses and organizations to consider switching email to Hosted Exchange.

If you have on-premise Exchange and are considering switching to Office 365, contact us today for your free consultation.