THE IMPORTANCE OF MATCHING AUTHENTICATION METHODS IN PASSWORD PROTECTION
To keep your organization's password data secure, it is very important to align two or more authentication methods.
We know that many users have difficulty remembering passwords - perhaps because of the number, variety, or degree of difficulty of passwords - and often end up using insecure methods to store this information, such as taking notes on paper, spreadsheets, documents, etc.
It is not ideal to work this way, as if someone unauthorized has access to this document, they will have access to all your confidential information at once.
The alternative that some users find to make it easier to remember passwords is to change them with insecure and repetitive passwords (they use the same password for all the systems they access). This method is also not secure, as if a malicious user has access to these passwords, they will also have access to all systems where you have your record.
It is very important to enable MFA in as many tools as possible to ensure a second layer of protection for your information. Even if someone gains access to your password, they will need a second confirmation to gain access to your account.
The self-service password reset, and MFA features are disabled by default in Microsoft 365 services and should be configured according to your organization's scenario. To enable them in the best way, you can count on R2SIS Tecnologia's team of professionals, who will assess your scenario and better understand how these tools can further protect your business.
RELEASE NEW WINDOWS 11
On October 5th will be released the new version of Windows operating system, from the date, Windows 10 users with qualified computers will be able to download and install Windows 11 for free.
If you have a computer with Windows 10 that is eligible for update, Windows Update will let you know when it is available to you so you can perform a system update.
Windows 11 promises a revolution in design and in terms of facility and practicality, specific to more intuitive handling. The main requirement required by Microsoft to perform the upgrade is TPM 2.0.
It consists of a security chip used in motherboards, which ensures more security for the operating system, one of its main functions is to manage the system's encryption keys, the problem is that not all computers configured this device today.
For R2SIS customers it is recommended that they wait for the guidance of our responsible technical team before performing the update. Our team is working on
EXCHANGE SERVER PATCH ALERT
Microsoft is releasing patches for multiple different on-premises Microsoft Exchange Server zero-day vulnerabilities that are being exploited by a nation-state affiliated group.
The vulnerabilities exist in on-premises Exchange Servers 2010, 2013, 2016, and 2019. Exchange Online is not affected.
To minimize or avoid impacts of this situation, Microsoft highly recommends immediate action to apply the patches for any on premises Exchange deployments you have. The first priority being servers which are accessible from the Internet (e.g., servers publishing Outlook on the web/OWA and ECP).
To patch these vulnerabilities, you should move to the latest Exchange Cumulative Updates and then install the relevant security updates on each Exchange Server.
Exchange patch information:
• March 2, 2021 Security Update Release - Release Notes - Security Update Guide - Microsoft
• CVE-2021-26855 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
• CVE-2021-26857 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
• CVE-2021-26858 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
• CVE-2021-27065 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
Skype for Business Online Retirement
On July 30, 2019, Microsoft announced July 31, 2021 will mark the official retirement of Skype for Business Online at which time access to and support for the service will end. This news reflects Microsoft’s focused investment in Microsoft Teams, expanding on capabilities in Skype for Business Online by bringing together calling, chat, meetings, and Office 365 and third-party productivity apps in single, intelligent hub. The richer functionality of Microsoft Teams enables organizations to move faster and collaborate more efficiently, and replaces Skype for Business Online as the core communications client for Office 365.
With the focus of helping customers transition from Skype for Business Online to Teams, as of September 1, 2019, no new tenants will be on-boarded to Skype for Business Online. Customers actively using Skype for Business Online will still be able to add new users to their tenant. While many organizations across the globe have successfully upgraded to Teams, the July 31, 2021 retirement provides 24 months for remaining Skype for Business Online customers to make the transition. To maximize the economic and cultural benefits Teams brings, we encourage you to begin planning your upgrade today.
Skype Consumer and Skype for Business Server services will not be impacted by the retirement of the Skype for Business Online service and current Skype for Business Online customers should expect no change in the quality service up to its retirement date.
Read more about the momentum behind Microsoft Teams and the Skype for Business Online retirement announcement at the Microsoft Tech Community Teams blog.
Please let me know your availability for time to connect and discuss how we can support your business and the transition to Microsoft Teams.