NEWS
EXCHANGE ONLINE LEAST PRIVILEGE CRITERIA END EMAIL PROTOCOLS
- Details
- Written by Sara Oliveira
User Rating: 5 / 5
Among many of the security policies that R2SIS adopts both internally and for its customers, is the question of the criterion of least privilege, that is, employees will only have access to information that is essential to perform their daily tasks, and nothing else. This ensures that unauthorized people do not have access to confidential information and is in line with one of the main pillars of Information Security, which is Confidentiality.
In Exchange Online, part of the Microsoft 365 suite, you can control so that users only have access to the email protocols they really need to work. For example: We can block the employees' access to the Outlook webmail, so that they do not access their emails outside the work environment, or using computers that were not properly authorized to install the Office package; we can also block the use of POP and IMAP protocols, to prevent malicious users from configuring their employees' emails in automatic email triggering tools – thus preventing the use of their corporate addresses to send spam/phishing -. In this way, only the exclusive Exchange Online protocol will be accepted for sending/receiving messages, to protect your organization's information.
To find out what is the best e-mail security scenario for your company, contact our team of experts at R2SIS Tecnologia.
- Hits: 1071
THE IMPORTANCE OF MATCHING AUTHENTICATION METHODS IN PASSWORD PROTECTION
- Details
- Written by Sara Oliveira
User Rating: 5 / 5
To keep your organization's password data secure, it is very important to align two or more authentication methods.
We know that many users have difficulty remembering passwords - perhaps because of the number, variety, or degree of difficulty of passwords - and often end up using insecure methods to store this information, such as taking notes on paper, spreadsheets, documents, etc.
It is not ideal to work this way, as if someone unauthorized has access to this document, they will have access to all your confidential information at once.
The alternative that some users find to make it easier to remember passwords is to change them with insecure and repetitive passwords (they use the same password for all the systems they access). This method is also not secure, as if a malicious user has access to these passwords, they will also have access to all systems where you have your record.
It is very important to enable MFA in as many tools as possible to ensure a second layer of protection for your information. Even if someone gains access to your password, they will need a second confirmation to gain access to your account.
The self-service password reset, and MFA features are disabled by default in Microsoft 365 services and should be configured according to your organization's scenario. To enable them in the best way, you can count on R2SIS Tecnologia's team of professionals, who will assess your scenario and better understand how these tools can further protect your business.
- Hits: 1009
RELEASE NEW WINDOWS 11
- Details
- Written by Sara Oliveira
User Rating: 5 / 5
On October 5th will be released the new version of Windows operating system, from the date, Windows 10 users with qualified computers will be able to download and install Windows 11 for free.
If you have a computer with Windows 10 that is eligible for update, Windows Update will let you know when it is available to you so you can perform a system update.
Windows 11 promises a revolution in design and in terms of facility and practicality, specific to more intuitive handling. The main requirement required by Microsoft to perform the upgrade is TPM 2.0.
It consists of a security chip used in motherboards, which ensures more security for the operating system, one of its main functions is to manage the system's encryption keys, the problem is that not all computers configured this device today.
For R2SIS customers it is recommended that they wait for the guidance of our responsible technical team before performing the update. Our team is working on
- Hits: 1372
EXCHANGE SERVER PATCH ALERT
- Details
- Written by Ricardo Segalla
User Rating: 5 / 5
Microsoft is releasing patches for multiple different on-premises Microsoft Exchange Server zero-day vulnerabilities that are being exploited by a nation-state affiliated group.
The vulnerabilities exist in on-premises Exchange Servers 2010, 2013, 2016, and 2019. Exchange Online is not affected.
To minimize or avoid impacts of this situation, Microsoft highly recommends immediate action to apply the patches for any on premises Exchange deployments you have. The first priority being servers which are accessible from the Internet (e.g., servers publishing Outlook on the web/OWA and ECP).
To patch these vulnerabilities, you should move to the latest Exchange Cumulative Updates and then install the relevant security updates on each Exchange Server.
We are committed to working with you through this issue. For additional help, please please contact our support team at This email address is being protected from spambots. You need JavaScript enabled to view it..
Exchange patch information:
• March 2, 2021 Security Update Release - Release Notes - Security Update Guide - Microsoft
• CVE-2021-26855 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
• CVE-2021-26857 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
• CVE-2021-26858 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
• CVE-2021-27065 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
- Hits: 2079
Skype for Business Online Retirement
- Details
- Written by Ricardo Segalla
User Rating: 5 / 5
On July 30, 2019, Microsoft announced July 31, 2021 will mark the official retirement of Skype for Business Online at which time access to and support for the service will end. This news reflects Microsoft’s focused investment in Microsoft Teams, expanding on capabilities in Skype for Business Online by bringing together calling, chat, meetings, and Office 365 and third-party productivity apps in single, intelligent hub. The richer functionality of Microsoft Teams enables organizations to move faster and collaborate more efficiently, and replaces Skype for Business Online as the core communications client for Office 365.
With the focus of helping customers transition from Skype for Business Online to Teams, as of September 1, 2019, no new tenants will be on-boarded to Skype for Business Online. Customers actively using Skype for Business Online will still be able to add new users to their tenant. While many organizations across the globe have successfully upgraded to Teams, the July 31, 2021 retirement provides 24 months for remaining Skype for Business Online customers to make the transition. To maximize the economic and cultural benefits Teams brings, we encourage you to begin planning your upgrade today.
Skype Consumer and Skype for Business Server services will not be impacted by the retirement of the Skype for Business Online service and current Skype for Business Online customers should expect no change in the quality service up to its retirement date.
Read more about the momentum behind Microsoft Teams and the Skype for Business Online retirement announcement at the Microsoft Tech Community Teams blog.
Please let me know your availability for time to connect and discuss how we can support your business and the transition to Microsoft Teams.
Regards,
Ricardo Segalla
- Hits: 3189