TMCnet Feature
March 12, 2021

IT Experts Share Thoughts On Microsoft Exchange Server Security Threats

The Microsoft (News - Alert) Threat Intelligence Center (MSTIC) recently issued a vulnerability warning to on-premise Exchange Server users. According to the tech giant, bad actors are routinely targeting servers using zero-day exploits.

Cybercriminals breached the servers of many American firms to access email accounts or install malware. The latter case enabled the hackers to facilitate long-term access to the servers.

MSTIC linked the attack to a Chinese group known as Hafnium. It noted that the attacks mimic the profile of state-sponsored outfits. Microsoft issued the statement based on Hafnium's tactics, procedures, and victim selection strategies.

Several IT experts shared their views on the issue and provided valuable advice to on-premise Exchange Servers users. Here are their opinions.

Should People Still Run On-Premise Exchange?

Ian Brady of Steadfast Solutions urged companies to stop using on-premise Exchange. He said most companies are discontinuing usage of the service, including highly regulated organizations. Alek Pirkhalo of Infiniwiz concurred with Brady on the issue. He stated that a few exceptions apply to companies bound by specific compliance or security requirements.

Conversely, Ravi Jain of Technijian recommended continued use of the email servers. However, Ravi did not give any reasons for his advice.

According to Troy Drever of Pure IT, email is a mission-critical service. Thus, he does not recommend continuing to run on-premise Exchange. The tech expert explained that minimal downtime was acceptable in the past, but nowadays, organizations demand round-the-clock reliability.

He said up to 95 percent of Pure IT’s client base has Microsoft 365 plans and uses Hosted Exchange. Clients with on-premise Exchange are contemplating switching to MS 365. Exchange Online is safer because Microsoft keeps the servers up to date and performs real-time monitoring to prevent, detect, and thwart attacks by sophisticated cybercriminals like Hafnium.

Drever urges companies to take advantage of the Hosted Exchange’s advanced security measures and high availability. He noted that the measures are challenging to achieve with self-hosted email servers.

Guy Baroan of Baroan Technologies voiced his opinion on the matter, saying there is no reason to opt for on-premise servers. However, some larger organizations still prefer to run Exchange locally. On the other hand, Donna Hall of OnPar Technologies noted that self-hosted Exchange Servers come with advantages and disadvantages. 

On-premise servers require regular maintenance, which can be cumbersome and time-consuming. Failing to maintain the environment creates significant security vulnerabilities. Regular outages and downtime are additional stumbling blocks associated with on-premise email servers. This downside is due to the absence of redundancy in the system.

When Would It Be Advisable for Organizations to Run On-Premise Exchange?

For Michael Anderson (News - Alert) of 365 Technologies, on-premise Exchange is taxing on an organization’s resources. Companies need to handle reporting and reconciliation of license counts, adhere to specific backup practices, maintain hardware, and apply regular security patches.

In the meantime, Nick Allo of SemTech IT Solutions echoed Anderson’s words by saying running on-site servers is not advisable. Maintenance requirements are cumbersome. Also, companies face greater responsibility in terms of keeping the servers secure and running properly. Organizations can relieve the workload by paying $4 per inbox for Microsoft Hosted Exchange (News - Alert).

In doing so, organizations eliminate the need to hire more employees to keep on-premises servers working optimally. These systems typically require complex backup solutions and network configurations.

Demetrius Cassidy of In The Cloud Technologies highlighted companies’ reluctance to upgrade an email server if they feel the system is working optimally. This mindset exposes organizations to considerable risk as it creates vulnerabilities. Failing to upgrade the servers over time makes it challenging to safeguard the environment from cyberattacks.

He further stressed the need to switch to Hosted Exchange because there is no valid reason to continue running on-premise systems anymore. Unified messaging is no longer a factor since organizations now rely on Cloud Voicemail. Cassidy recommends opting for a single Microsoft Exchange 2019 mailbox server to handle management tasks. Companies should switch email to Hosted Exchange.

Why Does Microsoft 365 or Other Hosted Exchange Services Make Sense Than On-Premise Exchange?

Ian Brady of Steadfast Solutions believes corporate decision-makers with trust issues find on-premise email servers more attractive than Microsoft 365 and other hosted exchange services. For Alek Pirkhalo, the benefits of online servers include lower cost, better security, no maintenance responsibilities, and high availability.

Carl Fransen, an IT expert at CTECH Consulting Group, added his voice to the discussion by saying there are no longer any valid economic or technical reasons to retain on-site Exchange servers. Companies lose more money running such servers, which typically come with a working life of approximately five years.

Microsoft continues to invest heavily in its Hosted Exchange service. Businesses can take advantage of advanced features like enforceable data governance and data loss prevention, which are not available in self-hosted servers. Off-premise servers store data in tier four data centers worth billions of dollars. Fransen also highlighted cost savings since companies only pay for services they use.

According to Ilan Sredni of Palindrome Consulting, organizations can still deploy and use on-premise servers, but the security requirements are coming to a tipping point. Email-based threats are increasingly becoming a major issue for businesses globally. Sredni believes Microsoft will eventually stop supporting the on-premise Exchange environment.

He stated that a few clients at Palindrome Consulting still use on-premise servers due to the need to integrate with legacy applications. The tech expert recommends making the switch to Microsoft 365 sooner than later.

Ferrell Fuller of ChaceTech LLC recommends taking advantage of enterprise tools offered by Microsoft 365, particularly Exchange Online servers. Doing so minimizes the security risks and increased costs associated with self-hosted email servers. Companies opting for Hosted Exchange enjoy peace of mind knowing that Microsoft handles security and maintenance.

Kenny Riley of Velocity IT agrees with Ferrell Fuller on adopting Exchange Online. He noted that on-premise servers require a proactive approach to security to counteract evolving zero-day attacks, which can be costly and time-consuming.

What Are Your Thoughts on This Security Issue

For Sean Connery of Orbis Solutions, companies need to educate themselves regarding the pros and cons of self-hosted servers. The Hafnium exploit is a clear reminder of the dangers that come with on-premise systems. Tech experts at Orbis Solutions recommend installing patches to resolve specific vulnerabilities. Microsoft provided patches, which protect against gaps that enable attackers to access confidential data or execute code remotely.

According to Ian Brady, achieving a system with zero vulnerabilities is a challenge. Thus, companies should rely on tech giants to provide email servers. This approach lessens the burden on internal tech departments. Alek Pirkhalo of Infiniwiz echoed Brady’s statement saying that risk is ever-present, and some system administrators encounter issues, even after patching.

Michael Anderson commented that the Hafnium zero-day exploit highlights the need to apply patches as quickly as possible. Delays in releasing and applying patches expose many businesses to attacks. Exchange Online is a better option because the platform makes it easier to apply security patches at short notice.

Organizations should learn from the Hafnium cyberattacks and switch to Hosted Exchange without delay, says Troy Drever. Exposure to increased risk can prove devastating for companies that choose to continue with on-premise servers.

Donna Hall warned smaller businesses about the dangers of running older technologies. Data protection is easier with Exchange Online, as evidenced by the mass adoption of the service. This option allows organizations to leverage flexibility concerning data protection and security patches.

» More TMCnet Feature Articles


» More TMCnet Feature Articles