See how this change affects you...
Did you know Basic Authentication Retirement in Exchange Online will happen on October 13, 2020? Read on to learn how that may affect your organization and what you can do today!
Big Change from Microsoft - Basic Authentication Retires:
Beginning October 13, 2020, Microsoft will retire Basic Authentication for Exchange Web Services (EWS), Exchange ActiveSync (EAS), IMAP, POP, and RPS to access Exchange Online. This retirement of Basic Authentication increases security against attacks and phishing schemes. Organizations should check today to see if they will be impacted – it is more than just old versions of Outlook! This may impact:
- Marketing software that sends emails
- Custom applications/written code that sends email
- Critical applications that send email
- Phone systems that forward voicemails into a user's email box
How will your organization be impacted?
This change may affect your users or apps. Administrators and users must act proactively to avoid service disruptions. If no action is taken, any client application using Basic Authentication for EWS may be unable to connect as of October 13, 2020. If you currently use Remote PowerShell (RPS) to access Exchange Online, you should consider switching to PowerShell within Azure Cloud Shell.
If your organization has written any code or has a 3rd party app developer, be sure to reach out to them and update it to support this OAuth 2.0 authentication. Some applications have been connecting to Exchange for a very long time! Those processes may need to update the old app that was written years ago. Often, organizations have many items sending emails in their environment, and it is crucial to go through and inventory/catalog to discover what methods you are using. Even your voicemail may be using email. The change that Microsoft brings makes your environment more secure, but for some organizations, this transition can be a real pain. Organizations also need to inventory applications that connect to Exchange.
We recommend organizations start updating any client applications that your users are utilizing to versions that support OAuth 2.0 today! Even though many mobile devices are using a variety of email applications that support Modern Authentication – we recommend switching to the Outlook app. Outlook provides the best-integrated experience for Microsoft 365 users for both desktop and mobile devices. The Outlook mobile application is available for iOS and Android.
Furthermore, this change may cause disruptions in many different areas of an organization. We recommend disabling Basic Authentication and requiring Modern Authentication with MFA. This will improve organizational security, help protect data, and it’s the smart thing to do. To learn more read our blog about MFA here!
Microsoft has also announced various changes:
- Azure AD Sign-In Report: Microsoft recently released an improved Azure sign-in report to help tenant admins identify which users or applications are at risk. This report will be available to all customers and provides a 7-day rolling report of login activity.
- Different methods to access email (POP and IMAP), and Simple Mail Transfer Protocol (SMTP): Microsoft has completed their development work and is rolling out Modern Authentication support for POP and IMAP in Exchange Online now. Documentation for developers is being finalized.
- Microsoft also just published details of a Total Economic ImpactTM Study Forrester which details the security, productivity, and cost benefits of a switch to Outlook mobile. Please view it here.
How Interlink can help?
Interlink’s expert technicians can check for you, and we can then make recommendations for remediation. We can either do a legacy connection quick engagement to check for just this change or a larger tenant security health check. Contact us here today!