Notes from the IR front lines — if you have on-prem Exchange, assume compromise. Also start a plan to migrate to Microsoft 365… yesterday.
22
72
8
434
This is so polarizing. What’s the reasoning? We are half in/half out already and stuck on moving forward with 365 or going back to on-prem
4
2
Replying to @typeyourname10
Recent experience is teaching me that it’s impossible to securely run Exchange on prem. It’s been the initial point of entry for numerous compromises.

Apr 20, 2022 · 1:40 AM UTC

2
30
It really is possible :/ but like anything, care and attention is needed with what ports you open and where you allow traffic from and to
1
You *can* run a pretty secure Exchange server, but the effort to maintain and secure such an unreliable piece of highly visible hot garbage just isn't justifiable.
1
14