Hal Pomeranz · Apr 20, 2022 · 12:20 AM UTC

Hal Pomeranz

Hal Pomeranz @hal_pomeranz

20 Apr 2022

Notes from the IR front lines — if you have on-prem Exchange, assume compromise. Also start a plan to migrate to Microsoft 365… yesterday.

434

Type Your Name Here · Apr 20, 2022 · 1:10 AM UTC

Type Your Name Here @typeyourname10

20 Apr 2022

This is so polarizing. What’s the reasoning? We are half in/half out already and stuck on moving forward with 365 or going back to on-prem

Hal Pomeranz · Apr 20, 2022 · 1:40 AM UTC

Hal Pomeranz · Apr 20, 2022 · 1:40 AM UTC

Hal Pomeranz @hal_pomeranz

20 Apr 2022

Replying to @typeyourname10

Recent experience is teaching me that it’s impossible to securely run Exchange on prem. It’s been the initial point of entry for numerous compromises.

Apr 20, 2022 · 1:40 AM UTC

Ross · Apr 20, 2022 · 12:33 PM UTC

Ross @lwolive

20 Apr 2022

Replying to @hal_pomeranz @typeyourname10

It really is possible :/ but like anything, care and attention is needed with what ports you open and where you allow traffic from and to

Johnnie🌆- Finally Home · Apr 20, 2022 · 12:48 PM UTC

Johnnie🌆- Finally Home @beerbikesbacon

20 Apr 2022

Replying to @hal_pomeranz @typeyourname10

You *can* run a pretty secure Exchange server, but the effort to maintain and secure such an unreliable piece of highly visible hot garbage just isn't justifiable.