Blog

Additional Security Recently Added To Office 365

Feb 15, 2022 | Blog

Back in September of 2020 Microsoft announced that it was experimenting with the addition of SMTP MTA Strict Transport Security (MTA-STS) support to Exchange Online. This was done in a bid to ensure the email communication and security of their Office 365 customers.

In a recent statement by the company the Exchange Online Transport Team said:

“We have been validating our implementation and are now pleased to announce support for MTA-STS for all outgoing messages from Exchange Online.”

While it may not sound like a terribly exciting change, it truly is a big step forward.  Now that the feature is in place in Office 365, any emails sent by users via Exchange Online will be delivered using connections with both authentication and encryption protocols. This is for protecting them from interception and attack attempts and includes both man-in-the-middle and downgrade attacks.

Again, per the Exchange Online Transport Team:

“Downgrade attacks are possible where the STARTTLS response can be deleted, thus rendering the message in cleartext. Man-in-the-middle (MITM) attacks are also possible, whereby the message can be rerouted to an attacker’s server. 

MTA-STS (RFC8461) helps thwart such attacks by providing a mechanism for setting domain policies that specify whether the receiving domain supports TLS and what to do when TLS can’t be negotiated, for example stop the transmission.”

In addition to the feature addition Microsoft has also provided guidance on how to adopt MTA-STS. This includes where to host the policy file on your domain’s web infrastructure.

Additionally, the Exchange Team announced that they’re in the process of rolling out SANE for SMPT (with DNSSEC support). That provides better protection for SMTP connections than MTA-STS does.

The company’s plan is to proceed slowly and in two phases. Phase I is to be completed by March 2022 and phase II is to be completed by year end 2022.  The team stressed that admins would be able to use both standards on the same domain at the same time, allowing them to account for senders who may exclusively use one or the other.

Great news indeed.  Kudos to Microsoft for their continuing efforts.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech