This blog covers the broad strokes of the guide from the discovery techniques and blocking access processes while showing you how to handle special exclusions. Adaptive Shield has also developed and released a PowerShell script that creates a unified report to map out the organization’s posture to know which users have legacy protocols enabled - for you to copy-paste. In order to enable a smooth transition from these legacy protocols to a modern environment, Adaptive Shield has created a step-by-step guide to help you reduce risk and reinforce your organization’s M365 security. These changes were set to take place over a number of years, and in September 2021, they announced that they will begin to permanently disable Basic Auth in all tenants, regardless of usage, with the exception of SMTP Auth by late 2022. In 2018, Microsoft announced it would introduce a series of changes - and ultimately deprecation - to its authentication controls as a means to help organizations mitigate the risk. The legacy settings have been on Microsoft’s radar to fix for years. Basic Authentication, while necessary for companies using legacy software, is unable to enforce MFA and is superseded by Modern Authentication. Often stored on or saved to the device, Basic Authentication protocols rely on sending usernames and passwords with every request, increasing the risk of attackers capturing users’ credentials, particularly if not TLS protected. Microsoft 365 (M365), formerly called Office 365 (O365), is Microsoft’s cloud strategy flagship product with major changes ahead, such as the deprecation of their legacy authentication protocols.
0 Comments
Leave a Reply. |