Last week, the National Cyber Security Center (NCSC) made a repeated call to update Microsoft Exchange servers. Many servers are still vulnerable to abuse. On-premises solutions are simply more difficult to debug than in the cloud. Time for uniform policies on every platform?
Despite previous calls from NCSC She is in many organizations Microsoft Make available security updates uninstalled. The risk of abuse is high, especially since criminals have three attack technologies: ProxyShell, ProxyOracle, and ProxyToken. By integrating them, it is possible to take over vulnerable Exchange servers remotely.
Let this be a wake-up call for organizations in all sectors, says Wim van Campen, vice president of EMEA at Lookout IT security. According to him, it is the responsibility of the organizations themselves to correct these weaknesses. ‘Here’s the problem.’ If this was a cloud service, the cloud provider would have made the necessary corrections.
IT and security teams need a way to implement standardized data protection policies across every system and platform, whether on premises or in the cloud. At the moment, there are still many differences in the way these different environments are secured. According to Van Campen, this can have a negative impact on the overall security of the organization.
Join the discussion!
what do you think? Why are data protection policies different across different platforms and platforms, on-premises and in the cloud? How can you eliminate these differences? And: does this solve the problem of uninvited guests on your servers?