The bad guys are real, especially on the Internet. In fact, the bad guys of the Internet are worse than those in real life. At least you can SEE the ones in real life and defend yourself or flee. The baddies of the Internet come into your house, sit on all the furniture, make a mess, and steal your stuff….all while you are in the kitchen hanging out unaware!
No amount of security will stop them from attempting to break in and nothing is foolproof. Security is a mindset, not a checklist or end state. One easy way to protect your business is not to have anything for them to steal! This is why we put physical goods in a safety deposit box and not randomly around the house. Sure, the bank could still get robbed, but the probably of this happening is infinitesimally smaller than at your house.
Since 2006 we have advocated moving your Exchange server to Microsoft's Office 365 service. There is no point in running Microsoft software internally if they will do it for you. As expected, many people whose jobs depended on managing those internal servers came up with reasons against this. Even the most ardent cloud haters have come around at this point.
The events of the last week confirmed that over 30,000 organizations lack proper technology strategy, competence or at a minimum awareness. Basic email services are a critical component to business operations and cannot be compromised. If you are still running Exchange server internally, follow the steps below to get operational. Then find a technology partner that can provide you with an Intelligent Technology Roadmap get this resolved ASAP!
Step One -- Ensure you have a solid image-based backup of the Exchange server
Do not overlook this step. Even if you have already been compromised and have no backup. Make a an image-based backup of your server prior to applying these patches. The situation only gets worse if the patches corrupt your Exchange server and you cannot recover! You are doing daily image-based backups right?!?!
Step Two -- Run the patches and verify completed installation
Book mark this site and check back often for updates. Exchange Server Updates. After the patches have been installed it is probably worth running the detection scripts to see if you have actually been compromised. Whether you are compromised or not, the next step is to move off your internal Exchange setup ASAP! Spending days rebuilding your Exchange server is time that could be put towards moving to M365.
Step Three -- Find a qualified partner to migrate you to Microsoft 365 ASAP
No offense, but if you are still running Exchange server internally, it stands to reason that tackling a migration project is something you want to outsource. This is a one-time event. No need spend time "figuring out" how to do this, using your staff as guinea pigs, and "testing" things. Just hire a pro and get it done!
There is a basic level of technology strategy and planning that businesses should have in place. If your transition to work from home was challenging, if you are running internal Exchange, if you have an "IT Director" that really is a reactive helpdesk person….time is running out for you to find a technology partner that can implement an Intelligent Technology Roadmap to get things on track. These attacks are not going to stop and the next one may just put you out of business.