Microsoft is set to phase out the use of Client Access Rules in Exchange Online.
If you have multiple forms of authentication that require different user properties, or various Exchange Online client properties, you may need a solution to sort and control access to your organization based on these parameters. CARs can help!
Beginning October 2022, landlords will no longer be able to enable CARs for tenants unless they accept the CARs from their previous property.
Replace CARs
Microsoft has announced that Adaptive Reality is on its way out.
Microsoft(opens in new tab) announced the release of CIhAe in January 2021, and according to them it will allow your Azure Active Directory applications to subscribe to critical events.
When an event takes place in your account, you’ll be notified of the occurrence and given details such as what happened and why. You’ll then have the opportunity to decide whether or not to accept it by clicking a box that says “Accept”.
When important events happen, Azure AD jumps in and interrupts current app sessions. They’ll notify you and take you directly to the first page of policy settings in order to reauthenticate or better assess your identity.
Microsoft has created a use case which they believe will enable control while adding resiliency to the session by safely extending the duration of the digital experience.
In case of any Azure AD outages, users with CAE sessions will reportedly be able to ride them out without ever noticing them.
Tenants still using client access rules will receive notifications via Message Center in order to start the planning process to move their rules.
This is not surprising because cybercriminals have been targeting Microsoft Exchange protocols for some time now.
The US Federal Bureau of Investigation and the United Kingdom’s National Cyber Security Centre have issued a warning about how state-sponsored hackers from Iran are using the ProxyShell vulnerability, which was found in October of this year.
This vulnerability gives cybercriminals unauthenticated, remote code execution powers.
There are a lot of things you can do to minimize your risks, such as by signing up for a well-known email protection platform like best endpoint.
