In the face of the increasing number of cyberattacks - most recently the Hafnium attack - organizations are more and more aware of the dangers of opening their network to allow for remote work and remote access. At Connecting Software, we have worked over the years with organizations that require the highest security and developed two solutions for them: CB Super Secure Exchange Server and CB Exchange/Outlook Content Censor.
Isolate to Improve Microsoft Exchange Security
Microsoft Exchange security has long been a concern. With so much depending on your email and calendar, you can’t risk having your organization’s email server down or not working properly. Hackers know this and they target Microsoft Exchange Servers in many ways.
Things have gone from bad to worse. The number of cyberattacks significantly increased in 2020. In 2021, the Hafnium attacks raised serious concerns about Microsoft Exchange Server in particular. These attacks were so dangerous that on Mar 2, 2021, the Cybersecurity and Infrastructure Security Agency issued an Emergency Directive about this serious security breach. This directive required all federal civilian departments and agencies in the United States running Microsoft Exchange on-premises to disconnect them from their networks until they had patched and updated those servers.
The solution to prevent these attacks has historically been isolation. You isolate the internal network where you have Microsoft Exchange on-premises from any untrusted networks, especially the Internet. Organizations that require higher security, like financial institutions, the military, or even the public sector, have chosen this network separation for some time.
That means you close the organization’s internal network to the outside world. Unfortunately, that has a downside: users can only send emails and use their Outlook account while connected to that network. It is limited to when they have that connection so there is a higher level of security for the organization as a whole.
Remote Access to Microsoft Exchange to Improve Collaboration and Enable Remote Work
On the other hand, remote access to email and calendar has become a necessity. There are two main requirements that have emerged:
When you use Microsoft Exchange on the cloud, these are given. But how can you enable remote access to email and calendar when you need to isolate your Microsoft Exchange Server for security reasons?
Isolate Exchange Server but Enable Remote Access: the challenge
Here at Connecting Software, we started to work with Microsoft Exchange Server at the very beginning of our history. We already had plenty of experience with Exchange Server under our belt when a request came from a governmental institution.
They wanted to create a solution to enable secure communication of their internal network with the outside world. The motivation for this was to enable employees to view mailbox items on their mobile devices. We knew we had to do so that it would not put the organization at risk in case the users' devices were hacked or stolen.
This organization wanted to control which information leaves the secure internal network and needed our help. So, we took the challenge with enthusiasm. Soon after, CB Super Secure Exchange Server and Exchange/Outlook Content Censor were born.
“CB Super Secure Exchange Server is a clever use case of air gapping - you ensure that a secure computer network is physically isolated from networks that are not secure, but you don’t limit your end-users because of that.”
CB Super Secure Exchange Server: Prevent Hackers from Using Exchange as an Entry Point
Imagine that a high-level manager in a public sector organization has his Outlook connected to an internal Exchange server. When he is not on-site, he doesn’t have access to his calendar, and he doesn’t see any last-minute changes and requests. This often results in scheduling issues and wasted time.
With CB Super Secure Exchange Server enabled, the calendar on the manager’s mobile phone could be synchronized with his desktop’s Outlook at the office without compromising Microsoft Exchange security.
How is this possible? CB Super Secure Exchange Server enables secure synchronization between a Microsoft Exchange Server on the closed organization network and another one available outside the office. The data exchange between the two networks is secured.
When inside the organization, the user will access the internal server. When outside, the user will access the external server that has the same information. The scheduling issue is solved, and security is not threatened!
An even higher level of hacker protection will be presented in our next article... stay tuned!
Exchange/Outlook Content Censor: Control What Is Exposed Outside
Our Exchange/Outlook Content Censor has another useful feature. It allows the system administrator to control which calendar items are visible and which ones to restrict when you synchronize between the internal and external Exchange servers. For example, you can configure Exchange/Outlook Content Censor to remove attachments automatically and choose intelligent rules for when that should happen.
It is also possible to do a series of filters to secure sensitive data on emails, calendar appointments, and others. You can limit the number of characters of the email body that can be seen on the outside based on specific words on the subject line and more.
Secure remote access to Microsoft Exchange Server is possible!
Microsoft Exchange is a well-known entry point for hackers. At the same time, having instant access to your mailbox items when you are not on-site is a must-have.
Contact our experts to learn how you can improve security and flexibility in your organization at the same time. You can have the best of both worlds!
Technical advisor at Connecting Software
I have been a software engineer since 1997, with a more recent love for writing and public speaking. Do you have any questions or comments about this post, about CB Super Secure Exchange Server, or about Exchange/Outlook Content Censor?
I would love to have your feedback, scroll down and leave a reply below!