If you’re one of the organizations that are still using Office 2013 with Microsoft Online Services, then you’ll want to know the changes coming this fall. Microsoft recently announced the following updates…
- After Oct 13, 2020, Microsoft will not support the use of Office 2013 with Microsoft Online Services. You may experience performance and/or reliability issues over time, and new tenants created after October 13 will be unable to use Basic Authentication.
- Sometime in 2021, Microsoft will disable Basic Authentication for existing tenants to improve their overall security posture. Any applications still depending on Basic Authentication will need to be migrated to Modern Authentication before this happens. While Microsoft has yet to set a hard date for this move due to the COVID-19 crisis, it’s important to know it’s coming, as it can affect users accessing applications utilizing Azure Active Directory authentication.
Why is Microsoft doing this?
It really comes down to modern security best practices, and that means changing from Basic Authentication to Modern Authentication. In a recent blog post, Microsoft stated that…
…Basic Authentication makes it easier for attackers armed with today’s tools and methods to capture users’ credentials (particularly if not TLS protected), which in turn increases the risk of credential re-use against other endpoints or services. Multi-factor authentication (MFA) isn’t easy to enable when you are using Basic Authentication and so all too often it isn’t used.
Simply put, there are better and more effective alternatives to authenticate users available today, and we are actively recommending to customers to adopt security strategies such as Zero Trust (i.e. Trust but Verify) or apply real time assessment policies when users and devices are accessing corporate information. This allows for intelligent decisions to be made about who is trying to access what from where on which device rather than simply trusting an authentication credential which could be a Bad Actor impersonating a user.
With these threats and risks in mind, we’re taking steps to improve data security in Exchange Online.
So, what is the solution?
You will need Microsoft 365 Apps for Enterprise/Business (formally known as Office 365 ProPlus) or Office 2019 clients in mainstream support to connect to Office 365 services.
Note that for Office 2016 users, Microsoft is continuing support for Office 365 services through October 2023 to allow for more time to fully transition to the cloud.
We can help.
Whether it’s updating your Office 2013 to a newer, more-secure version, or implementing a modern multi-factor authentication solution, our experts can help. Reach out today to set up a conversation.
Keep Moving Forward. We Got Your Back.