Mark your calendars! On July 14, Microsoft Windows 2003 is going EOL, which means that security updates will no longer be issued.
Maybe it’s just the push you’ve been waiting for. For a while now, you’ve probably been thinking about transitioning your email from Microsoft Exchange-on-a-box to the Office 365-in-the-cloud or Exchange Online. You already know why this seems to be a sound and logical move. Users can access business applications from anywhere and on any device—laptops, smartphones, tablets, and more. It streamlines IT operations. There are no storage costs to contend with, and you can scale up services whenever you need to.
But wait—step back for a moment before undertaking the big migration. As experience has taught you, migration is hardly ever a straightforward cutover. Some headaches and sleepless nights are inevitable. To make sure that this journey into uncharted territory goes as smoothly as possible, it’s important to take the time to ask the right questions so you can make informed decisions—especially when it comes to security.
Which Neighborhood Will Your Exchange Server Move To?
Windows Server 2003 supported Exchange Server 2000, 2003 and 2007. Since email is still as critical as ever as a business communication tool, you’ll need to decide where to migrate this workload. Will your email infrastructure upgrade on new hardware or on Azure virtual machines? Or is this the time to make the leap to Exchange Online as part of Office 365?
Security Questions You Need to Ask
You’re already sold on the convenience of cloud-based email applications like Office 365, but security concerns may be one of those things that keep you up in the wee hours.
- While Office 365 offers email security in the form of Exchange Online Protection, is it enough to meet your requirements? Any rules or policies you’ve applied to your email solutions in the past may not transfer over to Office 365, so it’s time to take a serious look at advanced, layered security options that deliver built-in data protection and advanced, real-time threat protection capabilities.
- Are you concerned about spear-phishing attacks? You should be. The SANS Institute estimates that 95% of enterprise attacks start with a targeted phishing email. Office 365 security may be insufficient to protect you from these phishing attempt and the malware that accompanies them. Your best bet is a solution that inspects URLs within emails at scan time and click time and determines the safety of the content.
- How can you ensure email continuity? Office 365 has been known to experience outages now and then. To minimize business disruption, consider a solution that retains all messages sent or received during outages and synchronizes an accurate record of all message activity during that period until your email servers are back online.
Hybrid for Now or Always
Migrating email infrastructure to the cloud is rarely an overnight event. Ask yourself if a hybrid environment is the right choice for your organization—either as a transitional state, which could last a few months to a full year, or as an end state, especially if you need flexibility, and how you will get there without compromise to security. For some organizations, the cloud is not necessarily the best option for certain workloads or functions, like data loss prevention (DLP) solutions. These are typically applications residing on on-premises servers that discover, categorize, and secure sensitive data, and most organizations wouldn’t want to put their highly prized corporate information assets at risk in a cloud-based environment. Additionally, legacy internal systems or proprietary applications unique to your organization are not likely candidates for cloud migration.
Need some help with your Office 365 migration? Download the Osterman Research white paper, Best Practices for Migrating to Office 365, which provides insights into the implications of this major step and provides you with sound advice and best practices. Learn more about how advanced security can help secure your Office 365 deployment at www.mcafee.com/o365.