GUEST ESSAY: Why Microsoft Exchange users ‘must have’ robust data recovery policies, practices

Cloud hosted email services have come into wide use as the go-to communication and collaboration work tools for businesses far and wide.

Related: Weaponized email endures as top threat

Digital native companies start from day one relying entirely on Microsoft Office 365 or Google’s G Suite and most established companies are in some stage of migrating to, or adjusting for, Office 365 or G Suite.

That said, Microsoft Exchange on-premises email servers – technology that once, not too long ago, dominated this space – remain in pervasive business use today.

In 2021, on-premises Microsoft Exchange Server mailboxes commanded a 43 percent global market share as compared to 57 percent for cloud Exchange mailboxes, according to this report from Statista. Some 11,800 computer software companies, 10,000 IT services vendors, 5,500 health care organizations and 3,200 financial services firms continue to maintain on-premises Exchange email servers, according to this report from Enlyft

What’s more, many of the organizations migrating to cloud IT infrastructure services are patching together hybrid email systems, part on-premises and part cloud-hosted.

The advantages of sticking with on-prem Exchange servers include full control, better performance, the ability to customize, and low ongoing expenses. The disadvantages include the likelihood of downtime and the cost of ongoing maintenance. Physical servers, after all, require space and power, as well as in-house operational expertise.

Corruption and failure scenarios

From an operational standpoint, Exchange servers, in one sense, have become more finicky and cumbersome to operate in the field, if only because of complexities introduced in operating business networks simultaneously on-premises and in the Internet cloud. Hybrid networks have become something of a de facto practice across many industries and are probably here to stay.

Bhushan

In this environment, the opportunities for mailbox database corruption and/or Exchange server failure scenarios are manifold and require proactive vigilance. Here are some of the common Exchange server failure scenarios companies face daily:

•“Information Store Service” fails to start up

•Database files turn up missing

•“Dirty Shutdown” state triggers

•Database runs out of free disk space and/or log file volume•Access gets cut off to underlying storage

•Power source fails

•Hardware and/or software issues crop up

From a security standpoint, this translates into a massive exposure to cyber attacks, leaving many doors open to malware – especially weaponized email. Business email continues to be both the most widely used business communication tool – and the most wide-open, problematic attack vector.

Best practices a must

Email continues to be the starting point for many types of network intrusions, from simple phishing ruses to gain account credentials and network access, to delivering ransomware or business email compromise payloads, to stealthy extraction of sensitive data.

At the moment, ransomware attacks are front and center. Meanwhile, business email compromise (BEC) attacks endure. BEC schemes remain a huge threat – potentially catastrophic to smaller organizations. Consider that on the same day that 281 suspects were arrested in business email compromise stings, the FBI disclosed that worldwide losses from BEC attacks reached $26 billion in a three year period.

Clearly, due diligence from any company continuing to rely on Microsoft Exchange servers is in order, strictly from a security standpoint. In such a viral threat landscape, the risks associated with paying too little attention to optimal daily operations of these servers should be viewed as unacceptable. A logical starting point is to adopt and enforce best practices. These include:

•Robustly and frequently backing up emails, mailboxes, and databases

•Regular testing of restore and verification functionalities

•Conducting annual or even semi-annual disaster recovery tests

•Regularly updating server

•Installing any critical security patches in a timely manner

The good news is that these practices are well-understood and have proven to be very effective. Also, there are excellent tools and services available to help companies more efficiently and securely manage their Microsoft Exchange servers in today’s tumultuous environment.

For example, Stellar Repair for Exchange tool can repair corrupt or damaged Exchange EDB files. An EDB corruption error is a critical malfunction that can arise due to Exchange server crash, power failure, Exchange server errors, Virus attack etc.

About the essayist: Bharat Bhushan is technical marketer at Stellar Data Recovery. He is skilled in Microsoft Exchange Database, MSSQL Database troubleshooting and data warehousing.

*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/guest-essay-why-microsoft-exchange-users-must-have-robust-data-recovery-policies-practices/