If you’ve ever used a password to access a system, that means you’ve participated in authentication.
It’s a common feature of the corporate world, and because Microsoft’s suite of services is so popular there, you’ve likely had to authenticate yourself or your team members on a Microsoft application or network.
Microsoft recently made a critical change in its authentication posture, eliminating a feature known as Basic Authentication. While this change was made for the right reasons and will have a net-positive impact on those using Microsoft products, it’s still a change those organizations will need to assess and navigate.
So what will this mean for you? Let’s take a closer look at what Basic Authentication was, what Microsoft decided to do with it, and how you and your organization can remain flexible in the face of these changes.
An organization’s internal network will often grant users access to proprietary information they don’t want anyone outside the organization to view. For this reason, companies need to be able to protect their network, letting the right people in and keeping the wrong people out.
That’s what authentication is for. Authentication is how computer networks verify that the user logging into a system is who they say they are. There are variations and different ways to authenticate one’s identity. But ultimately, no matter what form it takes, all authentication offers organizations the ability to safeguard their network from anyone who doesn’t belong on it.
Until recently, Microsoft offered a feature known as Basic Authentication.
So what is – or, more appropriately, was – Microsoft’s Basic Authentication? According to Microsoft’s documentation site, Basic Authentication moves network usernames and passwords from one part of the network to another, unencrypted. To ensure protection, Microsoft users had to utilize SSL encryption alongside Basic Authentication.
This extra level of security helped keep sensitive data safe, whether that data was being shared on the public-facing internet or on a company’s intranet. It wasn’t a comprehensive security solution, however, which has led to Microsoft developing a better solution for security. While Microsoft used Basic Authentication for a number of years, in the last few years, their more modernized platforms used a different, more holistic type of authentication.
In 2019, Microsoft announced it was moving away from Basic Authentication, both for Exchange Web Services and Exchange Online for Active Synch. It did so in October 2020. Microsoft announced this shift well in advance to give its users time to shift away from the change.
In advance of the move, Microsoft asked its users to gradually transition from Basic to a different type of authentication (more on that below). While migrations are never simple, they contended that the value-added would limit the risk users encountered from continuing to use Basic Authentication.
Microsoft moved from Basic to a format known as Modern Authentication. Modern Authentication isn’t new in and of itself, but it’s not compatible with some of Microsoft’s older applications.
So how does Modern Authentication work? It’s a step up from Basic, offering more security and a more comprehensive authentication posture. According to Microsoft’s Modern Authentication site, there are a whole host of authentication capabilities in Exchange Online. These functions include:
If you’re looking to use Modern Authentication with an older version of Outlook on Windows, you may be able to use it if you’ve enabled Modern Authentication and the application supports it. Microsoft offers additional guidance on how it can support other applications within its Office platform.
In the past, if you didn’t have Modern Authentication enabled, your Outlook would default to Basic Authentication to connect to Exchange Online. Now that Microsoft has disabled Basic, this is no longer an option.
There’s good news and bad news for this change and how it will impact you and your business. First, the bad news: like any sweeping change to a platform you use, this may require action on your part. If you use an older version of Office, there’s a chance it doesn’t support Modern Authentication. That means you’ll likely need to upgrade to a newer version of Office. This kind of change has the potential to significantly disrupt your organization and its workflow – unless you’re able to identify a partner to help you through the process.
Here’s the good news: this change will work wonders in terms of making your team members’ Office experience more secure. There’s no telling what kind of damage that can be done via a security breach. One successful phishing or hacking attempt could corrupt your data, expose sensitive information, or lead to a loss of money or consumer trust. With Modern Authentication, you decrease the likelihood of a hack occurring.
This wasn’t a case of change for the sake of change – Modern Authentication offers a much more sophisticated approach to network security. Enhanced authentication promises your team members’ passwords and access will be kept more secure. It may not eliminate the possibility of an attack entirely, but it certainly mitigates the risk.
That leads us back to the question of how you can ensure your organization is using a compliant version of Office. The best recourse is to partner with a trusted IT services provider who understands how to navigate Microsoft and Microsoft products. That way, you can focus on your mission while leaving the migration efforts to the experts.
That expert is Schilling IT. At Schilling IT, we’re well-versed in managing and maintaining Microsoft services. We know how to get your company up to speed quickly, minimizing disruption and maximizing efficiency. We can help you ensure your company won’t feel any undue pressure as you make any changes.
For more on how to navigate Microsoft support and your Microsoft networking needs your business may have, call Schilling IT today.
My experience with Schilling IT has always been excellent. For the most part, Cirro Ramos has been the person to assist me. Cirro is consistently pleasant, knowledgeable, and patient. He never stops until my problem is resolved. I am so grateful that our organization has Schilling IT to help us with our needs!~ Angela Harris
Schilling IT provides a personalized, expert solution for all our IT needs and even more. They have never avoided helping us with anything related to technology even if it may fall outside their typical course of business. They have been the complete solution for anything relating to computers, technology, and IT. Their response time has always been fast.~ VJ Damasius
Schilling IT and all of their employees are excellent!!! They always take care of any issues we have in a timely manner and I would recommend them to anyone!!~ Shannon
Great customer service, and quick!!! Total professionalism on appearance and demeanor. Completely satisfied with the work we had performed.~ Kerry drake
Schilling IT is professional and quick to resolve your IT problems. I highly recommend their team!~ Jorie Jones-Prather