It’s no secret that the IT landscape has changed dramatically over the past 8 months. Due to the pandemic, organizations have had to pivot overnight, and what was hoped to be a short-term problem has turned into the new normal. This applies to the way these organizations deal with their customers, employees, and business partners.
M365 - Exchange Online Center
ENow Software's Microsoft Exchange Online blog built by Microsoft MVPs for IT/Sys Admins.
Modern Auth Updates in Exchange Online
The great thing about Office 365 is that it is a constantly updated service. For your subscription, your organization is constantly getting new features and functionality that can greatly improve the overall Office 365 experience. Of course, the downside of that is that IT pros working in Office 365 need to keep up to date on these changes. Luckily for you, you have found this amazing blog post that is going to explain some recent updates to Modern Authentication in Exchange Online.
Microsoft postponed deprecation of Basic Authentication in Exchange Online for existing tenants. Jaap Wesselius (MVP) wrote about this topic already here and explained what Modern Authentication means and how you can monitor existing usage of legacy auth (which Basic authentication basically is).
Azure Active Directory Conditional Access has been around since 2016. Conditional Access governs access to cloud resources by evaluating the conditions associated with the sign-in of a user or application accessing a resource. Conditional Access policies allow an admin to stipulate under what conditions certain actions are enabled. I like to think of them as If-then statements. For example: If: “Sign in comes from an untrusted network, accessing any cloud app”, then: “Require another form of authentication (MFA) before granting access to the cloud app”
Deactivation of Basic Authentication in Exchange Online
In their blog article, "Improving Security - Together," the Exchange product group announced that the insecure Basic Authentication authentication method switches off on October 13, 2020, not just for Exchange Web Services (EWS), but also for Exchange ActiveSync (EAS), POP, IMAP, and Remote PowerShell.