As of January 2023, Microsoft is permanently disabling Basic Authentication for many protocols that communicate with Exchange Online. This change has been expected for a few years, but it is now finally here. With many vendors scrambling to adhere to modern authentication, some applications and SaaS-based services are unable to make the change. When it comes to SaaS-based backup, this can leave a gaping hole in your backup strategy. One area where this has had an impact is when it comes to Public Folders Backup and Modern Authentication.
What is Basic Authentication?
Basic Authentication is simply using a username and password for authorized access. Many applications for years have used this access method to connect to on-premise applications along with SaaS-based applications. While simple to understand and use, it can expose you to unwanted attacks. Solutions supporting public folders backup have resisted making the change and still rely on basic authentication.
What is Modern Authentication?
Modern Authentication in Exchange Online references different methods for authenticating and authorizing access. For end users, multi-factor authentication (MFA) is a form of modern authentication where there are two or more factors involved in the authentication process. Examples of this are codes sent by email or SMS or by using an Authenticator application, such as Microsoft Authenticator. You are authenticated by both your username and password and the code that you enter.
Another form of modern authentication is OAuth (currently OAuth 2.0). This is used by applications that request access to Exchange Online. Continuing to use a username and password, even with MFA, is just not practical for applications, where the user is often not present. This is where OAuth comes in. Instead of using a username and password for your application, an application is registered in the Azure Active Directory of the Exchange Online tenant. A set of keys are generated for the application to use when authenticating to Exchange Online. The registered application can be configured with the required access in Azure Active Directory to authorize it for Exchange Online.
Public Folders Backup and Modern Authentication
A number of organizations still continue to utilize public folders in Exchange Online. Instead of support for Public Folders backup and Modern Authentication, organizations are being forced to move away from public folders so that the backup can still continue to work. While some organizations can make the move quickly to avoid disruption, the truth is that many cannot. This can leave critical business data vulnerable to accidental or malicious deletion with no ability to recover.
Public Folders backup with modern authentication in Exchange Online is possible! ExchangeSavvy can solve this problem quickly with our SaaS-based backup solution. We host our own Veritas Alta SaaS Protection (ASP) tenant for our customers. With this solution, we can back up any part of your Microsoft 365 tenant, including Public Folders in Exchange Online. The application is fully compliant with Modern Authentication, which means we can be your Public Folders backup provider while utilizing the latest in Modern Authentication, assuring you that your public folders will continue to be backed up.
For more information, or if interested in a 30-day free trial, please contact us!