Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Securing / Hardening OWA

Posted on 2008-10-08
4
Medium Priority
?
1,123 Views
Last Modified: 2010-05-18
Hi All,

I'm just wondering if there's any way to make OWA more secure after i purchased UCC certificate from COMODO RC4-128 bit

but my boss explained that he can log in at an internet cafe with no problems.
I have logged in with my home desktop and found the only security to be the normal login and password required.

Can anyone here please share on how we might address this to secure and hardening the OWA access.

- thanks
0
Comment
Question by:jjoz
  • 2
4 Comments
 
LVL 9

Assisted Solution

by:Housammuhanna
Housammuhanna earned 1000 total points
ID: 22667501
You may have a UCC
but you MUST force the Connection to use only SSL
if the users are using SSL HTTPS then the connection is secure
are you able to view the site using HTTP, NO
what is the Security your boss is looking for
A lock and prevention from accessing the OWA from anywhere
then you can use the VPN
0
 
LVL 23

Assisted Solution

by:ormerodrutter
ormerodrutter earned 1000 total points
ID: 22669233
OWA is designed for, well, convenience. It is there so that users can access their own emails while on the road. What is the point of using OWA if your users can't access their emails say, while in a business trip abroad?

Yes there is a way to further tighten OWA but you have to think about the cost vs benefit.

The most secure way is to get your user(s) to create a long & complex password. Use Group Policy to enforce such as your users will have to use a password over 8 characters with a combination of upper/lower case, numbers & letters.

0
 
LVL 1

Author Comment

by:jjoz
ID: 22674252
Yes,

Currently my OWA is using HTTPS and it is accessible from anywhere around the world.

i guess that UCC cert. is should be enough then.
0
 
LVL 1

Accepted Solution

by:
jjoz earned 0 total points
ID: 22675524
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question