CISA, NSA share Microsoft server security best practices

10/31/25

The Cybersecurity & Infrastructure Security Agency, National Security Agency, and international cybersecurity released Microsoft Exchange Server Security Best Practices, a guide to help network defenders harden on-premises Exchange servers against exploitation by malicious actors.

Details: CISA said:

Organizations with unprotected or misconfigured Exchange servers remain at high risk of compromise as threat activity targeting vulnerable servers persists.
Best practices include hardening user authentication and access, ensuring strong network encryption, and minimizing application attack surfaces.
Organizations that implement these practices can significantly reduce their risk from cyber threats.

Resources for Community Bankers: More cybersecurity resources for community banks are available on ICBA's Cyber and Data Security Resource Center.

NewsWatch Today Contacts

Martin Carr

Manager, Communications

Nicole Swann

Vice President, Communications

TCM Careers

News

Our Team

Board of Directors

Portfolio Purchasing

Credit Card Program

Consumer Agent Program

Business Agent Program

CISA, NSA share Microsoft server security best practices

NewsWatch Today Contacts