CISA, NSA share Microsoft server security best practices

The Cybersecurity & Infrastructure Security Agency, National Security Agency, and international cybersecurity released Microsoft Exchange Server Security Best Practices, a guide to help network defenders harden on-premises Exchange servers against exploitation by malicious actors.

October 31, 2025 / By ICBA

Organizations with unprotected or misconfigured Exchange servers remain at high risk of compromise as threat activity targeting vulnerable servers persists.
Best practices include hardening user authentication and access, ensuring strong network encryption, and minimizing application attack surfaces.
Organizations that implement these practices can significantly reduce their risk from cyber threats.

Resources for Community Bankers: More cybersecurity resources for community banks are available on ICBA's Cyber and Data Security Resource Center.

NewsWatch Today Contacts

Martin Carr

Manager, Communications

Thomas Warren

Vice President, Managing Editor

Join ICBA Community

Interested in discussing this and other topics? Network with and learn from your peers with the app designed for community bankers.

Join the community Example Text

Bank Secrecy Act and Enforcement

Credit Union Tax Exemption

Fraud and Scams

Community Banker Representation

Online Training Center

All Training & Resources

Operational Risk

Solutions Directory

Chat with ICBA Community

Contact Us

Solutions Directory

Bank Locator

About Us

About Community Banking

CISA, NSA share Microsoft server security best practices

NewsWatch Today Contacts

Join ICBA Community

Related Articles

CISA releases guidance on integrating AI in operational technology

CISA warns of spyware on messaging applications

CISA shares mitigation tips for ‘bulletproof’ cybercrimes

Independent Banker shares tips for tackling cyber threats

Subscribe Today