The content of this document focusses on integrating ESA with OWA in a few simple steps. Furthermore, it offers some best practices for securing access to services that Microsoft Exchange offers
Many companies are using Microsoft Exchange as their solution for email, calendaring, etc. Most of them also allow their users to make use of the built-in “Outlook Web Access” or “Outlook Web App” (OWA) solution that allows users to access most of the features Exchange has to offer through a web browser.
In a default configuration however, OWA allows users to authenticate themselves with a username and password combination only. This is considered as a security risk by most professionals, as it is relatively easy for a person with malicious intent to abuse stolen / leaked credentials to gain access to sensitive company information (for example: email, files, etc.). Furthermore, OWA does not offer any Multi-Factor Authentication (MFA) capabilities out of the box.
This is why ESET has developed a product called “ESET Secure Authentication1 ” (ESA). ESA is a product that allows MFA to be easiliy integrated with existing solutions such as OWA, allowing IT administrators to easily increase the level of security of their available applications.