Service Update
| Availability | February 20th - 24th, 2023 |
| Product(s) | Email Security Cloud Gateway (CG) |
| Who's affected | Azure Directory Synchronization users |
Overview
As part of Mimecast’s ongoing initiative to improve the performance and security of our services, we would like to advise you of a change for Azure Active Directory Synchronization Integrations.
To further help increase the secure connectivity between your Mimecast account and your Azure tenant, your Azure Active Directory Synchronization Integration will start using a Connector to communicate with Microsoft Azure. The Connector will use the OAuth 2.0 standard for authentication and will use the Principle of Least Privilege (PoLP).
What's changing
When using such a Connector, you will no longer have to create and manage an Azure application for Azure Active Directory Synchronization within your Azure tenant. Instead, Mimecast will take you through a consent workflow. Once consent has been granted, Mimecast will start to use secure tokens to communicate with your Azure tenant. The mechanism to obtain secure tokens will use a daily rotating certificate to provide a further layer of security to the communication between your Mimecast account and your Azure tenant.
Recommended actions
Migration Steps for Required Update
Once the update becomes available in your region, you will be notified within your Mimecast Administration Console that you have an Azure Active Directory Synchronization integration that needs to be migrated to the Connector workflow.
For additional information, please review the "Security Enhancement for Azure Active Directory Sync" and "Migrating Connectors" articles mentioned in the See Also.. section below.
All existing Azure Active Directory integrations need to be migrated before May 24th, 2023.
Comments
Please sign in to leave a comment.