Microsoft today announced that some insecure cipher suites currently supported by Microsoft Cloud App Security (MCAS) will be removed later this year.
After that happens, Redmond will no longer provide support for connections using these non-secure cipher suites and they will no longer work as expected.
To prepare for this incoming change, “[c]ustomers should ensure that all client-server and browser-server combinations are using supported suites in order to maintain the connection to Microsoft Cloud App Security,” Joanna Harding, Product Marketing Manager at Microsoft, said.
MCAS is Microsoft’s multimode cloud-based security solution also known as a Cloud Access Security Broker (CASB) that integrates with other Microsoft solutions like Azure Active Directory, Azure Security Center, and Microsoft Defender ATP to detect and block cyberthreats across Microsoft and third-party cloud services.
End of support to be reached in October
By removing non-secure cipher suites starting with October 1, 2020, Microsoft will make sure that the Cloud App Security service is more secure by default for all customers.
After October 1, MCAS will no longer provide support for connections using the following insecure cipher suites:
Following the removal of non-secure suites, MCAS will still support:
Affected MCAS components by this change include the SIEM Agent, the Microsoft Cloud App Security API, any web or native apps configured to work with Conditional Access App Control, and the log collector.
Microsoft also announced yesterday that it will end support for the Microsoft Edge Legacy desktop app on March 9, 2021, after which customers still using the browser will no longer receive security updates.
Microsoft Teams will also drop support for Internet Explorer 11 on November 30, 2020, with the rest of the Microsoft 365 apps and services to remove IE 11 support on August 17, 2021.