Suddenly, there is an overwhelming reason for corporations to change from Exchange to MAPI. The Hafnium hack of Microsoft Exchange has hit more than 30,000 US corporations. The Zero Day Hack hits an exchange vulnerability that has been in the code since it was written ten years ago. More than anything else, this tells us that storing data in The Cloud is not secure.
What is IMAP
The first Email Protocol was known as POP – Post Office Protocol, and its most popular implementation is POP3. IMAP was created in the late 1980s as an alternative. For Email handling, IMAP has proven to be a simple and durable protocol that allows you to consume Email on multiple devices, like your PC and your phone, and answer it from either device.
Is MAPI Safer than Exchange
Exchange is written by Microsoft and is intended to be a more sophisticated mail handling system. Indeed, it introduced Push protocol which at the time made it faster than IMAP. While both IMAP and Exchange store Contacts and Calendar information, IMAP was more closely tied to Microsoft Outlook and had a better implementation. Microsoft removed IMAP handling for Outlook Contacts in 2010.
Microsoft has a new agenda to merge Exchange and Azure services and wrap many tools under a single security protocolTherein lies the weakness exposed by Hafnium. Microsoft’s many corporate mergers expose them to the shift from Pareto Principle to the Peter Principle. In wrapping Exchange, Microsoft allowed exchange logins full access to Azure services on a Corporate Server. The hack involves accessing the logins, and taking a minor user and giving them Super Admin privileges. Because Microsoft now allows Echange Users to access non-exchange resources, the new Super Admin might enable full access to the entire corporate network.
Microsoft Cumulative Updates
Many corporate Exchange sites have run into a secondary issue. The Hafnium Patch issued by Microsoft assumes your Exchange is fully up to date. For many sites, Exchange updates have been deferred to focus on maximum utility by the company. Suddenly, years worth of updates have to be applied. Updating complex and customized software is never easy, and many sites have been brought down because the cumulative update process fails. It leaves the corporation unable to receive or send Email, share data, or update their Outlook on PC and Phone.
IMAP to the Rescue
Switching the Corporation back to IMAP is a quick and easy way to get the corporate Email back flowing again. At least on this level, emails from customers, vendors and leads can be exchanged. The IT department then gets time to consider the options. Any sites that are truly hacked need to rebuild their servers from scratch. Sites that only got cumulative update failure might install fresh Exchange and try to import past data into it. Either process can take days or weeks to implement.
Replacing Outlook App on Android and iPhone
With Email restored using Outlook, the next thing a corporation needs to look at is replacing the Outlook App on their iPhones, iPads, and Android Devices. The Outlook App has three main functions; Email, which is already handled by the phones, Contacts and Calendar. Luckily there are many alternatives.
Setting up IMAP Email on your Cell Phone
To set up Email on your Phone, you go to the Email App and enter your IMAP credentials. As soon as you do this, your Email will come to the Phone. You can also do this on your PC Outlook, and then your IMAP email comes to your Phone and your PC.
Sync Outlook Contacts and Calendar to your Phone
The next task is to restore the Contact database and Calendar from Outlook to your Phone. Exchange handled these by storing the contacts and calendar on the Exchange Server. This server is not available with an IMAP mailbox. So it is required that you install some soft of Sync Software to your PC. Here is a Guide to switching Contact and Calendar Sync from Exchange to MAPI. The requirement is that this software sync from the local Outlook IMAP folder directly to your iPhone, iPad or Android Phone.
A common and inexpensive product that synchronizes from Outlook IMAP Folders to iPhone and Android is CompanionLink for Outlook. CompanionLink is very easy to set up and offers many options. The primary method for sync is DejaCloud, which is like Exchange in offering Realtime Push sync. The CompanionLink solution requires DejaOffice on your Phone. DejaOffice works like the Outlook App but mirrors more features of Outlook. DejaOffice fully supports Outlook category colors, tasks and notes on your Android and iPhone, none of which are handled by the Outlook App. But the most prominent feature is DejaOffice does not use Exchange protocol, which is unaffected by either the Hafnium hack or the cumulative Exchange update issues.
Share and Schedule Outlook Calendars in your Office
CompanionLink also offers an Outlook-based CRM product that can share Outlook calendars between users, even when using IMAP folders. This product is called DejaOffice PC CRM Pro, and it costs just $40 one-time-price per user. The key is that DPCP can store everyone’s data on a central server, allowing Calendar sharing on many PCs.
Multiple Calendar Sharing with Remote PCs
DejaOffice PC CRM also can share the database with remote offices. It uses the same push sync system to allow people to see their tasks and schedule changes instantly. So this is a robust system that replaces many of the multiple user facets of Microsoft Office and Sharepoint without engaging the Exchange server vulnerabilities. The DejaCloud sharing cost is low; about $20 per user per year, and the first year is free when you purchase the Professional DejaOffice license for your office.