On March 15th and 16th, Microsoft IT users experienced a widespread outage caused by a “rotation of key authentication” error. Online IT users affected include Microsoft 365, Teams, Dynamics, Exchange Online, Forms, Xbox Live, Intune, Outlook.com, Office Web, SharePoint Online, OneDrive for Business, Yammer, and more. As a result, Microsoft IT users were prevented from authenticating their accounts, which led to a subset lockdown worldwide.
What is a “Rotation of Keys” Lockout and How Does it Affect Microsoft IT Users?
On March 16th, Microsoft issued a Preliminary Analysis of the incident that an “error occurred in the rotation of keys used to support Azure AD’s use of OpenID, and other, Identity standard protocols for cryptographic signing operations,” according to Azure status history page.
Microsoft officials claim the standard security protocol removes no longer used keys. However, a specific key was marked as “retain” for longer than usual, which supports a complex cross-cloud migration. Once the new metadata was changed the Azure AD stopped trusting tokens/assertions that used the removed key.
Why Did This Happen?
Microsoft Azure officials explained that “Azure AD is undergoing a multi-phase effort to apply additional protections to the back-end of the Safe Deployment Process” to prevent these issues. However, this is not the first time an outage like this happened. It also happened last September, but they believe they can circumvent the risk once the multi-phase project is complete.
Microsoft Apologizes to Their IT Users
The Microsoft Blog states, “We understand how incredibly impactful and unacceptable this is and apologize deeply. We are continuously taking steps to improve the Microsoft Azure Platform and our processes to help ensure such incidents do not occur in the future,”
Sign Up for the Latest IT News
INSI Insights Information Technology Blog keeps SMBs updated on the latest IT support news, solutions, trends, and valuable tips that affect them the most. We aim to provide a unique perspective on the IT support community. Would you like to stay informed on the latest Technology Trends, INSI News, INSI Webinars, IT Support Intel, Security Info, and “How-To” information that impacts small- and medium-sized businesses? Subscribe below for the latest updates.
About INSI: The Best MSP in Atlanta!
Innovative Network Systems, Inc. has a unique approach to integrating IT support and cybersecurity. Our month-to-month programs range from basic support to proactive support, managed support, and customized support. Each program is tailored to the client’s needs and internal IT strengths.
For more information about cybersecurity dangers and the preventative measures for your company, connect with the top MSP in Atlanta; Contact INSI: 770-387-2424, option 2 or click the link below. In addition, we offer 16 different cybersecurity programs to protect you and your data.
About the Author
Deborah Frazier is the author of IT Outsourcing Secrets – A Small Business Guide to Compare IT Support Companies. With nearly 20 years of experience consulting small and medium-sized businesses on their IT support needs, she brings a wealth of knowledge to INSI as Head of Marketing and Sales. If you like this article and want to be notified when a new article is posted, click here. To make an appointment for more information about INSI and our services, click here.
