As a bunch of you probably know already, as of March 1 2018, you will not longer be able to purchase an SSL certificate with a validity period longer than 27 months.

Should companies follow this for their Internal CA, like MS Certificate Authority?