ExchangeDefender

   ExchangeDefender IP and Device Restrictions

ExchangeDefender is continuing it’s march to becoming your central point of secure communications by bringing even more of our custom Enterprise features  down to the SMB/MSP space. As of today, you will start seeing another section added to the Service Provider screen specifically to house our advanced security settings.

   Restrict ExchangeDefender access to your IP range

All large organizations that depend on ExchangeDefender have static IP addresses and IP ranges assigned to them by the ISP. ExchangeDefender has the power to restrict access to your organization (all domain and user logins) and only allow access from your offices.

Add Trusted/Known Devices For Easier Access

People love the notion of security until that security gets in a way by prompting them. We only want our security infrastructure to get in a way of hackers and to slow down and annoy people that want to do us harm. Good news is, now you can add devices you know to known and trusted device list.

Doing so will minimize some of the additional checks and verification (such as 2FA/OTP one time password checks when you first log in from an unknown address). As an additional bonus, ExchangeDefender will start to deliver notifications and alerts whenever the system is accessed (successfully, meaning they know your password) from an unknown/untrusted device, giving you the first alert that there is a security issue to address.

As you’ve seen with mass password resets, access to advanced access logging, we are adding more, and more, of our enterprise features to the ExchangeDefender Pro product. To find out what else is on our road map, and how ExchangeDefender will evolve in 2019 to serve your other security needs, please tune into our webinar:

ExchangeDefender has always been a great friend to the SMB community where folks hate passwords and password complexity right until the moment their password gets compromised. Once that happens, it’s up to the MSP or poor IT guy to sit around and reset all the passwords in the organization.

As mentioned previously, a number of ExchangeDefender Enterprise features is being delivered to ExchangeDefender Pro so now you’ll have the ability to reset every single users password quickly.

Under the domain login you will now see a “Security Reset” link that will allow you to either randomly assign a strong password (smart) and send your users a reset link or pick the same password for all users (outright idiotic but “business requirements”).

If you are an MSP assisting a client during an outage and this is the first time you’re making your users aware of ExchangeDefender LiveArchive for business continuity, you can also print out the passwords and/or email them to your users in plain text. This is a horrible, terrible, idiotic, really bad idea that virtually guarantees you’re going to get hacked but we are here to serve and Howard is a really good friend so here it is:

Just a word of warning: If you select to send your users a new password in clear text, and show the roster with the plain text password on the next page, for whatever ungodly reason, please add a note to come back later and lock your users down. Most MSPs keep the same password for ExchangeDefender and Exchange, and these services also affect ExchangeDefender Encryption, LiveArchive, WebFileShare, Compliance Archive, eDiscovery, FailPOP, mobile, etc and leave you open for collateral damage. Unless you’re using 2FA/OTP, restricting IP address ranges, rotating passwords frequently, I can guarantee that your passwords will be compromised. Please, please, please don’t do this, we are only making it available as the feature of last resort.

As we add these advanced security controls into ExchangeDefender Pro (and some even for Essentials) we will be tightening the security of the platform around. To hear more about our plan for 2019, please sign up for the webinar on February 6th at noon EST. Click the banner below to reserve your seat.

ExchangeDefender launches New Security Logs

I have some great news – ExchangeDefender security logs are now available for all users of ExchangeDefender. This move is a part of our larger security ambition for 2019 to introduce Enterprise features of ExchangeDefender across our lower MSP, SMB and retail tiers in order to improve service security.

One of the biggest things in 2019 is the end of the era for plain text passwords. People love them, MSPs rely on them, they are super convenient for everyone including… the hackers that are looking to break in. But more on that in a minute.

The single simplest way to stay on top of account security… is identifying break-in attempts. ExchangeDefender Enterprise logs every event, login, escalation (and so, when you as the enterprise administrator or organization owner choose to automatically login as the user for support purposes) attempt.

We’re happy to bring this feature in across both the service provider, domain and user login. Free of charge.

As the admin or service provider you also have the ability to search the account log for specific user or address that is causing problems. In the Enterprise version you have the ability to further lock things down based on IP, location, charset, and more. But if/when there is an issue, you can clearly see if the account has been compromised. At all other times, you can see login failures that are a good indication that there is a problem.

This feature, and a whole lot more, is coming down to the ExchangeDefender SMB land. While all these features were a premium in the past, the extent to which everything from your PC and the network devices that surround you are susceptible to compromise – we have to treat these features as what they are – essential to your security. As a matter of fact, we’ll be discussing this next Wednesday in our webinar:

When:
Noon, Wednesday, February 6th

Where:
https://attendee.gotowebinar.com/register/4562047862967330307

Hope to see you there.

Sincerely,
Vlad Mazek
CEO
ExchangeDefender

 

 

Exchange 2016 Migration Process

It has been an exciting year of migrations to our new Exchange platform and now that we’re reaching the tail end (under 500 accounts/domain) we wanted to make sure everyone was up to speed about how the migration will work. While we have done everything to make it completely seamless and non-intrusive for the users (most will just continue working without even noticing anything) we still manage every single migration as if it were our own personal email. Carefully.

Here are some steps that are involved in every migration.

Step 1: Let us know that you want to migrate at least 5 days in advance

It takes a little bit of coordination for every migration project and we want to make sure we treat each migration with white gloves – if we can address issues or potential issues ahead of time and have someone present that you can dial directly, we can minimize problems. Once you know you’re ready to go, let us know at least 5 days in advance and we’ll guide you through the process. After all, you’re paying us, don’t DIY it and chance getting lost Googling for a solution to a random issue that we’ve probably encountered thousands of times.

Step 2: Pick a URL for OWA

Everything at ExchangeDefender is branded for you and each organization comes with it’s own domain for Autodiscover, owa, etc. Anything under 16 characters goes and is typically going to be https://YOUR-ORG-HERE.xd.email

Step 3: Make DNS modifications to lower domain TTL

At least 3 days in advance you’ll want to contact your ISP or domain registrar (where your domain is hosted) and “lower the domain TTL to 5 minutes” – what this means is that you want your DNS to only be cached for 5 minutes. Most DNS servers have the setting at 3 or 1 days so we need to bring this way down so that Outlook clients can switch to the new servers quickly instead of waiting for days.

Step 4: Make backups

You should be making backups all the time but a migration is a great time to do so just because everyone will be in their email aware of the migration. If you rely heavily on Public Folders you’ll have to export that data and add it to the new technology in 2016, Shared Mailboxes. There are millions of reasons to do so from productivity to better reliability and better management.

Always backup.

Step 5: Actual Migration

Best part of the migration is that after the Autodiscover change in your DNS everything is pretty much on autopilot. Email will be moved by our team on the backend to the right servers automatically. Outlook clients will automatically reconnect to the new servers and most won’t even notice any difference except for better speed and more reliability.

Step 6: Cleanup

The last step is where we look at odds and ends: random Microsoft stuff that used to work before but now it’s suddenly broken. We’ve all been here with users, we’ve all dealt with “unique business case scenarios for xyz” and so on – again, we want to make sure everyone is happy with 2016 and productive right away and that means being on top of all the issues right away.

Knock on wood, our migrations process has had enough reps and tests that it’s very fluid and predictable now. While the cutover to the new 2016 platform is pretty much instantaneous, and mail is synced up on the backend, it can take about an hour or so depending on the mailbox for all the data to move and the search index to update. But what you get with 2016 is the most stable, trouble-free, platform we’ve ever offered.

Looking forward to seeing you on 2016.

 

Exchange 2016 Built For End Users

Have you ever wanted an email system that anyone in your organization could manage, with no IT training? Something so simple even a teenager could master it? Well, you’re in luck, now you can do that with Microsoft Exchange 2016 and ExchangeDefender. We’re putting the power of all the enterprise Exchange features  into the hands of businesses to help reduce IT costs and improve office productivity.

How? We’ve made it so it’s impossible to make a mistake.

Why? Because as a service provider, we too pay a price when support is necessary for some basic and routine tasks. We’ve automated them, simplified the process flow, and given you access to provision services and answer all the questions you’ll possibly have in a jargon-free language.

For example, let’s say a new employee starts today. All you have to do is login to our portal at https://support.ownwebnow.com, click on Service Manager, Exchange 2016, Quick Actions, Mailbox.

Just 3 more clicks and some basic information typed in – and you’re done. You’ve created a mailbox.

Thing is, you’ve done far more than just creating a mailbox. You’ve added an email address to the organization and provisioned all the security templates that match your organization. You’ve enforced your corporate password policy. You’ve ordered the correct plan and assigned the right licensing for this user (it’s automatically done for you). You’ve provisioned all the required services that your organization requires be it corporate encryption, 2 factor authentication, or even compliance archiving and eDiscovery.

You’ve also become your own support person for basic settings, configurations, and guides. The entire system is on-demand, self-service, instant gratification to the max. You can get more done, by yourself, on your schedule and quickly. That is the value behind ExchangeDefender powered Exchange 2016.

Now wait till you see what we can do for the IT personnel managing 100+ user organizations! Are you ready to migrate your users to Exchange 2016? Simply click on the Early Adopters banner below, submit a ticket requesting early adoption, and we’ll get started!

The time to move over to Exchange 2016 is NOW!

We previously blogged about our brand new SMB User Interface initiative around Exchange 2016 hosting – we aim to simplify the management of Microsoft Exchange so that any white collar employee can manage business email administration end to end.

But what about Exchange 2016, what is so great about it? Truthfully (and this will not make our MSP friends happy) bulk of the Exchange 2016 benefits are really centered around making our life easier as the service provider – we’ve never been able to say this about ANY Microsoft product in the two decade history: we’ve had 0 issues. You read that correctly, we’ve had absolutely no problems with Exchange 2016 so the primary benefit is the overall reliability and flexibility of the platform. It’s solid.

But if you want to sit with a client and walk them through a set of features that are new and compelling – and a good reason to upgrade to our Exchange 2016 if they are still on another provider or earlier version of Exchange – here are some talking points.

P.S. We recommend getting a demo account with our sales team and discussing how we often position these services to win business. You can talk about it till you’re blue in the face but just showing them the feature live might make them not want to live without it.

Exchange 2016 Notable Features

Expanding Archives – When an archive mailboxes reaches 50 GBs, the archive mailbox expands. Under the covers, once the mailbox reaches a size of 50 GBs, another archive mailbox is automatically created and linked together to form a chain of mailboxes that acts as one logical mailbox. As archive mailboxes are added, the content is distributed across the mailboxes to even out the load. Keep in mind that auto expanding archives still don’t auto expand your storage backend. Make sure you have adequate storage to accommodate such growth.

Calendar – Do Not Forward: This is similar to Information Rights Management (IRM) for calendar items without the IRM deployment requirements. Attendees can’t forward the invitation to other people, and only the organizer can invite additional attendees.

Calendar – Better Out of Office: Additional options when you won’t be in the office. Key options include: add an event to your calendar that shows you as Away/Out of Office, and a quick option to cancel/decline meetings that will happen while you’re away.

Calendar – Remove-CalendarEvents cmdlet: Enables administrators to cancel meetings that were organized by a user that has left the company. Previously, conference rooms or meeting attendees would have these defunct meetings permanently on their calendars.

Outlook on the Web (Formerly known as OWA)

When you use Outlook on the Web you have access to powerful collaboration tools that help to improve productivity.  As an end user, you can easily engage in document collaboration, URL and video previews in email messages, and access advanced search functions. These capabilities have been especially enhanced for the most recent web browser versions including Microsoft Edge, Google Chrome, IE 11, Safari, and Mozilla Firefox. Additionally, there is now a productivity toolbar that appears in the top of your web browser for easy access to the functions you frequently use such as calendars, reading and composing email messages, searches, accessing files and documents, and more.

Pin: This function allows you to highlight a message and pin it to your inbox so you can easily locate important messages.

Undo: The Undo function helps you recover messages that were inadvertently deleted and undo actions you accidentally executed.

Sweep: This capability allows you to easily manage messages you frequently receive by configuring the settings for the messages. You can choose to keep messages for a specified number of days, automatically delete certain messages, keep the latest messages, and more.

Emoji’s: The Emoji’s provide enhancement to expressions in your email messages.  Since contact is not face to face, you can use this function to display emotions.

Organised Archiving: Exchange 2016 allows you to easily organise old email messages into designated folders with one click of your mouse. This helps to reduce inbox clutter.

Personalisation: A series of new themes have been added to Exchange 2016 to provide a more personalized experience when working with email messages.

Outlook 2016

As mentioned earlier, Outlook 2016 offers enhanced features for collaboration in addition to a few other functions mention here.

Quick Access to Recent Files: This feature allows you to easily access recent files stored in OneDrive for Business, SharePoint

Online, and OneDrive using a convenient dropdown menu.

Improved Screen Resolution: The intuitive DPI support features provides you with enhanced screen rendering when using Outlook.

HTML Format for Appointments and Meetings: You can now use rich HTML for email messages and attachments.

TellMe: The TellMe feature prevents you from having to search the productivity ribbon for a function you want to use.

Smart Lookup: Helps you to locate information on the web related to content in an email message. This feature places the information in directly in your inbox from sources such as Wikipedia, Bing, and others.

Small Screen Support: Enhanced support for small screens allows you to automatically adjust Outlook to adapt to your device screen. A back button allows you to easily switch screens to easily work with your message list and reading window.

Enhanced Multilingual Support: Exchange 2016 offers more international characters to support messages and documents in different languages.

Better Storage: Exchange 2016 offers improved settings that allow you to specify how long you want to retain email on your device.  Outlook is designed to monitor disk space.  If your space has become reduced, it will automatically set a smaller timeframe for syncing.

More Office Themes: A new Colorful theme has been added to Outlook 2016 while maintaining the previous white and dark grey theme options.

Improved Email Performance: With Exchange 2016, the time it takes to download and display messages as well as wake after hibernation has been reduced.

Outlook for iOS and Android

Early last year, Microsoft introduced Outlook email for the iOS and Android operating systems. This move helped to expand Exchange capabilities to more devices and operating systems.

Some of the features include:

Quick File Access: This features allows you to easily separate important emails from less urgent ones by using the double tab feature.

Calendar Availability Notification: The Calendar feature allows you to easily send the times you are available to your colleagues, friends, and co-workers.

Schedule Emails: This function allows you to remove an inbox message and schedule to appear at a later time when it is more convenient.

Directory Search: The Directory Search function provides a way to quickly find people and their location.

Automatic Replies: Exchange 2016 allows you to set messages to let others know you are out of the office. An icon remains on the screen to remind you this function is activated.

 

Introducing ExchangeDefender 2 Factor Authentication / One Time Password Service

ExchangeDefender Pro is proud to announce the launch of a free 2 factor authentication / one time password service that will help our users better protect their ExchangeDefender accounts. Most people use the same password everywhere and if your password is compromised anyone can login from anywhere – what 2FA/OTP service enables you to do is use your cell phone as a secondary ID check.

When you login to ExchangeDefender, the system will immediately text you a 4 digit PIN to your cell phone. This way even if someone were to guess or steal your password, they will not be able to login without having access to your cell phone as well.

As we blogged about implementing advanced password security, plain text passwords are a thing of the past and the whole universe is moving towards having that additional layer of security to make sure unauthorized changes aren’t being made.

This is why we are making ExchangeDefender 2FA/OTP free for ExchangeDefender Pro and it works at all three levels – Service Provider, Domain administrator (domain.com login) and individual end user accounts at https://admin.exchangedefender.com. Once you’ve authenticated with a PIN on the top level you will not need to re-authenticate in order to manage and support your MSP clients or the end users so by all means enable it for everyone.

We hope you enjoy this feature and start relying on it, don’t worry this is no bait and switch, we do not intend to start charging for it down the road – it’s all about improving security and keeping our clients protected. It’s just what we do!

 

Dealing with Newsletter and Subscription bombs
ExchangeDefender now protects you from malicious subscriptions to newsletters and emails you never opted into through “Subscription (Newsletter) Bomb Protection” available at admin.exchangedefender.com. By enabling the feature all newsletter “CAN-SPAM” “legitimate sender” content that you don’t want in your mailbox will automatically be filtered out as SureSPAM by ExchangeDefender.

The Bomb Issue
Hackers are currently exploiting security issues in newsletter software that allows them to add your email address to a mailing list without validation. If you’ve signed up for anything recently you know that you’re generally sent a confirmation email to validate you own the email address — well, hackers have found a way to add your email to the list without that step. Repeated thousands of times, it gives hackers a way to blow up your mailbox through a broadcast storm by otherwise legitimate senders who cannot tell your email address from thousands of others on their mailing list.

The ExchangeDefender Solution
ExchangeDefender already has a built-in newsletter management software (where you can have all of your newsletters skip your inbox and be available for reading online). We can effectively quarantine all the newsletters for you and allow you to read them online without them hitting your inbox and putting you over the quota. With the Subscription Bomb protection we go an extra step and outright classify these newsletters you haven’t subscribed to as SureSPAM. You can still access them but they won’t bother you or damage your Inbox or productivity.

There are 3 options:
Enabled: Protection is turned on and any newsletter will be flagged as SureSPAM. We do not recommend this option as it will catch all newsletters, whether you’ve subscribed to them or not.
Disabled: No protection. This is the default setting at the moment for all domains.
Whitelisted: Protection from newsletters but whitelisted ones will still get through. This allows you to have the best of both worlds: protection from newsletters you didn’t subscribe to but newsletters you want and have whitelisted will still come through. On January 1, 2019 this will be the default setting.

What do I tell my clients?
ExchangeDefender can now protect you from SPAM being generated by legitimate newsletter and subscription providers – if someone steals your identity (your email address, name, etc) they can subscribe you to newsletters without your knowledge or permission. Because the sending and management of these lists is automated, hackers can get an innocent third party to send you thousands of newsletters to clog up your inbox, make you wait for your email to download, and just make your email experience miserable.

ExchangeDefender can detect newsletters and “legitimate marketing emails” with unsubscribe or newsletter control keywords and automatically filter it out from you. Messages aren’t gone, you can still access them through admin.exchangedefender.com in realtime and on demand, but your Inbox will stay clean.

ExchangeDefender Office Macro (OLE) Dangerous Content Filtering

ExchangeDefender now includes advanced protection from dangerous Microsoft Office macro code (OLE). Since usage of Office macro code is very limited (and seldom moved via email) it’s almost universally used as an attack vector by hackers who send malicious macro code embedded in Microsoft Office documents that target vulnerabilities in Outlook, Word, Excel, Powerpoint, and more.

Specifically, our service scans the following attachments for the presence of dangerous, encrypted, malformed, malicious, or suspicious code: doc,dot,pot,ppa,pps,ppt,sldm,xl,xla,xls,xlt,xslb,docm,dotm,ppam,potm,ppst,ppsm,pptm,sldm,xlm,xlam,xlsb,xlsm, and xltm. If we detect something suspicious or dangerous the message will not be destroyed or quarantined (as is the case with virus or infected attachments) – rather we just filter it to SureSPAM.

Managing Your OLE Protection

We will start strictly enforcing macro protection on January 1, 2019. However, the feature is available now and can be enabled at any time by going to https://admin.exchangedefender.com and logging in as a domain administrator (if you don’t see the setting, you aren’t logging in with your domain account but your personal or service provider account).

Click on Configuration > Policies > Phishing Options.

At the bottom of the form you will see “ExchangeDefender Office Macro Protection” section that is currently (October 2018) set to Off. The following options are available:

Off – Turns off ExchangeDefender Office Macro (OLE) protection
On – Turns on the protection but whitelisting the domain/email will bypass it
Strict – Turns on the protection and ignores whitelists

ExchangeDefender recommends this setting be configured as Strict in order to protect from spoofing where clients own domain or vendor (that doesn’t have SPF/DKIM implemented) address is used to deliver a dangerous attachment. Using “Strict” setting bypasses whitelist checks so if the message contains dangerous content it will automatically go into SureSPAM even if the domain is whitelisted.

What do I tell the users?

First, set the setting to Strict. Then, adjust the date in the message below and make sure SureSPAM settings are set to Quarantine.

“Starting with January 1, 2019, ExchangeDefender will protect you from dangerous attachments that contain rarely used Microsoft Office macro (OLE) code. If dangerous macro code is detected in an attachment, message will go into SureSPAM category and if configured to quarantine the message will be accessible at https://admin.exchangedefender.com in the SureSPAM quarantine. We have enabled the protection for you. If you ever see a familiar contact/domain but you were not expecting the message, it’s likely being spoofed/forged in order to trick you to click on a dangerous attachment. Take an extra step and contact the sender asking them if they sent you a document. If not, delete the message.”

We hope this helps keep your users more secure and in our production use so far it’s helping stop 100% of dangerous content

Image result for how to determine spam email

The more SPAM stays the same, the more ways they find to get it through to your mailbox.

How we determine something to be SPAM vs legitimate mail is a bit of a science and it incorporates a ton of statistical analysis, data feeds, real-time blacklists, IP reputation scores, several antivirus products, several malware detection products, subscription services, etc. We pass each inbound message through almost all of these subsystems and assign it a score – as that score adds up the message becomes categorized as SPAM or SureSPAM based on the amount of UCE/malware/infected content the message has.

Every year we rebuild the ExchangeDefender engine to pull out things that no longer perform well, add new promising technologies, shift around the different plugins and so on. While ExchangeDefender filtering is updated in real-time and by tons of different vendors along with our in house technology, major improvements and technology shifts are necessary in order to prevent truly dangerous stuff from getting through. Unfortunately, this means that for about a week or two the amount of junk mail that gets through goes up as we reset all our scores, statistical models, weighs for different services and the implementation. While we wish we could just point and click, the process is far more complex than that, and requires delicate changes over a few days.

We appreciate your patience with us as we get the new engine online. The SPAM filtering levels should return to 100% shortly and we realize SPAM is annoying – which is why we’re doing this in the first place. Thank you for your business and trusting us with your email, we look forward to getting our best ever SPAM detection online shortly.