Killing Spam from the Quarantine
On March 12th our entire team left our offices and everyone has been working remotely, nearly around the clock, to keep everyone secure and productive. I returned from Los Angeles on a redeye flight, held a quick meeting in our parking lot 10 feet away from everyone – and nobody has been to the office since. I wanted to write a brief note to our clients and partners to let you know how we’re doing and what we are up to.
Technical Toll
Managing a massive international operation, that spans continents and data centers that have taken similar work-from-home precaution, has been a massive technical challenge. Just because we’re not there doesn’t mean that hard drives don’t die, that servers don’t melt down, that switches and firewalls and routers don’t go through their usual cycles. Thankfully the technical changes we’ve made to our cloud in 2017-2018 have made it possible for us to keep service levels at normal levels.
The load on our tech has increased steadily – I’m sure you’ve noticed that every single person you’ve ever interacted with has emailed you about their Covid-19 policy. You’ve probably also gotten an email from every loan scam operation on the planet trying to get you PPP/EIDL.
Perhaps most regretfully, the scum of the earth that we exist to eradicate has picked up their activity exponentially. Never in my life have I seen charts and load graphs like we’ve experienced over the past month. Hackers and scammers know that most people are working from home, where IT security is mostly non-existent, and that makes all those endpoints ripe for hacking. Which immediately becomes a source of SPAM and more malware.
Things were bad before, now they are bad x ugly. And we’ve been working around the clock to keep the threats quarantined.
Personal Toll
IT security is a passion of everyone that works here. We’ve built all the infrastructure, systems, monitoring, reporting – you name it – so when someone finds a way to get SPAM through it’s a very personal failure for our team.
Most of us live in Florida, where just about everything has been shut down (I’m sure you’ve read about Tom Brady getting kicked out of a public park). Have I mentioned how much I love my team? We have all been working far, far, far longer hours during the quarantine than we ever have before. We have system upgrades, software upgrades, new features, and some more exciting stuff that our partners and clients are going to need in order to save money after this quarantine ends. Needless to say, we’re tired.Nerves have also been on a somewhat of a thin line. We have a young-ish staff and most of us have families for whom we are not just providers but suddenly school teachers. Our partners and clients are in a similar boat. Those home frustrations can get even more pronounced when technology fails – and we have done our best to brush off some rather abusive behavior in the support portal. I get it, everything in the world is frustrating you, you’re losing control and visibility in general, and now you’ve got IT problems too. We keep on repeating “We’re here to serve, we’re here to help, we’re sorry for the inconvenience” and at no point in the past has this been more true than it is today.So overworked, cranky, abused, and locked down – but we’re still here. And we know most of you are in the same boat, sharing the same frustration. Hang in there, we’ll need to be at our best for the huge challenge that awaits us in supporting our clients as they get back to normal.
In Conclusion
In conclusion, I have the best team on the planet and I am so happy that we can keep you safe and productive during this uncertain time. I owe a debt of gratitude to them that I will repay eventually. But first, foremost, and most important – thank you. As large of a footprint as we may have, we are still a small business and thanks to our clients loyalty we have been able to continue working, growing, and serving during the time that many businesses have had to turn to the government for a bailout. My team and I are eternally grateful. People like to say “shop small business” but I have lost the count of times that we’ve been fired for Office 365 or a competitor that was even a penny cheaper – cause there are sentiments and then there is business. I get it. And at the same time we are so thankful that you’ve kept on supporting our business, I promise you nobody here is going to forget it — this is why we work so hard for our clients and I can’t wait to show you how we’re going to help next.
Sincerely,
Vlad Mazek
CEO
Own Web Now Corp
P.S. Nearly two decades ago I wrote the first version of ExchangeDefender – and in my infinite wisdom and English as a second language, I used “quarantine” as the term for SPAM that I kept out of your inbox. I’m less amused that a global apocalypse has validated the choice of that term.
New Release: Web File Server UI [Quick Tour]
ExchangeDefender’s Web File Server, a secure document sharing and collaboration platform, is one of our most popular services this year. It offers businesses the ability to upload, manage and share files securely with coworkers or vendors. Our file sharing system makes it easy to quickly share a ton of large files without relying on email, clunky file servers, or cloud services primarily designed for file sync.
We are proud to announce the full release of Web File Server with full functionality and fresh new look.
Let’s take a quick tour:
WFS Dashboard
From here users will be able to see an overview of their featured libraries. The last uploaded files to any of heir libraries and the last 15 events related to their libraries/documents/accounts.
The functions to add new libraries and groups, were added to the “Quick Actions” options. That way users will have them available from anywhere within the portal.
Libraries
To create a new Library, the form was simplified to the following options:
- Custom name and description
- You can set up a custom password to protect the library. Recipients will need that password in order to be able to see the library (optional)
- You can set up an expiration time (optional)
- Customize your notifications configuration
- Customize the library permissions
To create a new Group, users must type a name, add a description (optional), and add as many recipients as they need.
From the list of libraries, users will have the ability to see each Library’s configuration, and the option to display the tables of their documents and recipients. You’ll also have the ability to add/delete documents, add/delete recipients, mark a library as featured, and delete a library. This was with the intention to let users to manage their libraries without going to a different view.
If you select one Library, you’ll be able to see all the Library’s information, including its configuration, individual recipients, groups, and files.
The documents will be displayed showing their name, who and when uploaded the last version, and description. Comments are displayed right below each file’s information. you’ll also have more options to choose from their documents list, such as Add comments, see each document’s versions and delete.
If you click on “Add a comment”, an inline form will be displayed at the bottom of the last comment.
If they click on “Delete”, a confirmation box will be displayed where they have to confirm/reject the action.
To add new documents, click on the button “+ Add files…” and select as many documents as you need (each document cannot exceed 500MB), then set the name and description of your preference and click the button “Start upload” to upload the documents to the server.
To manage the Library’s recipients/groups, find the box right below the box with that contains the Library’s information. From there you will be able to add more recipients or groups and delete.
To mark/unmark a library as featured, simply click the star located at the right-top of the information box.
Groups allow users to add multiple recipients to multiple libraries without the need of add recipients one by one each time. (please find a better way to explain this).From the groups list, users will be able to see their groups and their members, add/delete members and delete an existent group.
To Access Web File Server:
1 – Simply visit: wfs.exchangedefender.com
2 – Login to admin.exchangedefender.com > Quick Launch > Web File Server
3 – Visit www.exchangedefender.com > Login > Web File Server
Introducing ExchangeDefender Broadcast Messages
ExchangeDefender is making it simple to reach all users in your organization using broadcast messages. This service is convenient for business cases where you need to reach every user at the client site or every single user protected by ExchangeDefender.
ExchangeDefender Broadcast Messages are easy, simple, automated, and free.
Simple – Sending a broadcast message is simple. Go to admin.exchangedefender.com, login as a Service Provider and click on Broadcast Messages.
Automatic – Broadcast Messages are always up to date and require no management or maintenance, for compliance purposes you can be certain every address on the domain will get the message.
Flexible – Messages support full HTML and our user friendly editor can help you design beautiful messages.
Branded – To save time, each message will automatically get the logo and contact information from the Service Provider contact information data.
How-to Guide
To send a message simply go to https://admin.exchangedefender.com, login as the service provider , and click on Broadcast Messages.
You will be prompted to choose an audience: specific domains (allowing you to pick from the list) or everyone. Type your message and hit Preview. You will see your message here, and it looks exactly the same as your recipients will see it in their Inbox. There are two checkboxes on the bottom to insert your logo and insert a default signature. If you are happy with the look of it click on Submit and messages will be sent within 60 seconds.
ExchangeDefender Introduces Special “bypass” Disposable Email Addresses
Every now and then you will need to receive an email from someone that is on a compromised/spam network, or you’ll have to get an attachment that is blocked by corporate policy, or a domain with misconfigured SPF/DKIM domain – we see it every day and it’s incredibly frustrating for the users. On one hand, you have to adhere to the company IT policy but you also have to get the work done and many resort to using free mail systems that shouldn’t be allowed on corporate networks under any circumstance.
Or maybe you’re just signing up for something online and don’t want to deal with the SPAM that will probably come with it.
A Disposable Email Address
ExchangeDefender is pleased to announce disposable email addresses. They are free, simple to setup, mask your real email address, and they bypass all security policies.
Free
You can setup as many disposable addresses as you wish, they can be created and deleted at any time.
Simple
Just go to https://admin.exchangedefender.com, login and click on Bypass Addresses
Private
Bypass Addresses mask your entire address and domain (unlike less secure systems that just append + or . to the real address, that is easy to strip and spam)
Bypass
Mail sent to bypass addresses isn’t checked for SPF, DKIM, spam content, infections, GeoIP, or other typical security restrictions.
Secure
Each email subject is modified to start with [WARNING! | BYPASS.XD External Message] so you don’t inadvertently open an email you were not expecting.
How to get started
Bypass Addresses are available to all ExchangeDefender Pro clients at https://admin.exchangedefender.com.
Simply login with your credentials for ExchangeDefender Admin portal, select “Bypass Addresses” under My Account, and click on the ” + Add New” button.
That’s it. The system will generate a random disposable email address and any mail delivered to it will automatically be passed on to the real address you select. It takes less than a minute for it to go live!
Once you’re gotten the email you’re expecting, you can return to the admin portal and delete the address. If you’ve created an email address for an e-commerce site or something that will likely generate a lot of SPAM, you can deactivate the email address and mail sent to it will not be delivered to your inbox. If at some point in the future you need to get email at that address again (forgotten password, two factor authentication, etc) your address is permanently attached to your account and can be reactivated in less than one minute.
Webinar Notes: UI Upgrades, a-la-carte Solutions and Service Bundles
Our team at ExchangeDefender has been putting insane hours to launch massive upgrades to the ExchangeDefender products and services you enjoy today. As mentioned in the previous webinars, big upgrades to all our core products are coming as is the ability to subscribe to them without relying on us for email. Our file sharing platform is getting a massive boost, our business continuity email resilience platform will help you cut Office 365 spending by up to 85%, we have decoupled Email Encryption from ExchangeDefender, and we even have a huge Wrkoo surprise to share as well.
Webinar – ExchangeDefender Solutions Redefined
In case you missed it, the main highlights of the webinar were:
UI upgrades
The new responsive UI is live across 85% of our applications to include the Wrkoo model. Compliance Archive will be updated soon.
A-la-carte ExchangeDefender Solutions
We are Offering individual ExchangeDefender apps without email.
Quickly roll out services and add ons – no migrations.
Available individually as Encryption, Compliance Archiving, Web File Server, and LiveArchive.
Professional services and solutions that are in heavy demand: Live Archive, Corporate Encryption, Web File Server, Compliance Archiving
Wrkoo – Small Business Management Platform (B2B)
Wrkoo is free – for now. All new UI makes transition between ExchangeDefender and Wrkoo seamless. Full, rich, responsive interface across desktop & mobile (no apps!)
Introduction to Service Bundle Options
ExchangeDefender introduced our brand new service bundle options to partners that focus on solving the IT challenges that real small businesses face.
The sneak peak showcased the following service bundles for Email Security, Email Compliance, and a full Enterprise Suite.
COVID-19 Update:
04/01/20
ExchangeDefender is OPEN from 8am to 6pm, (Monday – Friday) until further notice. We are all working from home, all is well and our response times for service requests are normal.
Our Special Offer to Partners:
Wrkoo PRO – a B2B small business management system is free! Due to the current health crisis, business disruptions are high and we would like to offer our partners the ability to manage their clients, and their employees using our cloud platform. Sign up here: www.wrkoo.com/sign-up
COVID-19: Cybersecurity Challenges Facing Small Business
Employees are suddenly finding themselves working remotely due to the current health crisis of the Coronavirus that is sweeping nations across the globe.
As we protect thousands of businesses from the drastic uptick of phishing emails and ransomware attacks claiming they are from verified sources, we have noticed new tactics that hackers are using to fraud employees working from home.
Here are our top 3 cybersecurity implications of working from home:
- The lack of authentication and authorization
There is an increased need for two-factor authentication, monitoring access controls and creating strong passwords. Managed Service Providers should encourage their clients and end users to add additional security safeguards.
We recommend changing your password every 90 days, and enabling OTP/2FA to improve your account security. To manage this for ExchangeDefender, view user guide. - Increased risk to cyber attacks
There’s an increase risk to attacks like phishing and malware, especially since employees will now likely receive an unprecedented amount of emails and online requests.
ExchangeDefender Phishing Firewall (EPF) automatically secures inbound mail by rewriting HTML links so they are forced through our firewall when you click on them in Outlook, Gmail, or any web-enabled email application.
To add a new web site to the Whitelist or Blacklist click on the + Add New button in your ExchangeDefender Admin portal. To learn how to manage this setting, click here! - Unsecured BYOD (Bring your own device)
Remote working can successfully widen an organization’s attack surface. Mainly due to employees who use their own devices for work can introduce new platforms and operating systems that require their own dedicated support and security. As a result of so many devices being used, it’s likely that at least some will fall through the security cracks.
ExchangeDefender Pro offers users a VPN server to connect to in a secure manner no matter where they go. Public Wifi hotspots tend to have questionable security at best and can be used to compromise a device that is connecting blindly across the Internet. Connecting your phone automatically to a VPN can assure that email access (and all the confidential data in the email) can never be snooped on.
Webinar Announcement: ExchangeDefender solutions will soon be available “a la carte” to clients. Attend our webinar on Tuesday, March 31st at 12:00 PM EST. Register Now!
What to Expect: Our COVID-19 (Coronavirus) Update
Dear ExchangeDefender Clients,
As you’ve come to expect from us over more than two decades, we’re open and ready to serve you 24/7. If there is anything we can do for you, please let us know at https://support.ownwebnow.com or just call us at 877-546-0316.
Our Orlando Headquarters has been closed to public since Thursday, March 19th. There is a county-wide curfew in effect starting tonight so we will not be accommodating visitors until further notice. Our data centers will also have restrictions on remote visits.
If you need any troubleshooting or maintenance related to your equipment, we will do our best to assist you, but physical access to assets will not be allowed until further notice.
While we regret that this inconveniences everyone involved, we want to assure you that we’ve got your back during this uncertain time. As Floridians we are accustomed to working remotely and we look forward to being as helpful as we possibly can be.
Please be safe and stay healthy, to keep current on our updates, please follow us on:
FACEBOOK
BLOG
In other news, we have an upcoming webinar “ExchangeDefender Solutions Redefined” approaching on Tuesday, March 31st at 12:00 PM. Please join us to learn more about the new changes and expansions in our service portfolio. Register, click here.
ExchangeDefender Web File Server Upgrade
Take a look at what we’ve been able to beta test over the past few weeks! The brand new version of ExchangeDefender’s ridiculously popular Web File Server (WFS) is launching in March and we wanted to give you a sneak peak:
Yup, we have our new UI running on it which will allow it to seamlessly integrate with ExchangeDefender email security services, Wrkoo business productivity products, and something else we’re not allowed to discuss yet. But in terms of a “smart” file server, it gives organizations unprecedented amounts of security controls for content sharing, revision control, and ability to be productive with access to everything no matter where you are and what device you’re using.
Vlad hinted at some of the more exciting changes that are coming up to WFS during the last webinar – the ability to purchase WFS without signing up users for ExchangeDefender, better branding and customization features, reporting, compliance, sync to cheap cloud services for backup, and much more.
But the most exciting feature has just left beta and we’re looking for clients that want to test the first production builds. We will be announcing it during the March webinar, but if you currently have a WFS client that has an extensive Personal Library please open a ticket with our team and ask for preview access.
To learn more about ExchangeDefender’s Web File Server, click here!
Your Small Business Needs a Password Manager
Small businesses are the target of most cyber-attacks due to lack of security protocols. In 2019, an estimated 80 percent of all confirmed data breaches occurred due to weak, stolen, or default passwords.
A password manager is a security tool.
A password manager is a centralized system that helps organizations store and manage logins and passwords that are critical to their business. The credentials entered into the password manager is stored with the highest form of encryption (military grade) to ensure top level security.
Yes, they are safe to use for business.
Yes! Top tier password managers are completely safe and can be trusted to protect your organization’s account logins. The best quality services make sure that your passwords are encrypted with AES-256 algorithm, which is U.S government approved.
And No, don’t worry – the folks working behind these password managers DO NOT have access to your credentials, it is encrypted on both ends.
All great password managers must have these top features.
An enterprise-grade password manager must be able to do the following, securely:
Offer Secure Password Storage
Passwords are encrypted with AES-256 algorithm, U.S government approved.
Provide Centralized Control
Store and organize all of your secured identities in an ultra-secure web interface
Enable Secure Password Sharing
Share passwords securely while maintaining the security of critical corporate data
Access from Anywhere
Access to the web interface must be available from any wifi-enabled device
3 reasons why a password manager is a must-have:
To Control Access to Your Critical Data
SMB struggle to manage password vulnerabilities meanwhile password reuse, and password sharing is on the rise.
To Make up for the Lack of Password Management Training
Most SMBs do not offer their employees password management training for the workplace.
To Reduce the Risk of Human Error
According to recent TechRadar reports, 90% of data breaches are caused by human error.
We have the right solution, meet Password Vault.
ExchangeDefender Password Vault helps organizations securely manage logins and passwords. Password Vault makes generating, storing, and sharing passwords easy and safe.
Top Benefits include:
Eliminating Password Fatigue
Eliminates the need to memorize multiple passwords by deploying a password manager for secure storage.
Centralized Web Access
The password management dashboard is available anytime, anywhere with a WIFI-enabled device.
Password Control
Control access to admin passwords, securely share passwords with your team on a need-basis.
Managed by IT Experts
Password Vault is managed by ExchangeDefender, a cyber security firm with 20 years of active IT experience.
>> See full features
Every password used for your business is an entry way for a cyber-attack. A secure password management system makes it easy to secure all of your credentials in one powerful online interface. ExchangeDefender’s Password Vault offers small organizations an affordable smart password storage system, the ability to share passwords securely with co-workers, and so much more!
You can setup a password vault, company-wide in just minutes.
3 Reasons Why Encryption is Essential for Business
Sure, there are plenty of reasons to use Encryption to protect your sensitive data – but there are three key factors, that all organizations share in common. The current state of cyber security woes for businesses presents itself as a harsh fact: 88% of companies suffer a data breach due to non-encrypted emails with sensitive information being hacked.
So, what are the key drivers that persuade organizations to take encryption seriously?
1 – To comply with data security regulations and requirements
Organizations must comply, by using the proper security and storage protocols, with U.S and E.U regulations in order to be considered (legally) in good-standing.
2 – To protect intellectual property of the business
Trade secrets are a real deal, and are highly sought after by hackers for ransom and blackmail which often results in bankruptcy of the company due to lack of money and trust from customers.
3 – To protect customer information
Protecting customers and their personal information is at the forefront of security concerns for business. The rise of data breaches within the U.S shows that implementing stronger security protocols is vital to business continuity.
Our Solution: ExchangeDefender Corporate Encryption
For the modern workplace, all types of business communications are done via email, and now data exposure has turned into a problem of great magnitude. With just a single wrong-click, an employee could unintentionally expose secret company information, financial statements, contracts etc. In order for organizations to thrive on business continuity, they must protect their data by enabling an email encryption solution.
ExchangeDefender Encryption enables organizations to securely send, receive, and manage confidential email, providing an easy, seamless way to implement content protection.
Powered by ExchangeDefender, Corporate Encryption complies with the SOX, HIPAA, SEC and local government requirements for information encryption. It also integrates easily with our email hosting solution, and is compatible with all major email service providers – including Office 365, on-premise Exchange, and G-Suite for Business.
What types of Encryption do we use?
ExchangeDefender Corporate Encryption involves multiple systems to encrypt the message contents and notifications generated by the system.
Channel Encryption
ExchangeDefender uses SSL/TLS encryption of the SMTP communication between the client’s email server and the ExchangeDefender network. All traffic is automatically encrypted using the same level of security that is used with online shopping, banking, etc.
Managed Web Encryption
ExchangeDefender web servers are encrypted using commercial SSL certificates. Client configuration, email review, message retrieval and all services provided through ExchangeDefender websites are automatically encrypted and cannot be accessed through a plain-text process that bypasses encryption.
Data Encryption
ExchangeDefender web servers, email servers, and routing hubs secure all client data through multiple layers of security including:
Complex account and login restrictions
Remote access restricted to ExchangeDefender NOC IP address space
All remote access sessions are recorded and authenticated
Administrators do not have access to client message data or configuration information
Keep business data safe with Encrypton
To protect your organization from data breaches, email encryption should be used as a preventative measure against tomorrow’s hackers. ExchangeDefender’s Email Encryption solution involves encrypting, or disguising email contents in order to protect sensitive company information from being read by unauthorized personnel. Our system is entirely transparent with no software to install, or manage on either end.
Explore full Corporate Encryption features
Protect your business communications for less than $5 a month*