Rough week with Windows Updates? DR is in!
With technology you really cannot avoid disasters, all you can do is prepare and test all backup plans when things go wrong. IT people in charge of Windows systems have had so many issues with Microsoft updates over the years that Microsoft consolidated all of their patching to happen on the second Tuesday of every month – and this months update disables network cards (kb 4103718) on many Windows PCs – oops! This got us to thinking, how many of you are effectively planning and implementing all the ExchangeDefender services to resume work when disaster strikes? We make it as simple as a bumper sticker, but it’s all in the planning and effective onboarding:
Outlook Web App/Access: Outlook Web App has almost the entire functionality of Microsoft Outlook and it’s included for free with your ExchangeDefender Exchange subscription. Problem is, most users do not know the server name or how to find it in an outage or on the road. We advise our partners to setup a splash page, a link or a dropdown on the clients web site or their own MSP site that leads the clients to the right location.
LiveArchive: LiveArchive is included in ExchangeDefender and it’s designed exclusively as a business continuity solution to be used when Exchange and other email servers go offline. Server down? Just point your browser to https://livearchive.exchangedefender.com and all your email is right there even if it’s not showing up in your Outlook due to an outage.
Mobile Device: Let’s face it, you won’t be able to pull out your monitor and workstation and take them down to Starbucks when the disaster strikes. Prepare your mobile devices to function as remote offices. You can configure both work Outlook and LiveArchive devices up front and just set them as Disabled or dormant accounts. Doing so allows you to simply “turn on” the mobile feature instead of trying to walk someone through the device setup while they are on the speakerphone and you already have their entire office waiting too.
Let’s be real for a second: We know that disasters in IT happen. Mechanical machines that these incredibly complex systems run on are prone to failure: so instead of gambling that the problem will not occur, why not just build it into the onboarding system and take care of the inevitable situation right now where you can do so at your own pace and keep everyone happy.
Achieving eDiscovery and Compliance Archiving requirements in 5 steps
Signing up for the Compliance Archiving service is the first step in reaching regulatory compliance when it comes to email retention and eDiscovery. The following five steps will put you on the right path of achieving and maintaining that compliance:
1.Understand what you need to keep and for how long.
Your regulatory/oversight body will provide details about how long you are required to hold on to your email. In our experience with Compliance Archiving, you also need to pay attention to the Statue of Limitations that your business may be liable for. Very often the discovery process for lawsuits includes legal hold requests and record requests that are longer than regulatory requirement.
2. Get the right product and implement it correctly.
Your compliance has to be all encompassing – all email must be archived. With ExchangeDefender Compliance Archiving all of your inbound, outbound, and interoffice email is collected, archived and protected in the cloud. You can search for any document at any time and be certain that it has not been tampered with and that no emails have been deleted – something that sets our eDiscovery/archiving apart from backup solutions.
3. Keep an eye on it to make sure it works
Just setting up a compliance archiving solution is not sufficient enough. there is no protection for technical negligence in regulations. You are expected to keep your mail server and everything connected to it secure. Penalties for data loss, compromised credentials, and data leakage are severe and are not a valid excuse for not having compliance.
4. Create Compliance Officer reports frequently.
Compliance Officer within your organization must create reports on a monthly basis to assure no confidential information is allowed to leave the organization. Some industries have an even more specific and severe restriction on the type of communication that can take place over email and what sort of information can be sent – compliance officers run eDiscovery reports to assure nothing confidential is being shared and address problems and exceptions routinely
5. Routinely audit the entire system to maintain compliance.
Organizations grow and change over time and remaining compliant with new regulations is key. ExchangeDefender Compliance Archiving service often sends out advisories, best practices, tips and suggestions to adjust your process because you are always expected to be in full compliance with the latest requirements. Every time you add a new employee or change your mail server configuration or new lines of business – compliance must extend to cover these new records that may be of interest to someone down the road.
“One of the biggest mistakes organizations make with regulatory compliance is thinking that it’s a service, product or a one-time effort: quite the opposite!”
Achieving regulatory compliance means implementing the right product, conducting routine audits, complying with changes in regulations and having full control of the environment where messages are stored as employees come and go.
In the event of an audit, you will be asked to produce record and you will be judged on your ability to provide specific records that are requested, not the best effort you made in trying to achieve compliance. Considering the fines and legal complications, it makes sense to revisit the five steps outlined here annually and make adjustments as necessary.
ExchangeDefender introduces email delivery service for IoT, devices, printers and services.
ExchangeDefender (Beta) production is really picking up steam with the modern codebase and we wanted to launch a line of solutions to problems that have either been a challenge over the years or are expected to become a management issue going forward. One such area is the subject of service accounts that are only used by devices, printers, CRM solutions and notification services. We now have a separate system designed to allow SMTP-notification devices and services to relay through the ExchangeDefender network.
Quick rewind: Long, long ago during the great SMTP vs. UUCP dark ages, message exchange was trusted and trivial. But once it started getting abused by spammers and hackers, each ISP decided to implement their own flavor of SMTP traffic restrictions and regulations to curb the abuse. It became exceedingly difficult to relay mail from a consumer and business-level broadband connection but as more services and devices come online they defaulted to the standard SMTP protocol to send notifications and messages. Unfortunately, because ISPs still have their policies that are constantly shifting, trusted third party SMTP solution is needed but managing it is not something that is viable as a business model.. yet.
Today we are happy to announce that our clients will be able to allow devices and services to relay mail back to themselves using our SMTP relay service.Without having to mess with complex Exchange settings or ISP restrictions. Just create a relay credential, set the SMTP client in the SSL/TLS mode and use a special SMTP server on our network to relay mail via 587 (ISP may still be filtering that port, but that should be easy to fix)
-
New feature is available in the beta portal under Domain Admin > Accounts > IoT Accounts:
-
Just add a new account and you will be prompted for some basic information such as email address and description of the device/service used.
You will notice some important warnings/restrictions about this service (No, you can’t be a spammer or use this in a shared environment where it can be hacked) and that’s literally all you need to get started. It’s really just that simple. Best part? No management, licensing or tools to set up: just the ExchangeDefender SMTP relay network.
This feature is supported (even though it’s beta) and it’s free!
We hope you enjoy this and would welcome suggestions about which features you’d like to see in ExchangeDefender now that you have a better idea of where we’re going with the development of our messaging platform. We’re obviously going to tweak these services as we get a better idea how they are used and how much management they require on our end.
ExchangeDefender UI
ExchangeDefender is getting a completely new user interface and user experience. We are very excited to get this new UI in front of all of our users and I’m happy to report that the new UI will be live next week! Here is a sneak peak:
To find out more, please watch the recording of the webinar available here.
In a nutshell: Our business is continuing to evolve into helping organizations communicate smarter and more securely. This is increasingly involving systems other than email and the traditional Exchange+Outlook solution is no longer enough to meet the requirements or regulatory reporting needs of businesses. Not to mention privacy, integration, reporting, audits, legal holds: all something organizations of all sizes come to ExchangeDefender to address.
At the same time, we realize that our partners need help addressing these challenges and we are here to help and augment your existing practice and solution set. Click here to download the webinar and please let me know directly if you see anything you desperately need!
-Vlad
CEO, ExchangeDefender
Looking for a way to spend less time on email/client support ?
Not growing as fast as you’d like, or spending too much time on email/client support? Hear our CEO’s thoughts on what is fueling our growth and how ESS is already playing a huge part in growth of managed services across our client base.
Service Manager UI Upgrade Webinar
As you may have noticed from the huge banner in our support portal, our new Service Manager user interface is live! I just recorded a webinar that will walk you through all the “behind the scenes” stuff you should know about the new portal and I encourage you to watch, but I want to sum it up for you in case you don’t have the 20 minutes:
ExchangeDefender is rebranding into a secure communications platform: We are the application that our clients use to securely communicate with clients and vendors. With all the new regulatory requirements, daily hacking/exploit nightmare news stories, lack of trust in social media platforms and data being used for commercial/ad gain – businesses require and demand better than a “consumer” solution to a business problem.
In order for companies to become more efficient (and for our partners to make money in the cloud) we are embedding our support and services into the actual product: so when there is an issue, it’s already being handled. No more middlemen, no more escalations or different vendors fighting over who broke things: It’s our product, our network – we will do the work for you.
How that is accomplished is in the video below:
Click here to download the video.
Click here to download the user manual.
Pro Tip: How to Pitch Encryption and Compliance
Here is something that MSPs always get wrong when it comes to proposing Encryption and Archiving (HIPAA, compliance, eDiscovery): You can’t be something you’re not BUT you have to know the service you’re proposing. More on this topic tomorrow (if I can sneak it by the marketing)
Posted by ExchangeDefender on Thursday, April 5, 2018
Here is something that MSPs always get wrong when it comes to proposing Encryption and Archiving (HIPAA, compliance, eDiscovery): You can’t be something you’re not BUT you have to know the service you’re proposing.
Want to see part TWO of this video?
Disclaimer: There is tasteful profanity and light nudity to really drive the point of how to better interact with your clients. 🙂
New Service Manager
Our new Service Manager is now live, beta version is running on top of https://support.ownwebnow.com and after a brief period of testing, it will go live across every Shockey Monkey portal. It’s currently running in parallel with our legacy system so it doesn’t matter which one you use.
We’ll be doing a special walkthrough of the new system and discussing all the new features that you will start seeing as the new Shockey Monkey feature set makes it into the overall ExchangeDefender platform:
Service Manager Webinar
Wed, Apr 11, 2018 12:00 PM – 1:00 PM EDT
Click here to register
And since I’m on the subject of webinars… Please come and attend this one too – brand new ExchangeDefender UI (first in probably the last 7 years, rewritten from scratch) is coming this month!
ExchangeDefender 9
Wed, Apr 18, 2018 12:00 PM – 1:00 PM EDT
Click here to register
Hope to see you there.
-Vlad
CEO, ExchangeDefender
How to kill SPAM without using ExchangeDefender
At ExchangeDefender we kill SPAM for a living. We spend a ton of time and energy identifying, filtering, and destroying junk mail. If you’ve ever wondered how you could make your email experience better, even without the massive layered security that ExchangeDefender provides, these are the steps you could take today:
1. Configure strict SPF/DKIM DNS records
SPF and DKIM (DMARC) can help you protect your domain name from being used in SPAM mailbombs. Spammers will often use real email addresses and domains to send forged “spoofed” email messages and SPF/DKIM provide a mechanism for identifying which email server/platform you use. By setting up an SPF/DKIM you can tell places that are receiving email from your domain what to do if the message wasn’t actually sent from you. If your inbox is full of email bounces and non-delivery receipts, someone is using your email address to send junk mail and an SPF/DKIM record will practically eliminate bouncebacks.
2. Get rid of generic email aliases
At ExchangeDefender we manually process SPAM complaints from our customers – that’s how we train our system to eliminate messages that otherwise make it through because they are legitimate in every way we can automatically process them. The number one way to get a ton of annoying email that may be on the borderine between legitimate commercial mail and an unsolicited one: generic email aliases. If you get info@, sales@, admin@ or so on, you are painting a giant bullseye on your Inbox and practically begging to be spammed.
3. Unsubscribe from newsletters
I know, I know, everyone that has your email address supports CAN-SPAM , would never send you unsolicited mail, would never sell their client list… and even if you believe all those lies most of the time, people still get hacked. All the time! As do their ISPs and infrastructure along the way. If you want to reduce the amount of junk mail you deal with, simply reduce the number of places that have your email address. Simple!
4. Don’t click on everything in your Inbox
Sometimes SPAM gets through. Sometimes dangerous stuff from your friends and colleagues gets forwarded around. Sometimes your antivirus isn’t up to date. Sometimes the firewall virus protection is misconfigured our expired. Things happen: none are a good excuse for the simplest thing you can do: avoid clicking on anything in messages that look or seem suspicious.
5. Do not blindly whitelist major ISPs
The second biggest source of SPAM complaints at ExchangeDefender is actually completely self-inflicted: people whitelist major email providers and wonder why blatant junk mail keeps on “slipping through” as whitelisted. Go through your whitelist entries in Outlook, etc and make sure you aren’t whitelisting Gmail, Outlook, Yahoo, Verizon, AT&T, Hotmail or any of the widely used and abused email domains. Spammers know your email admin doesn’t want to deal with complaints about messages you’re getting from these platforms so they treat them more leniently – so spammers simply abuse them.
It’s really that simple – following these steps will cut your junk mail pile in half within a day. If you want to reduce it to less than 1%, ExchangeDefender is here for you for less than a buck a month or you can layer it and add more protection if you need it because time is money: but no amount of technology and automation can replace just a little bit of common sense.
Federal Trade Commission
CAN-SPAM Act: A Compliance Guide for Business
The official website of the Federal Trade Commission, protecting America’s consumers for over 100 years.
VIDEO: Live Archive keeps emails up, and running!
So here is something that has always worked for me: everyone hates outages. Regardless of why I’m invited to speak to anyone about ExchangeDefender, and the billion problems we solve, I am here to help you with just one thing: uptime. If things are working, we can sort everything out, but the fear of the new unknown solution causing downtime is the #1 thing your client is thinking about. So address it first.
Posted by ExchangeDefender on Thursday, March 29, 2018
What’s this video about? Live Archive.
So here is something that has always worked for me: everyone hates outages. Regardless of why I’m invited to speak to anyone about ExchangeDefender, and the billion problems we solve, I am here to help you with just one thing: uptime. If things are working, we can sort everything out, but the fear of the new unknown solution causing downtime is the #1 thing your client is thinking about. So address it first.
What is Live Archive?
Access your email via the cloud when outages happen.
Organizations are constantly facing internet and email outages, maintenance cycles and service unavailability. The key to productivity is being able to access your email even when outages happen Exchange Defender LiveArchive Business Continuity is the solution.
As you send and receive email, we make a copy and store it on our network – when you experience an outage you can just pull up a webmail system on your computer, tablet, or phone and continue where you left off.
Visit Exchange Defender: Email Security, Archiving, and Business Continuity solutions