Defending Your Inbox: Combating Today’s Top IT Threats
The digital landscape is a battlefield, and your inbox is the front line. With cyber threats evolving at lightning speed, it’s crucial to equip your business with the right defenses. In this post, we’ll explore the most common IT challenges businesses face in 2024 and how ExchangeDefender can help you stay ahead.
The Modern IT Battleground
Today’s businesses navigate a complex IT environment fraught with challenges. Ransomware, phishing, and data breaches are constant threats, while the shift to remote work introduces new vulnerabilities. Simultaneously, organizations grapple with digital transformation initiatives, talent shortages, and the complexities of managing hybrid workforces.
ExchangeDefender: Your Shield Against Cyberattacks
At the heart of these challenges lies Email Security. As the primary attack vector for many cyber threats, protecting your inbox is paramount. ExchangeDefender offers a comprehensive solution to combat these threats:
- Ransomware Protection: Our advanced threat detection capabilities identify and block malicious emails before they reach your inbox, safeguarding your sensitive data.
- Phishing Defense: Our robust anti-phishing measures educate your employees and protect them from sophisticated phishing attacks.
- Data Loss Prevention (DLP): Prevent sensitive information from leaving your organization through email.
- Email Continuity: Ensure uninterrupted business operations with our email continuity solution, even in the face of email server outages.
Overcoming IT Challenges with ExchangeDefender
Beyond email security, ExchangeDefender can help you address other critical IT challenges:
- Hybrid Work: Our solution supports remote work environments, ensuring secure email access from anywhere.
- Cloud Migration: Seamlessly integrate ExchangeDefender with your cloud infrastructure for comprehensive protection.
- Cost Optimization: Reduce IT expenses by consolidating email security and archiving into a single platform.
By investing in a robust (affordable) email security solution like ExchangeDefender, you can significantly reduce your risk of falling victim to cyberattacks and build a stronger foundation for your business.
Are you ready to fortify your inbox against today’s threats? Message us to learn more about how ExchangeDefender can protect your organization.
#emailsecurity #cybersecurity #ransomware #phishing #datasecurity #exchangedefender
LiveArchive Cloud Considerations: It Works Everywhere!
Over the past month we’ve been holding LiveArchive Workshop Series with clients who want to get LiveArchive deployed and staff trained in under 1 hour. It’s going well and the question we get the most is: “Will it work on Azure/Linode/Oracle/___?!” Yes, it works with ALL public and private clouds because it’s built on top of open source technology standards that everyone offers. In order to deploy LiveArchive you’d follow the same principles and steps outlined in our Cloud Backend Setup at Amazon AWS, Microsoft Azure, Oracle Cloud, Google Cloud (even if you host it yourself on your own network/hardware). All public clouds offer containerized services and the Docker containers that make up LiveArchive are mariadb:latest, minio/minio:latest, and exchangedefender/livearchive-webmail:latest.
Navigating IT Politics
Now that you know ExchangeDefender LiveArchive works on all the popular cloud providers, it’s time to pick one. Here are 3 things to keep in mind:
1) Your choice will typically be controlled by the clients existing infrastructure and vendor policies – if they are an all Microsoft shop you’ll likely be deploying LiveArchive on Microsoft Azure. Regardless of your choice of cloud vendor, you will still get the same LiveArchive performance and keep in mind that full source code for the entire stack is available here: https://github.com/exchangedefender/livearchive-webmail. Having access to the code gives you the ability to optimize, customize, and future-proof your setup.
2) You will need access to DNS. In order to deploy LiveArchive you will need to create a CNAME for the LiveArchive UI which is required in order to request an SSL certificate.
3) You will need to allow several network policies on your choice of public or private cloud. Specifically, you will need to allow tcp ports 80/443 for the web services and you will need to allow tcp ports 9000/3306 to our LiveArchive network so that we can store your messages and message metadata. Cost is also an important criteria for many organizations so we recommend researching cloud cost calculators
This way you can see who will give you the best bang for the buck currently vs. over time as your organization grows. If you’re trying to keep the costs to a minimum your best option is going to keep minio and MariaDB services self-hosted or on semi-dedicated/VPS/colo deployment and to only put the LiveArchive Web UI in the cloud.
We look forward to seeing you in our workshops, and keep in mind you can get it going in under 10 minutes just by following these steps!
5 Reasons Why You Need Live Archive Email Backup
In the fast-paced world of business, safeguarding your critical communication is non-negotiable. That’s where Live Archive Email Backup steps in, offering a comprehensive solution to address the evolving challenges businesses face today.
1. Security at the Forefront
Value the security of your business data with Live Archive. Safeguard your critical communication from potential threats, ensuring the integrity of your business information is maintained at all times.
2. Fortify Against Ransomware
In the battle against crypto-locking threats, Live Archive becomes your shield. Protect your email backups, ensuring your data remains accessible even in the face of a compromise. It’s the ultimate defense strategy for your digital assets.
3. Long-Term Email Preservation
Ensure the continuity of your business with Live Archive’s long-term email preservation. Back up and archive email data for extended periods, meeting regulatory and business continuity requirements seamlessly.
4. Budget-Friendly IT Solutions
Navigate the complex IT landscape with ease by choosing Live Archive—a cost-effective email backup solution. It provides robust protection without straining your IT budget, making security accessible to businesses of all sizes.
5. Storage Flexibility for Your Needs
Your data, your choice. Live Archive offers storage flexibility, allowing you to store your critical information on the cloud, on-premises, or both. Tailor your backup strategy to suit your business needs effortlessly.
Live Archive Email Backup is the key to unlocking peace of mind in your business operations. Prioritize security, accessibility, and longevity—choose Live Archive for a reliable and comprehensive email backup solution. Your data deserves nothing less.
ExchangeDefender Supernet
Last month we announced a major upgrade and expansion of our network to better serve our clients in a more challenging cybersecurity world. I’m sure you’ve seen many stories in the news about cyber attacks and how some groups and nations are expected to attack our critical infrastructure.
We can assure you that those threats are real and are ongoing in a very focused fashion. In order to prepare for a more massive attack, we’ve had to rely on some BGP routing magic to make ExchangeDefender far more resilient.
Make sure you allow inbound SMTP traffic from ExchangeDefender’s 65.99.255.0/24 (255.255.255.0) range.
This range has been in use by ExchangeDefender since 2003 so if you’ve followed our deployment guide correctly you should be all set. If you’ve chosen to deploy ExchangeDefender differently and have other scanning/security active on that range, you might see email delivery delays and failures. Easy fix, just add the whole class C.
What is happening under the hood is that all of our different data centers are routing traffic via the same 65.99.255.x range. Even if half of our data centers disappear due to a telecom or power event, we will be able to continue email delivery.
As you’ve seen over the past year, we’ve focused on Inbox, LiveArchive, and upcoming Replay features to improve security and reliability. Like you, we wake up every day to another Exchange/Gmail event/issue/policy/fubar and nobody likes losing email or the ability to communicate. This is why having ExchangeDefender around your email infrastructure is critical if email is critical to your organization. The new supernet has been routing messages for over a month with no issue and on Wednesday, May 15th we will make it available for everyone.
ExchangeDefender Network Upgrade: Supercharged Security and Disaster Recovery for Your M365 Clients
At ExchangeDefender, we’re obsessed with keeping your clients’ emails safe and secure. That’s why we’ve just completed a massive network upgrade, designed to empower you, the IT Managed Service Provider, to offer unparalleled disaster recovery and enhanced security for your M365 clients.
Why the Upgrade? The Cloud Needs Saving Too!
Remember the good ol’ days of on-prem email outages? Well, guess what? The cloud isn’t immune!
- M365 Outages Happen: We’ve all been there – clients waking up to a down Office 365 tenant. Scary stuff.
- Data Loss Lurks: Lost emails due to strange glitches or language barriers (seriously, Croatian?) are a real threat.
Building on LiveArchive, we’re massively expanding our disaster recovery businesses due to increased demand for client protection on the Microsoft M365 network.
Our upcoming live mail caching service is here to save the day! We’ll cache copies of your clients’ emails for 24 hours, ensuring no email gets lost due to infrastructure issues. Need a message from the past day? Simply request a redelivery – problem solved!
Network Upgrade? More Like a Network Revolution!
To make Live Mail Caching a reality, here’s how we did it:
- Open-sourced LiveArchive: This empowers you to deploy massive email archiving solutions for your clients on their own cloud.
- Infrastructure Overhaul: We’ve upgraded nearly every switch, firewall, core router, and most of our backend to handle the massive data demands of live caching.
- Network Failover on Autopilot: BGP magic ensures seamless service delivery across multiple data centers, automatically routing around network issues and regional outages. No configuration changes on your end are needed!
In the coming quarter, we’re excited to unveil all these new services.
While email remains a prime target for cyberattacks (not a good thing!), our core focus continues to be protecting traffic and identifying threats. However, our M365 clients are facing a surge of issues and are turning to us for solutions.
For instance, when Microsoft experiences delivery delays or mail latency problems, our ExchangeDefender Inbox service becomes the go-to solution for accessing critical OTP/MFA tokens.
Many clients have also adopted Inbox as their preferred webmail client due to its speed and lightweight design.
As Microsoft prepares to sunset Basic Authentication, many legacy SMTP services and mail-enabled applications will become inoperable. To address this growing demand for reliable and secure email routing and delivery, we’ve significantly upgraded our network and services this past quarter.
Email delivery problems happen.
With ExchangeDefender, however, these problems won’t impact your operations. That’s our unwavering commitment, and we’re thrilled to announce the expanded ExchangeDefender network is here to serve you and ensure the continued security of your email.
P.S. Sounds expensive and boy was it!! We’re in an era where any excuse is used to raise prices, so this might come as a bit of a surprise: There will be no change in pricing as a result of all these upgrades. Thank you for keeping us in business in our 4th decade and thank you for trusting us with your email.
Enhanced Security: ExchangeDefender Now Supports Custom Authenticator Apps for MFA!
ExchangeDefender has recently enhanced our MFA features (multi-factor authentication) to help you enforce domain-level MFA compliance and to make it easier for users to be enrolled and protected by a layered authentication process automatically.
Simply put, we’re making it easier for you to keep everyone protected.
Today we are announcing ExchangeDefender MFA support for custom authenticator apps. By now everyone is familiar with our typical MFA functionality, available under your Settings at https://admin.exchangedefender.com. Just scan the QR code on your device and you’re set!
BUT WHAT IF YOUR DEVICE DOESN’T HAVE A CAMERA?
ExchangeDefender now supports MFA app enrollment using a QR code. This is great for scenarios in which:
– You don’t have a camera on your device
– The QR code doesn’t seem to scan (problems with the camera or monitor)
– You want to use a text-based MFA app
– You want to integrate PowerShell/no-code with MFA
– You want to share your MFA codes with others
If you’re in one of those scenarios, note the text under the QR code when you start the enrollment:
Click on the Can’t scan? Show code link and you’ll get the TOTP secret (aka secret code, MFA code). Paste it in your solution and paste back the 6 digit code it generates. That’s it, you’re done. MFA is now enforced and ExchangeDefender will rely on the codes generated by your app to validate MFA and grant access to your account.
All our features come from user feedback so if there is something we need to be doing to keep you more secure please let us know!
Improved SPAM Release Security: Quick Release
ExchangeDefender is giving users more power to lock down their valuable data. Now that ExchangeDefender handles business continuity and backups for M365/Gmail tenants there is even more information in ExchangeDefender that demands more flexibility with security policies. First, let’s talk about the upcoming feature that allows you to lock down your ExchangeDefender SPAM Quarantine Report activity.
Bit of background: ExchangeDefender Quarantine Reports are an immensely popular ExchangeDefender feature (coming up for an upgrade this spring btw!) that sends users a list of quarantined messages with a set schedule. Users tend to rarely look in Junk Items or review SPAM unless they are waiting for something so this is a cool feature that our users just love. Scroll down the list of quarantined messages and release or trust just by tapping the link. Super convenient, but does it meet your security requirements?
ExchangeDefender Quick Release feature now enables you to choose between convenience and a more secure release process. For many organizations, having the message released or get added to trusted senders with just a click is a huge time saver and user convenience. But if your Microsoft M365 / Gmail account gets compromised (which happens ALL the time) or you deploy a new security/business/CRM (mostly AI stuff) that scans links then this “convenience” can turn into an Inbox packed with SPAM messages that some hacker/service inadvertently released.
If this happens to you, know that ExchangeDefender can help with the “Secure Release” setting. By enforcing Secure Release, when the user clicks to release or trust a message they will be prompted to authenticate before they can release/trust the message. This way if you get hacked or install link scanning/crawling software in your tenant will not be able to access the messages without a password.
Now please, go setup your favorite authenticator app with ExchangeDefender MFA (next up, you can set it to be mandatory/required)
‘LiveArchive Web UI’ Launch Webinar – Join Now!
The new ExchangeDefender LiveArchive has been delighting our clients for months and we’ve got a surprise for you coming in February with a huge new feature pack we can’t wait to show you:
ExchangeDefender LiveArchive Web UI is the free, open-source, host-anywhere platform that will make it easy to access and perform eDiscovery tasks with your LiveArchive backups. Instead of just staring at a directory in S3, you can have a beautiful interface to quickly locate, view, and export messages. You can host it anywhere that offers container hosting or on your PC, you have the entire source code that’s free forever that you can customize and build on, and it’s free!
We’ve even rolled out similar user interface elements so that the experience will feel familiar to users of Microsoft M365 or Google Gmail:
During the launch webinar, we will go over the features, execute a full deployment so you can see how easy and quick the process is, and go over the security best practices. In less than an hour, you will have all the expertise needed to position, price, deploy, and manage the entire LiveArchive backup system.
Sunsetting LiveArchive
On December 31st, our current version of LiveArchive will be decommissioned. Inbox, a business continuity solution we launched last year, has already taken the workload of LiveArchive and it does the job better, faster, with fewer clicks.
LiveArchive served our client base well for over a decade and we’re thankful for all the disasters it’s saved us and our clients from. Now that we’re looking at 2024 and beyond, LiveArchive must solve new problems. For starters, most email is no longer hosted on low-grade hardware in SMB offices managed by part-time hobbyist IT: It’s now professionally managed in high-end data centers. The primary concern is no longer “What if my T1 Internet connection goes down?”; “BACKUPS ARE OUR RESPONSIBILITY” and keeping all your eggs in one basket is never a good idea.
COVID and the work-from-home era have only exacerbated the problem of how quickly (if at all) you’ll get your email back when the disaster occurs. Cloud operators are vague in their data protection statements and there is no way to audit it. Backup tools and services similarly offer few guarantees and the supply chain attacks have only gotten more prominent.
New LiveArchive Migration Service
New LiveArchive is designed to help solve the 3 problems clients have with protecting cloud email:
1. We don’t have any room in our IT budget (and need to save $)
2. If we get compromised our backups will get cryptolocked too
3. We have to protect and backup our email
ExchangeDefender LiveArchive.next webinar on November 8th, 2023 covered exactly how the next version of LiveArchive is going to help you solve all of these problems.
Furthermore, we announced a LiveArchive Migration Service for our clients who wish to have the LiveArchive data ported to the new LiveArchive. Because LiveArchive is IMAP based we can pull existing LiveArchive data into the new version. We can use the same IMAP process to bring over mailboxes hosted on any other IMAP accessible (M365, Office365, Gmail, Exchange, and virtually every legacy email service).
In order to get your data migrated all you have to do is configure your new LiveArchive service and put your ticket request in by December 1st, 2023. We take care of everything else and to reward our loyal clients over the years the service will be provided free of charge (est $499 value).
ExchangeDefender Domain Default Security Policy
Has it been a while since you last reviewed your email policies? Do you need to make sure that every user in your organization gets the same protection and the same service behavior and reporting?
We’ve taken some of our most popular features and wrapped them in a user-friendly wizard that will allow you to quickly configure ExchangeDefender. These settings establish the bare minimum configuration you need to reliably send and receive email on the Internet and instruct ExchageDefender how to sort your email.
Security Policy Overview
Our goal with the Security Policy wizard is to save time while configuring the major aspects of ExchangeDefender. While you still have access to hundreds of policies and can always configure new custom ones (as business requirements demand) it’s nice to know you can quickly adjust the features and make sure they apply to everyone in the organization.
You’ll be able to teach ExchangeDefender how to categorize mail, how long to keep it, and how to report it. Basic SPAM, malware, phishing, and address enforcement policies can be configured in seconds.
We’ve also added some of the settings that are exclusive to ExchangeDefender (From: policy enforcement) and some that always give IT teams trouble (DNS, DKIM + SPF records). The goal was to present all the required and support-intensive features in a friendly way so you can protect your network without knowing the details of the latest standards and security best practices.
Default Security Policy will automatically display the first time you log in as a Domain Administrator. It will load your current settings into the policy and allow you to review it or apply it to all the users in the domain. All the settings are still in their normal places so you can fine-tune your protection and features (https://www.exchangedefender.com/docs >remember the docs).
We hope this new wizard saves you time and gives you peace of mind that your protection is configured correctly.