ExchangeDefender User Security Best Practices Webinar
Every month we get a ton of new ExchangeDefender users. We work harder than others to keep you safe — and we want to get you up to speed with all the unique security benefits you get with ExchangeDefender and how to best take advantage of them.
The webinar is not overly technical AND it’s a great opportunity to get any questions you may have answered by the very people that manage ExchangeDefender. Here is what we will cover:
– How to spot and manage phishing attacks
– Importance of strong passwords
– Why you need MFA/OTP and how it works
– What to do when messages bounce
– What to do when your email is down
– How to lock down ExchangeDefender
– How to deal with spoofing and identity theft
Attacks on IT are only getting more efficient and sophisticated with each passing day – and ExchangeDefender is here to help you stay secure and adopt the best practices of our most successful partners and clients.
* First webinar in series, we will post recordings in our portal on March 1, 2023 after all the live sessions have been recorded & edited.
Register for the webinar here: https://register.gotowebinar.com/register/457089402282191197
ExchangeDefender MFA Service Upgrades
ExchangeDefender has beefed up our MFA (multi-factor authentication aka 2FA / OTP) service with addition of new vendors and a wider reach.
Setting up MFA involves either installing an authenticator app or authorizing us to send you a text message. When you login to our service the system will expect you to provide the 6 digit code that will only* be known to your trusted device. Essentially, it keeps people who only know your username and password out of your account.
While we would prefer a more secure and reliable model in which our clients rely on MFA authenticator apps over the less secure SMS, we understand that is not a practical solution everywhere and absolutely every needs this second layer of authentication when accessing mission critical systems such as email and file sharing.
As you may remember, we had an issue with SMS MFA before Christmas and thanks to some heavy lifting by our team over the holidays the new SMS infrastructure is truly global, scalable – and will be delivered by multiple providers for better redundancy (eliminating the 10DLC compliance issues).
With the retirement of ExchangeDefender Essentials and all the compromises it required, you will be seeing a flurry of new security features in the ExchangeDefender Email Security service. First of many will be the access restrictions and the ability to restrict access to ExchangeDefender services based on location, time, etc. The attacks on email infrastructure are only getting more numerous and more sophisticated by the day and traditional (or cheap) security methods are no longer viable in 2023 and certainly not beyond. We look forward to continuing the best email security money can buy and we thank you all in advance for trusting us with your email.
Tis’ the season to save your MSP business money
We’ve set the email world on fire with ExchangeDefender Inbox, it is officially our most popular service. Hardly a surprise, given how it saves people $ on IT and email at a time when almost everyone is looking to make the most out of their budget. Or as one of our clients put it:
“This Inbox business is giving me a second life for Christmas – I’ve contacted everyone that said no to Office365 in the past year and I’m winning them!”
IT Tech Consulting
With that in mind, here are top 5 ways to illustrate how ExchangeDefender Inbox is a great way to control IT costs
Low cost
It’s a no brainer, $3 for Inbox with ExchangeDefender security included is a lot less than the average $20+ most M365 clients are spending.
No “up front” pre payment
Almost everyone quotes a low monthly price – but only if you pay up front, for 12 months, right now. ExchangeDefender Inbox is a month-to-month service and you can cancel it at any time.
No additional software licensing $$$
With big business email comes big business spending since big platforms come with poor security, no backups (read the TOS/AUP people!), and management UI + tools change all the time. With ExchangeDefender Inbox your only external cost is your annual domain registration.
Lower support & deployment costs
ExchangeDefender Inbox integrates with your existing infrastructure so there is no DNS work, no onboarding, no extensive training. You’ll never have to deal with permissions, distribution group memberships, Public Folders issues – not to mention that power users are largely going to more powerful cloud offerings for cloud and collaboration so why are you spending your IT budget in a slow 90s app?
No client software licensing costs
You won’t have to go to the app store for us nor do you need an entire office suite for retail, manufacturing, farm, students, or any role that comes with an iPad. Just open the default mail app that comes for free on your device, enter your credentials, and you’re done!
Fun fact
We’re not even half way through December and you’ve made ExchangeDefender Inbox our #1 service. We cannot thank you enough for that and we hope you’re excited about the roadmap we shared in our recent webinar.
Now is the time to talk to your clients about ExchangeDefender Inbox. If the IT budget is tight, we’re the solution you need to talk about right now. Don’t be surprised you’re not getting much interest for expensive email – everyone is pitching it and clients have already said no to it for a myriad of reasons. For those that are looking to get lean, to be more secure while spending far less, Inbox is the way.
Looking for marketing collateral? Great! (Download the brochure) for Inbox today!
Top 5 ways Inbox can save you from an email disaster
We developed ExchangeDefender Inbox to save the day: In our large M365 practice we’re responsible for a ton of users and when there is a problem we have to solve it. We built Inbox as a way to mitigate the biggest M365 problems and we’ve delivered an affordable and secure way to keep email working. Here are the top five ways people are relying on ExchangeDefender Inbox every day:
1. During Outages
If M365 goes down, your ability to send and receive mail goes with it. While this is not a frequent occurence (once of twice a year so far), when it does happen it’s extremely expensive. With ExchangeDefender Inbox you just have to open a web browser and continue where you left off.
2. Working around problems
While total outages are not frequent, email issues are nearly constant. Email bounces, weird errors, missing attachments, service suspensions, billing problems – not a day goes by without some sort of an issue. With Inbox you can rely on bypass to work around bounces and you have a separate platform that is not affected by configuration or administrative work.
3. BYOD + Mobile workforce
Most of the modern workforce doesn’t sit behind top of the line PC with a ton of ram – we’re seeing more work done on mobile devices, tablets, even Chromebooks. If you want a near turnkey email operation for users you don’t want to have access to your M365 side, ExchangeDefender Inbox is a far more affordable and efficient solution (plus it works out the box with no software to purchase)
4. Permanent mailbox
Let’s face it, most mailboxes are used to store alerts, notifications, and SPAM. ExchangeDefender Inbox enables you to move those mailboxes and not flood your shared mailboxes, logs, and tenant with non-actionable email. If your device or browser is constantly timing out and you have multiple mailboxes open, ExchangeDefender Inbox will make them all move smoother.
5. Configuration problems
We saved the best for last. Every day security vendors are publishing new ways to fight fraud, and email systems require extensive upkeep. If you’re innundated with issues related to email delivery – “I never got their email, they never got my email, why was this one delayed / deleted” – try using our response: “Did you check the ExchangeDefender Inbox?” Fact is, most email delivery issues are minor and tend to resolve themselves automatically but if you run a business you can hardly afford to wait: Inbox to the rescue.
Go for ExchangeDefender Inbox, visit www.exchangedefender.com/INBOX
ExchangeDefender Inbox is rapidly becoming our #1 service and we’d love to hear how you’re using it. If you have any feedback please send us an email at inbox@exchangedefender.com and we’ll put in a good word with Santa about getting you some ExchangeDefender swag.
What’s the difference between LiveArchive and Inbox?
Recently we blogged about ExchangeDefender Project: Inbox and we got a good amount of interest in the beta and just as many questions. We wanted to address the biggest one: What’s the difference between LiveArchive and this Inbox.
The biggest difference is that Inbox is intended to be used as a primary user mailbox, while LiveArchive is meant as a failover for a user whose mailbox is elsewhere (Exchange, M365, Gmail, etc)
Vlad Mazek, CEO of ExchangeDefender
LiveArchive is a great service to rely on when something goes wrong – Inbox on the other hand is meant to be used all the time. LiveArchive is solely a web mail service – Inbox enables you to connect Outlook or mobile devices to it. LiveArchive is a separate web service to which users usually forget credentials or only login when things go down – Inbox is integrated in the admin app and is accessible one click away from the SPAM Quarantines that our users access daily.
They are both great solutions to different IT challenges: LiveArchive for when things go wrong, Inbox for everyday email use. Inbox has one other massive advantage to it that we’ll announce later this fall.
We expect to offer both with ExchangeDefender Pro to reduce support traffic (clients mail tracking requests caused by mail server issues: “It’s in the Inbox”) and because everything in IT can fail and it’s always prudent to have a failover/backup with LiveArchive.
Introducing ExchangeDefender Inbox
Cybersecurity tops the list of IT concerns and spending, with email still being the most popular service with users and hackers alike: over 90% of compromises start with an email. If that sounds familiar you’ve undoubtedly had to deal with new email authorization standards, user training, troubleshooting mail flow, trying to figure out why email to or from certain people is bouncing, reconciling it all with new IT trends, cyber-insurance requirements, marketing. In a nutshell, email security is still a challenge and users just want something that works.
We’ve reimagined what the email security should look like in 2022 and we cannot wait to show it off:
ExchangeDefender Inbox Webinar
Wed, Sep 28, Noon EST
https://attendee.gotowebinar.com/register/1111619875721771023
We hope you can join us for the webinar and see just how we’ve integrated all the ExchangeDefender security and productivity services to give users a single panel of glass to make email work for them even when they have issues with email. Can’t wait till next Wednesday? Shoot us a ticket at support.exchangedefender.com and ask us to enable it for you today!
ExchangeDefender Inbox combines over two decades of email security experience with the modern, mobile-first world of countless email issues. It enables our clients to get things done with email security and work through all the issues without involving IT. Users want a quick and reliable email platform that just works – work around SPAM filters, around SPF/DKIM policies, around bounces – all while leveraging email encryption to protect sensitive data. The service has been enormously popular with our enterprise clients and now we’re bringing it to all ExchangeDefender users – see you next Wednesday!
Limited support for misconfigured services
ExchangeDefender provides technical support and assistance only for the domains that have been properly configured according to our deployment guides (see https://www.exchangedefender.com/docs).
To make sure your domain is properly configured please check https://check.exchangedefender.com
When the required DNS records and inbound/outbound mail isn’t configured correctly our internal troubleshooting tools fail and staff has no way to replicate or diagnose further issues — they are prohibited from guessing or offering informal suggestions as that can cause even bigger issues and cause a liability issue for everyone involved. You’ll get the same answer in the support portal, in the support web chat, and on the phone.
But Vlad!!! What if the client can’t/won’t change their DNS or deploy the service correctly?
I can respect that there is always a business case requirement for doing things the wrong way, and I’ve had plenty of arguments with clients that don’t know how ExchangeDefender relies on all these systems to deliver the best possible protection and functionality. I understand. It might even work!
Just please don’t ask us for help with it when it doesn’t work. Our staff is prohibited from guessing and making the problem even worse. It’s not a BOFH issue, it’s a legal liability issue.
-Vlad
Looking for beta testers: “Project Inbox”
We would like to invite our clients, partners, and enterprise users to a closed beta of Project: Inbox – an affordable email solution that can be used as a standalone solution or in hybrid mode with M365 and G Suite.
If you are interested, please email client.services@exchangedefender.com along with a domain name you will be using for the beta test.
Our CEO recently held a webinar explaining the strategy behind this new service and it has been evolving ever since based on market feedback. Simply put, there is a huge market for affordable mailboxes that still meet the high end security and business requirements like top of the line email security, SSO, IMAP/Outlook/Mobile access, and still use the same domain name as the more expensive Exchange or Gmail office suites.
For an overwhelming majority of users within larger organizations, email is an absolute necessity but the average cost of $150/year/employee is putting a strain on IT budgets. Furthermore, the projected slowdown in the economy will make our clients more cautious about their IT spending. Our models show a trend of more users being mobile-first (with remote work being mobile-only) and a growth of service-related mailboxes is creating an opportunity to help us improve our clients security while reducing their service bill.
If this sounds like a winning opportunity for your business or your clients we hope you’ll join us in building something new and awesome. Those that help us out will enjoy the service for free for a while but we have a limited number of spots depending on industry and seat count so if you’re even remotely interested please email us as soon as possible.
oAuth Launch Scheduled for May 19th, 2022
In January 2021 we launched *our oAuth implementation* to help clients get rid of passwords. On May 19th, 2022 our legacy systems (existing email/txt 2FA/MFA) will be shut down and all ExchangeDefender services will rely on oAuth for authentication. Clients will not see a major difference and will login the same way they always have at https://admin.exchangedefender.com:
The new authorization backend will help improve the security of all users that rely on ExchangeDefender to keep them safe: better password policies, no need to reauthenticate every time you visit our services, support for hardware authentication devices and tokens, support for software authentication such as Google/Microsoft/Authy authenticator solutions, and a lot more.
The era where someone can get access to all your data just by guessing or hacking your password is coming to an end. More importantly, industry standards and cybersecurity insurance underwriters are requiring 2FA/MFA and this is a huge opportunity for our partners to deploy a more secure access to the arguably most insecure and public endpoint in every organization: email.
We look forward to keeping all your data secure and your users safe from dangerous email exploits.
DMARC Deployments Completed
We want to thank so many of you that finalized the DMARC deployments during #CyberMonth of October. Special thanks to the thousands of clients that trusted us to update their DNS zones on their behalf, we know that DNS work can be complex and inconsistent from provider to provider, and getting it completed will eliminate countless mail flow problems (many that you’re probably not even aware of).
DMARC compliance allows us to keep you in our priority routing, assures delivery to major email service providers, improves mail flow & delivery, and most importantly – keeps us in your corner when there is a problem. (non-compliant domains are considered a broken deployment and restricted to service inquiries).
What all the DNS work and troubleshooting has turned up is that far too many of our clients and partners do not have the required skill set to properly deploy, maintain, and secure their DNS. This is not a one-off project: your domain name and DNS are your organizations primary identification on the Internet and just like people email you verification links when you sign up for the service, cloud applications are requiring custom DNS records for ownership verification.
In October we launched an ExchangeDefender DNS Service, at just $19/month, that will cover all the work related to your DNS including SSL certificate work, Dynamic DNS, DNSSEC, and whatever DNS standard comes up next.
Through the end of 2021, we are offering our ExchangeDefender DNS Service for just $19/month and we are waiving the setup fees. Contact us today to get this added to your account, as it will cost you exponentially more in troubleshooting and lost business the first time you have an issue.