ExchangeDefender Encryption Positioning
Email encryption is on the rise, ExchangeDefender offers two types of encryption.
Corporate Encryption
ExchangeDefender Encryption (Corporate Encryption) has been one of our hottest products for years, the demand for it is fueled by daily news of exploits, hacking, data theft and so on. Just last night, one of the largest retailers in the world was exploited and for over a month hackers stole credit cards and client information. This sort of daily reporting is creating an unprecedented demand for encryption products, with Let’s Encrypt becoming the largest SSL certificate issuer on the planet.
One thing remains, if the data you are sending or receiving is sensitive to you it’s your responsibility and best interest to assure it is protected.
When it comes to email encryption things get a bit more confusing, complicated, fragmented and unclear. One thing remains, if the data you are sending or receiving is sensitive to you it’s your responsibility and best interest to assure it is protected. Whether you’re the sender or the recipient. Unfortunately, email alone isn’t secure enough by design and <big deal>it is the most exploited and hacked medium available.</bigdeal> . Why hack a bank when I can hack your mailbox and get all your accounts, credentials, reset mechanisms, notes, private information and more?
This is where ExchangeDefender, and ExchangeDefender Encryption, become such a big deal and such a valuable <i>service</i> for your business. You can exchange emails back and forth securely, without installing any software, without requiring the recipient to install any software. Your still use your same email program, desktop, mobile phone, tablet – but your information goes from point to point in an encrypted and protected process. Not just that but you get things you typically can’t get from IT – knowing when the message was was received, when it was read, how many times it’s been read, and you get a reply in the same secure way.
Request your complimentary branded marketing collateral. Looking for something else? Give us your feedback.
It’s clear to see how easy and essential selling ExchangeDefender Encryption is: but you can’t show up empty handed. We have marketing collateral available for our partners – Click on the PDF to download.
ExchangeDefender Corporate Encryption: New Features
ExchangeDefender Corporate Encryption
ExchangeDefender Corporate Encryption now allows you to send encrypted attachments and share files securely from any device, even many of you that aren’t on Microsoft Outlook/Exchange. It was one of the more popular parts of the webinar we held yesterday (hope you had a chance to attend it, you can watch it anytime in our secure portal at https://support.ownwebnow.com)
ExchangeDefender Corporate Encryption was designed to eliminate the pain point of traditional key-based email encryption: too much software, too much management, exchange of public keys, software deployment, and more. It also eliminates the complaints about cloud based solutions that are often clunky, unfriendly, not to mention expensive. ExchangeDefender Corporate Encryption is none of those: it is friendly, affordable, requires no additional software or hardware.
And as of this week, it allows the sender and the recipient to exchange attachments so that the content is encrypted in both directions. Furthermore, because it is cloud based, you can resume work when you get back to your desk. The upgrades to the UI allow you to quickly see new messages, respond to them, or forward them elsewhere. It is truly turning into a highly secure, policy-based, email solution for businesses that require compliance and content security.
We’ve also made the UI more friendly by putting actions on top of the page so that it resembles popular webmail products end users have gotten used to for over a decade. Attachments are a lot more prominent and go both ways: not only can you send them, but when the recipient logs into our portal to reply they can attach anything they want to in response as well – assuring that content is protected and encrypted at all times.
ExchangeDefender SMTP Headers
ExchangeDefender mail flow and email analysis troubleshooting is at times a long and difficult process that has been automated through our admin portal at https://admin.exchangedefender.com. We realize that it’s not an option for some of our end users and new MSPs so we often get tickets in our support portal asking us why a certain message got delayed, rejected, classified as SPAM or allowed to get through if it had SPAM content, etc.
In order to troubleshoot an issue with a specific message we always ask for SMTP headers. The following blog post will help you find them in Outlook Web App, Outlook 2013 and Outlook 2016.
Outlook Web App
From the message listing, right click on the message and select “View Message Details”:
You will see Message details screen. Copy and paste it in the ticket and we can help you with the rest.
Outlook 2013 / Outlook 2016
From the message listing double click on the message so it pops up in it’s own Outlook window.
Then click on File and you will be shown the message file options:
Click on Properties and you will see the SMTP headers. Copy and paste it in the ticket and we can help you with the rest.
Important: Please copy and paste the contents of the screen into our support ticket instead of taking a screenshot. Sometimes the SMTP headers contain characters that are very similar (qf9mfIlI1IlI) and it can take a lot longer to locate the message rather than having a specific text search.
What happens next is that our team is able to locate the specific message in our database and then with that data do further analysis using the node that processed the message and look at all the logs generated by hundreds of different services that are analyzing every message for dangerous content.
ExchangeDefender’s New PIN Retrieval Process
About the PIN requests
Several years ago we introduced the ExchangeDefender Phone PIN support to enable our clients and partners to obtain full support over the phone as if they were in our support portal. Being able to talk to someone that can directly make any change you need to make on the go is incredibly valuable for on-the-go business manager that is typical in SMB.
Our implementation left a lot to be desired. We put the PIN in the area where few people looked. We had no system to quickly retrieve your PIN. Some of our support techs took advantage of the system to avoid helping clients. All these issues have been addressed so we wanted to go over our phone support process again.
Our Support Process
We have a typical 3 tier support system – people on the phones (Level 1), people in the support portal (Level 2), and people managing network services and software that approve overrides and make changes manually (Level 3).
When you call 877-546-0316, you will always be speaking to a Level 1 person. Their job is to be friendly and help you figure out how to get things done. In general, they will walk you through the portal, provide our manuals and walk through guides, open a ticket on your behalf, and sometimes even provide additional information about services. Their goal is to eliminate the clutter, the transfers, the “not my department, not my job” you often get when you call a company for help.
If you call our support and are active, in good standing (no late or past due invoices), with proper credentials – our team will greet you with “Thank you for calling ExchangeDefender, whom do I have the pleasure of speaking” and will try to locate your profile and your PIN. From there, we’ll take good care of you. If you don’t know your pin, or if we cannot locate you in the portal, our support will still provide basic public information about our services but is prohibited from discussing pricing, settings, passwords, company data and so on. This is for your security and protection – we’ve all experienced identity theft, people pretending to be someone else, people that have been terminated looking to sabotage their employer, etc – the PIN removes that from being an issue.
What requires a PIN?
Anything that is not public or available on our web site will require you to provide an email address and a PIN. Things that don’t require a PIN are basic answers about how our products work, where to find documentation, if there are any issues with services at the moment, how to become a partner, marketing collateral requests, etc.
Everything else that is account-confidential will require a PIN, for example:
– Getting a copy of the invoice, pricing information
– Account modification, service change, settings change
– Opening a new support ticket on your behalf
– Adding a new service or subscription
– Modifying service settings (passwords, IP addresses, credentials)
There are only two things that our support on the phone will not do regardless of whether you know your PIN or not: add a new contact to the support portal and delete any service/subscription. For legal, compliance, and past experience reasons that is a red line we cannot cross.
OK so how do I get my PIN?
You can find it in your Contact information at https://support.ownwebnow.com
If you don’t know your PIN or support password, you can request a new PIN at https://exchangedefender.com/pin
If you don’t have a contact in our portal at all, you will be provided with a PDF to provide to whoever manages the ExchangeDefender relationship in your organization.
We hope that as we introduce chat and more phone support you can still get everything you want done much faster and more efficiently – but most of all: securely.
September Webinar: New ExchangeDefender Projects
Development and service improvement around ExchangeDefender is really in a different gear now and we have a huge webinar to discuss all the new stuff that you will start seeing in September:
– New Shockey Monkey Service Manager UI (for private portals)
– Exchange 2016 rollout for SMB clients
– Upgrades to IoT for CAN-SPAM tracking/issues
– Allowing threaded conversations in Web File Sharing
– Allowing file exchange through Corporate Encryption
– ExchangeDefender Pro UI changes
– and much more.
It’s a LOT of stuff with HUGE improvements all around so if you work with us you’ll really want to attend:
ExchangeDefender New Stuff Webinar
Wednesday, September 5th. Noon EST
https://attendee.gotowebinar.com/register/1810967512151336450
Since February of 2017 we’ve been working on core infrastructure updates to address major weaknesses in the previous infrastructure model and have embraced rapid development, regulatory compliance requirements, different laws and regulations impacting our clients all over the world, and major needs our clients expressed that required development at a different scale. This again puts us (and you) ahead of the competition and we look forward to helping you gain more business.
Tune in!
ExchangeDefender and Mobile Device Security
Mobile Device Security
ExchangeDefender protects pretty much any device that has access to email – and a category most prone to email-borne security exploits are mobile devices. ExchangeDefender Pro and our Exchange hosting services can nearly eliminate an attack vector through malware detection, phishing attempt alerts and can help you wipe a device remotely without having physical access to it.
The number one way to get malicious content to a mobile device is still via email – it’s so easy to trick a user to click on a malicious link and on a mobile device it is far harder to tell if the sender is legitimate or spoofed. Hackers format messages in such a way that it’s easy to see legitimate links and accidentally click on malicious ones so ExchangeDefender is extremely useful in making sure any such dangerous content is stripped off in the cloud. Anyone can email any content they wish to your mobile device and with ExchangeDefender you are assured that even the most aggressive of 0 day exploits do not arrive in your users mailbox.
Phishing, or forging/deceiving an identity of a third party, is a popular way for hackers to get users to click on links that appear to be legitimate. It’s very easy to copy a look of an Amazon or bank email notification and get the user to click on the link that takes them to a forged web site to download malicious content. Unlike Malware protection, which removes dangerous content from the email, phishing protection deactivates links in email messages and highlights phishing attempts when links to third party sites do not match the domain name of the sender. If you were getting an email from jeff@amazon.com would he be including a link to http://1001smallbizscamsandfrauds-519.org? Our system will deactivate that link and keep your user safe from whatever is on the malicious site.
Remote Wipe & Device loss management
In the event that your users device is lost, users employment is terminated, you don’t have physical access to the device but need to wipe it for security reasons – you can start a remote device wipe through your Outlook Web App under Settings > Mail > Options > Mobile devices and selecting Wipe Device. Within moments the device will be wiped clean of any data, content and settings and this works for both iPhone and Android devices (tables and phones).
ExchangeDefender Pro offers users a VPN server to connect to in a secure manner no matter where they go. Public Wifi hotspots tend to have questionable security at best and can be used to compromise a device that is connecting blindly across the Internet. Connecting your phone automatically to a VPN can assure that email access (and all the confidential data in the email) can never be snooped on.
We are currently in beta with our mobile OTP/2FA applications which will further turn the mobile device into a part of your authentication so you don’t have to remember complex passwords at all. In the meantime, it’s important to let the users know what ExchangeDefender is currently capable of doing for them and to enable/configure those features so they are actively protecting every email user in your organization.
Managed Outbound Network Services
Beta Launch: Managed Outbound Network Services
ExchangeDefender is proud to announce the beta launch of our Managed Outbound Network Services – interjecting support, monitoring, and management of outbound mail delivery services. If you’ve ever had to deal with outbound delays, deferrals, rejections, SMTP channel errors, etc we will now have the ability to assist you with email delivery and facilitate problem resolution for outbound email delivery in realtime.
One of the biggest problems in troubleshooting outbound mail problems is that problems are noticed days later, and are generally resolved well before a ticket is opened. The same goes for abuse, sometimes a mail blast is caught only after hundreds of messages have been sent and domain/sender had their reputation damaged.
Tighter Restrictions Means Better Monitoring
Our new ExchangeDefender Managed Outbound Network Service involves tighter restrictions and better monitoring of email traffic by actual humans reviewing statistical models in realtime. This is not something that is possible through automation because it’s very difficult for computers to determine legitimate content from illegitimate or dangerous content. Sending patterns also change depending on the sender, time of day, day of the month, devices, etc. User may run a mail merge marketing campaign or invoice batch and send hundreds of messages in a very short period of time, blocking their access automatically would interrupt legitimate activity. By adding people to the mix, that can analyze the content and sending patterns we have the ability to stop outbound mail abuse the same way we do it on the inbound side.
“Considering that almost 30% of our support time is dedicated to outbound mail delivery inquiries,
we expect this new solution to reduce our partners and clients time significantly.”
-Vlad Mazek, CEO ExchangeDefender
The best part about the new service is that it will be free and will require no configuration or management on our clients or partners behalf. Any notices we may have to issue to end users will automatically carry our partners or clients logo and contact information and will be resolved in realtime. Historically, we know that 90% of the time our clients are not aware of an issue at all, and we hope that the new service will reduce ongoing support and technical troubleshooting struggle our partners have had to go through regarding email delivery. By catching the issue in realtime, we will also help our partners appear more proactive and able to protect their clients better during 0-day infections and outbreaks. Additionally, we will be able to minimize the damage that a single careless user or hacker can cause an entire organization by stopping an outbreak at the source.
We will be writing more about this service in August and the first beta clients will be onboarded during the 2nd week of August – if you are interested in participating please send an email to beta@ownwebnow.com and let us know!
So You Think GDPR Doesn’t Apply to You?
That Four Letter Monster: GDPR
We know – you’re tired about hearing about GDPR – and you’ve probably received a billion emails about it from marketers all over the world urging you to “confirm” your subscription. As our CEO recently posted on Facebook:
“There were two kinds of IT people this week on Facebook – those that whined about
GDPR and those that got richer as a result of it.”
You can hear more of Vlad’s unfiltered thoughts on GDPR in the Game Changer webinar held earlier this month, but needless to say the GDPR is something that is here to stay and with every public privacy breach the notion of government regulation worldwide is going to start with GDPR as the foundation.
What this means for you – regardless of whether you’re the CIO or an MSP partner – is that client data privacy, disclosure, search, and reports will start consuming more of your time.
Do you currently have a solution in place that can quickly tell you what sort of data you have on your clients? Beyond your CRM.
What about the invoices that get emailed out with account numbers and addresses?
What about any contracts or agreements that got emailed back and forth?
I think you see where we are going with this: you need to prepare your IT for eDiscovery even if you don’t have urgent, current, and pressing reason to do so. Penalties for exposing financial data are extreme and the more the world gets used to privacy disclosure and where client data may be stored the more requests and inquiries you will start seeing. Businesses (aka “people with money”) are the low hanging fruit that will be sued first.
This is by no means a new trend: We have been selling Compliance Archive and Corporate Encryption for years but GDPR has really put the demand for these products into a new gear. For our partners, this has significantly increased both sales and service requests that are a giant opportunity for many to be ahead of the curve and regulatory changes worldwide.
Get ready for it today and call us – we have the products, the service, documentation, marketing collateral and back office legal support –
all you need to do is present it to the client and can help you do the rest.
ExchangeDefender IoT Email Relay Service
The Internet of Things
ExchangeDefender IoT has concluded it’s beta period and we’re thrilled to announce that the system will go into production this week. We have blogged about this previously and the demand for this service really surprised us – so we’re rolling with the production and adding all the new features into the beta product as the applications for this service are quite extensive. To sum it up:
ExchangeDefender’s IoT Email Relay Service
ExchangeDefender IoT Email Relay Service is a custom email smarthost (outbound relay) designed specifically for Internet of Things devices and services to securely dispatch realtime email alerts. Feature-wise:
– XD IoT Relay assigns every device has it’s own account/credentials so if one device is compromised the email capabilities of others aren’t impacted.
– XD IoT Relay is secure permitting traffic only via TLS/SSL SMTP protocol to assure security credentials cannot be sniffed on the network.
– XD IoT Relay allows dynamic IP ranges, allowing for cell/4G/LTE devices and sensors with remote/unsecure network connectivity to relay alerts.
– XD IoT Relay is compatible with every device that can send out email via SMTP/SSL (should be all of them) and is backed by our support and automated throttle management (in the event of an infection)
New feature is available in the ExchangeDefender admin portal under Domain Admin > Accounts > IoT Accounts.
Simply add a new account for each device you wish to have relay rights for (they are free for now) and configure your device to relay through outbound-auth.exchangedefender.com. Our service is globally redundant (no single point of failure) and is under our SPF/DMARC announced range.
We will be blogging more about this feature as we develop it and get a better handle of how it’s used but the feedback so far has been very positive and constructive. The biggest surprise (read: shock) is the level of unreliability of some of these devices/sensors and their rather infant API/app development – but they all know how to send email so many of our partners are looking to us to help fill the void between these devices/sensors going dark/offline and production email notification service. Many of our partners also looked to use this for printers, blogs, contact forms and a seemingly endless set of services that a remote ISP should be providing but they don’t – so when it comes to business and email people come to ExchangeDefender.
P.S. If you’d like to hear more about this feature and all the other new stuff we have set for ExchangeDefender in 2018, please download the webinar where we go into the details of how/why/what that might give you a broader perspective on how to position, sell, and implement these new features. Please click here to download the webinar.
Three Simple Ways To Begin Regulatory Compliance Archiving
Have you been putting off offering or relying on Compliance Archiving to meet regulatory compliance requirements? If so, you’re among friends as most businesses tend to view it as a form of a backup until they receive a letter from a law firm. Recently we published a quick and informal techie-free post about business continuity and we wanted to do the same for archiving because the #1 thing that will keep you out of trouble is making sure your entire organization is on the same page.
With that in mind, here are three steps that your organization needs to follow to get started with Compliance Archiving:
Step 1: Understand how your organization communicates
If you only knew what everyone did and what they had access to, things like security and compliance would be a non-issue. In the real world, organizations have a revolving door of staff, vendors, clients, laws, and projects that is constantly spinning. The notion that you can get something to manage it all, held together by IT staff and automation, is nothing short of a fantasy. Or rather, a nightmare, because you’ll get in trouble over one thing that was missed and went wrong not a million things that went right.
Our Compliance Archiving touches every message in your organization: doesn’t matter if it’s a message you sent to a client, a message you received from a vendor, or an interoffice email you sent to a coworker – we get them all. The important thing in step one is identifying the people and making sure that the way you communicate is set in stone: “We communicate with everyone through @ownwebnow.com email addresses, every ticket, every update, every inquiry, every quote, every bill pay – everything either comes from or is cc’d to an @ownwebnow.com address.”
Step 2: Get a grip on your devices, apps, and processes
Convenience is the enemy of order. And if you’re going to run a business, you cannot have everyone do exactly what they want to do. Yes, Subway will make your sandwich any way you want them to, but if you walk in and order a key lime cheesecake you’re going to be hungry. Same method applies to all the devices, apps, processes, etc. The simplest, most common sense, most effortless thing to do is to just give everyone that works on your behalf an email address on your infrastructure and have them use that email for all company communications.
If they use something else, and for some reason you wish to permit that rule change in your business, request that everything is cc’d to a local shared mailbox where you can keep ownership of it. Don’t make a big deal out of it – we get our office beer and red solo cups from Costco – and believe me we don’t have a massive asset inventory tracking system around it with people signing off on stuff left and right. We just take a picture of the receipt/order form and email to a receipts@ address – done.
Step 3: Get a regulatory compliance plan
The worst thing you can possibly do is start thinking about a plan when you’ve received a request for information or a legal hold. The good news is, step #3 is the simplest one because it’s just a matter of calling us at 877-546-0316 and talking to someone about implementing the Compliance Archiving solution. The complexity isn’t in the technology, it’s with the people and the constant sprawl of apps and devices that hold vital corporate information.
The great news about what we offer with our partners is that anything going in and out of your company can be screened, monitored, reported, and produced on demand or automatically for just a few bucks a month. The biggest challenge is knowing what to do – and you have to actually get started.
We look forward to serving you and making regulatory Compliance Archiving a breeze.