ExchangeDefender Blog

November 23, 2017

Thank You

Filed under: General — vlad @ 6:36 pm

It goes against all marketing laws to write a blog post about a service or product you’re trying to pimp. Thankfully, my marketing folks have a few days off for Thanksgiving and my blog publishing credentials still work.. so on behalf of the whole team at ExchangeDefender, thank you for a wonderful year. We hope you had a wonderful day and I wanted to share something we’re all thankful for from the business perspective because it’s not all about the money.

Happy ThanksgivingThank you for your faith – When I first started Own Web Now Corp, I only promised to get your yellow pages ad on the Internet for $99. Fast forward 20 years, we have entire companies (large ones at that) trusting us with their entire communications chain from email to backups to business continuity. We deliver and manage that service from three continents on what has traditionally been very unreliable software and perpetually breaking hardware. The level of faith our clients put in us to make their data safe and secure every day is something we’re beyond thankful for.

Thank you for your trust – Our very business exists out of the core distrust for the content on the Internet. Our tagline is “I kill SPAM for a living.” Yet in a world that is increasingly antagonistic and unpleasant, we’ve found people on every continent that trust us to get their mail around safely and securely. That’s a level of trust that is hard to express the appreciation for – seeing how nearly 20% of our time goes towards audits, checks, monitoring, adjustments, drills, and tests.

Thank you for your feedback – It’s hard to say this with a straight face since it’s become the industry joke in a way that Microsoft outright dismissed partners issues without an ounce of sincerity. Personally, I mean every word of it. We’re far from perfect. But I appreciate the feedback in all areas of our business and I always tell my employees to treasure it. “This is a business. Competitive business. If a client is complaining they are doing the dificult work of trying to make things work. Treat feedback as if your job depends on it – because that client could have taken the easy route – just moving it somewhere else that this problem doesn’t exist. It’s not bitching, it’s free troubleshooting!”

Thank you for your loyalty – We’re lucky to have a massive client retention rate – we don’t take it for granted either, we work very hard to maintain it and we still have clients with us that have been here since 1997. If there is a legacy behind this business it’s that when you do a good job and care about the service you’re delivering, people will stick with it because they know you’re on their side. That loyalty behind Own Web Now is what made ExchangeDefender possible, with ExchangeDefender we were able to build Shockey Monkey and with the new partners that brought us we’ve been able to become more valuable and get migrations, support, billing and soon every service you may need. Even the really stickly, legal and complex ones like Encryption and Compliance Archiving.

As a team, we’re thankful for this and much more. We hope you had a wonderful day, in US and abroad, and we thank you for your business. Always.


November 17, 2017

New Corporate Encryption

Filed under: Announcements,ExchangeDefender — vlad @ 2:13 pm

It has been a while since we’ve upgraded the ExchangeDefender UI but as you’ve seen with our other products and services, we’ve got something big coming over the next quarter: redo of all of our web interfaces to be more responsive and more useful. We’re starting with Encryption simply because it’s our most popular service. Allow me to unpack this upgrade as it’s a lot more comprehensive than it seems.

Login Screen

First thing you’ll notice is that ExchangeDefender will begin integration with 2FA/OTP for an additional layer of security. Two factor authentication, one time / disposable passwords, security tokens and so forth allow the users to login and use the service only if they have their password as well as a company issues OTP device. If your users tend to use the same password on multiple sites or like weak passwords that they never change please give us a call and let us set you up with a device.

On the exact opposite spectrum of concern, there are recipients of encrypted messages that generally don’t want to provide their email, name, etc or fill out long forms. For sites that interact with third party recipients (Encryption, Web File Sharing, Local Cloud, etc) we’ll now allow social media authentication as a login.

Inside the product itself you will find a fully functional email client with a responsive interface that quickly loads data without page refresh or long delays.

Inbox Screen - 1

Since we have so many clients that actually live inside these interfaces and do bulk of their work there, we even have a lighter mode that hides a lot of the navigation and branding and helps you preserve some screen real estate.

Inbox Screen - 2

We’ve made massive improvements to the functionality of the product as well. With so many of our encryption clients (and corporate clients) demanding a more functional email experience we’ve decided to eliminate Outlook and Gmail from the equation entirely. With the new encryption product you’ll be able to send emails, attachments, respond, forward messages and print from the site directly.

Reply Screen

All these features are coming next week but we’re far from over: our Enterprise Encryption is getting a massive facelift as well. You’ll soon be able to create a full Compliance and Policy manager role that will be able to inspect and report on what is going through the encryption system. You’ll also be able to create specific encryption policies that will help route messages within the organization for manager approval, HR screening (man-in-the-middle role), content traps and much more very soon.

We hope you like it.. because it’s coming to the entire ExchangeDefender / Shockey Monkey universe. Our more ambitious goal is to build an entire application suite where organizations can more effectively manage their mail flow securely but also turn it into an actionable and accountable platform that doesn’t obsess with “inbox zero” and anxiety over email overload. The future looks bright.

Sincerely,

Vlad Mazek
CEO
ExchangeDefender


November 3, 2017

Remaining Relevant In Email Security

Filed under: Announcements,ExchangeDefender — vlad @ 5:28 am

Sometimes perspective matters. Allow me to offer you mine as the CEO of ExchangeDefender.

Last week we held a huge webinar to announce the biggest addition to our business in over a decade. One that will see our business grow exponentially over the next few years. The response from the people that have attended the webinar has been fantastic. But if we’re being honest, we had more partners apologize for not being able to attend the webinar and ask for the recording than we had in attendance for the webinar. As always, we provide a direct link to it a few days after the event but this time we did something different.

Recognizing that our partners are swamped and busy running their business, we went a few extra steps. We called every single attendee that came to the webinar. Less than 5% answered the phone or returned the voicemail. We shot a quick 5 minute video to summarize the content of the webinar for people that are too busy. We created flyers.

Today I wrote up a bullet list summary of our webinar, again for everyone’s convenience, but I buried the big announcement as a single line bullet point half the way through the writeup and asked the marketing department to use half the newsletter to highlight our marketing and advertising efforts.

Why?

I have no doubt our new support service will be a smash hit. In fact, we’ve already been overwhelmed with the response to it. Not only will it make partners that offer these services instantly more profitable (because we’re doing the work) but it will open up a marketplace for partners that didn’t have an expertise in email security, compliance, encryption and other “real business concerns” a venue to provide the service now that someone else is going to stand behind it. I’m not worried about us, we’re doing great.

I am, however, worried about many of you. I totally understand not being able to get to a webinar, an hour is too much to ask. But if you can’t answer the phone or return a voicemail.. what are you doing to give yourself a chance to grow a business? If you’re too busy to answer the phone or see what the vendor you already work with can do to make you more effective and profitable, how are you going to implement and promote those solutions that are designed to help you? If you’re too busy with work to actually improve your work and to make it profitable, then how do you grow? How do you improve your odds to survive and thrive in an environment where big players are working tirelessly to eliminate and displace you? How do you learn about delivering the new services clients need and how do you talk to them before someone else reaches them?

We owe our business to our partners. Loyalty is a pretty big thing for me personally because I’m here thanks to the thousands of people that chose to trust us. Our business responsibility is to have your best interest in mind.

And with that, I wanted to highlight marketing. The IT world is changing and the concerns businesses face with their technology are going beyond uptime and reliability. I have assembled a great team at ExchangeDefender not just to help you deliver these services but to educate you and to help you promote that service to the business community you serve. Helping you double profits on our services next year is a short term goal. Making sure you remain relevant, profitable and successful 3-5 years from now – that’s where my mind is at.

-Vlad

P.S. I don’t mean to criticize anyone; I understand the time is scarce and you have a million webinars, phone calls, emails, voicemails and social media notifications. You know best how to spend your time and the last thing on my mind is trying to offend or guilt you about not attending the webinar – if you read this that way I apologize and I hope you give it another shot. Truth is, we track this stuff: partners that show up for our webinars, that take the time to consider the solutions and work with us to implement them do 23x better financially a year out (from Aug 2016 to Aug 2017) than those that don’t show up or answer the phone. Those are the numbers I know and the numbers I can track. I want that kind of success for all my partners. I have no doubt we’ll be killing it with support next year – but I feel like my responsibility to you, to all of our partners, is to help you grow. And I can do that much better through marketing efforts than we are doing right now. Hence the highlight.


October 13, 2017

ExchangeDefender Bounce Whitelisting & Quarantine Access

Filed under: ExchangeDefender — vlad @ 3:03 am

We’ve never invested as much as we have in 2017 when it comes to infrastructure and now that those massive upgrades are nearing completion, you’ll start seeing an avalanche of new features and services we’ve been working on all year starting to show up. I wanted to write this blog post to address one that is the largest piece of annoyance for our clients and that is whitelisting bounce emails and domains.

A little bit of background: Every time you see a bounce*@ email address is the last time you will see that address. These disposable, script generated addresses are only valid for a short period of time and are used by the mailing list companies to track bouncebacks and replies to their campaigns. On is generated for every single email sent out and if you look closely at them they usually have a random string or your email encoded in the user part of the email address. Whitelisting them, as so many people often try, is to put it simply: pointless. Naturally when the next email comes in from “the same sender” it’s going to have a completely different from address and the old whitelist entry will not fire. This tends to get really annoying really fast for clients that don’t understand what is going on behind the scenes.

To make things easier and assure delivery in the future, ExchangeDefender will now detect when you’re attempting to whitelist a bounce/disposable address and offer to whitelist the entire domain for you. We’ve stripped out the product branding so you can forward this to your clients or include in your own documentation/newsletter. When they click on a Trust link in an email report they will see this prompt:

TrustedSender

And if they go through our online portal and attempt to whitelist a temporary bounce email, they will see this:

DomainWhitelist

Is that all? Well, not quite. You see, most of these bounce lists are coming from legitimate sources such as Constant Contact, MailChimp, SalesForce, etc. Later this fall we will be releasing a new “Newsletter” feature but in the meantime our new managed whitelist (enterprise-wide) will make sure these bounce messages getting caught in SPAM folders due to their contents (but from legitimate sources) are no longer something your clients have to worry about fishing out. So yay, less work for everyone involved!

One more thing

While we’re on the “less work” train, infections and filename/filetype policy violations will no longer involve going through our team to release messages. You can now release infected or policy violating attachments/messages on your own through the Domain login at https://admin.exchangedefender.com. (psst. You can even let your clients / CIO types access this since it’s a domain-level feature, not an MSP-level feature)

Infected

Proceed with caution though, delegating access to this content is still a terrible idea though and please make sure you have adequate sandbox/antivirus/anti-rootkit software installed anywhere you download these. For every legitimate release request we get there are dozens of “No, my client does a lot of business with UPS and they definitely need that .exe that UPS emailed them.”

We hope these new features make you more productive and safer online. We’re really excited about everything else we have coming up!


September 8, 2017

Schedule and SLA during Hurricane Irma

Filed under: Alerts,Announcements — vlad @ 11:02 pm

As many of you know, ExchangeDefender HQ is in Orlando, FL and as of noon today that office is closed until further notice. As of the latest hurricane projection, Orlando is likely facing the worst case scenario of being in the NE quadrant very close to the eye of the storm that will roll over the county next to us. Best case scenario, we will be returning to our Orlando offices on Tuesday, Septembrer 12th. Our capacity at that point is obviously questionable because roads, infrastructure and staff may be impacted.

ExchangeDefender is a global business and we have made several contingency plans and do not expect any interruption to our services. Although the majority of our staff is in Florida, we don’t have a single piece of computer/network infrastructure here so the show will go on as usual. The SLA for normal support cases will still be within 4 hours, we will still answer support tickets and phone calls. You should not be able to tell the difference for ordinary issues.

Where we expect to have the most significant challenge is in the areas of projects and special “courtesy” assistance that we typically go well above and beyond the call of duty – things like exporting mail, adding accounts by hand, reaching out directly to clients on your behalf, sales engineering and proposal writing, legal advisory services, compliance officer training, marketing collateral design and event support services are highly dependant on manpower which is something we may be lacking. We will still not say no but we do hope you’ll extend us some extra patience as we go on.

I feel it is my responsibility to be honest and up front about our priority process as we go through next week. This is the typical disaster priority schedule our entire staff is briefed and drilled on but with obvious bias towards Florida and the hurricane.

1. Most important priority will be given to the US and Florida government organizations that are coordinating efforts in the disaster zone. Staff is directed to drop literally anything else they may be doing to assist them.

2. Urgent tickets, system outages and performance issues will be treated as a secondary priority.

3. Ordinary support tickets will still be resolved within the SLA 4 hour window.

We understand that any issue impacting our service is a critical issue to those unable to go about their work because of something in our realm of responsibility. We have made numerous contingencies, failover and backup plans and expect to execute the plan accordingly. We do not employ warm bodies and people that do not care – everyone that is a part of a team understads service delivery is a team effort and wants to see everything continue to work for you as flawlessly and transparently as possible. Hopefully this blog post gives you additional insight as to how we will be handling that with regards to Irma. Personally, I understand that many of our partners in Texas are reeling, that many of our partners and clients in Florida/Alabama/Georgia/Carolinas are scared and we have been working unprecedented hours to make sure everyone has their contingency and failover plans implemented, tested and documented. To everyone in the way, we’re in this together. There is no hurricane party or a 5 day weekend for us, it’s all hands on deck with that deck now spanning 4 states. We’ll get through this. We may move a bit slower than usual, but we will get through this.

Sincerely,
Vlad Mazek, CEO.


September 6, 2017

Some tips on getting ready for a disaster with ExchangeDefender

Filed under: ExchangeDefender — vlad @ 7:12 pm

I held a quick webinar to get all of our partners and clients in the way of Hurricane Irma up to speed and all the contingencies you need to make in advance of the storm. In Florida and Texas we unfortunately get plenty of time to practice and live roll with disasters but if you have new staff, this is something you need to be doing with your clients continuously. If you don’t feel like watching a 12 minute video, here is a brief writeup.

First of all: We’ll be here. 24/7. If you’re in the path of the storm you will likely face severe outages, downtime, lack of reception, eventual lack of battery power and network congestion in a disaster area. Here are things to keep in mind and get on top of as far as we are concerned.

In the event our support portal ever goes offline, the secondary infrastructure in Los Angeles will pick up the load at:
https://support2.ownwebnow.com

In the event of an outage, we probably aren’t the only vendor you need to stay on top of. So if you do social media, you can track our activity and advisories here:
www.fb.com/ExchangeDefender
www.twitter.com/xdnoc

In the event that the net goes down, and it usually does, make sure you can get in touch with us. Our numbers are 877-546-0316 or 407-465-6800

In the event that you lose network connectivity or your LTE/4G suddenly becomes Edge/GPRS, you will likely be calling us for support and network changes. We’ll need your PIN to make any account or configuration changes to make sure you and your techs have that ready now. If you haven’t seen your pin in a while or if you’d like to reset it, it’s at support.ownwebnow.com under your contact preferences.

In the event that your power goes down, Exchange/ActiveSync will chew through your battery quickly. Make sure you setup your ExchangeDefender LiveArchive IMAP/SMTP now. Make sure you test the IMAP-SSL/SMTP-SSL part in the event that your mobile carrier blocks 587. We have a few LiveArchive frontends so if you’ve only ever heard of https://livearchive.exchangedefender.com you’ll want to login into the admin portal and find out which LiveArchive client access server you should be using. Do yourself a favor and set your LiveArchive-To-Go account, it’s free and it can sit on your phone dormant, just flip it on when you need it. Not only will it use far less bandwidth than Exchange/EAS, it will make your battery last a lot longer.

Finally, print out the client auth dump. This will give you all the credentials you’ll need to provide to your clients to get them back to work if their servers or networks go offline. Trust me, you want to do this now. I have fielded countless panicked calls from IT people charging their cell phone in the trunk of their car trying to get credentials reset and configured for their clients – plan this now.

Some other ideas and suggestions:

1. Any important data that you imagine you’ll need on the go: Encrypt it and take it with you on physical media. For really important stuff like insurance, routing, VPN, etc make sure it’s printed out and you have all the relevant phone numbers.

2. Take pictures of all the gear you’re leaving behind and do a video walkthrough of the setup. Trust me, you’ll forget to take a picture of something.

3. I’d like to repeat #1: Print a hard copy of contact points, client info, anything you will need to obtain assuming both computers and networks are unavailable or batteries drained.

4. Agree on a cloud based chat system to keep in touch with your staff. This is essential.

5. Publish and announce an offside advisory site. As you start restoring services, you need to keep your clients in the loop – nothing worse than recovering from a disaster and simultaneously having to listen to someone whine or nag for an ETA that is just slowing you down. Make sure you have a Twitter or Facebook account to point them to for an update. You probably don’t want to call a thousand people back. Expect their phones to be off too because they probably have power issues as well.

6. I cannot stress this enough: Reconsider your name server infrastructure. If your DNS is provided by the same company, or if all your name servers are on the same network, subnet, etc and it goes down you are dead.

7. Setup a cloud failover crash site. If you own your own mail server, setup mailboxes just in case – if you’re going to be down for days you’ll probably want to use email in the meantime. If you’re wrong worst case scenario is you’re out a month worth of email hosting.

8. Fly someone far away. I heard Utah is beautiful and relatively hurricane-proof.

9. This one is personal: setup a remote VPN server. If all your routes, trusted networks and servers are offline you’ll have a hard time getting to the infrastructure you’re expected to manage – your clients may come back online before you do. Stand up an openvpn cloud instance with a static IP address for the time being and trust it across your network.

10. This is a bummer, and almost illegal for me to say as a Floridian, but as this is a category 5 storm it’s a really good idea to stay sober. You may be needed at a moments notice, if things get really bad you’ll really want to be aware of your surroundings and have full capacity to handle multiple outages and issues at once. Many of you are IT solution providers and someone is paying you to think about #1 – #9 I mentioned here… I’ve seen things explode well before the hurricane comes in and days after the storm passes.

Stay safe. Plan and prepare accordingly but rest assured that we’re here for you. And some of us are in Utah too. 🙂

P.S. Yes, our logo is a hurricane. Yes, we noticed 🙂


May 10, 2017

New features and events

Filed under: Announcements — vlad @ 2:24 pm

With the events at the end of April / beginning of May behind us, we’re getting back to the new features and client requests in our core products. We executed a massive upgrade to the core of the ExchangeDefender network which now gives us the capacity to start implementing more layers of protection and functionality in email. Here are some news and a request.

.US tld – Over the past month we have seen a massive and coordinated SPAM storm using .us and new extended/vanity top level domains. They all follow the same pattern: all use .us tld, all are registered with a foreign agent/contact, all have properly setup rDNS, SPF records and DKIM auth (which even few legitimate .us mail servers have) and all come within a 24 hour window until the domain and VPS the storm originated from is destroyed. One interesting catch is that they do not process or acknowledge non-delivery receipts. We’ve had an unusual spike in complaints about SPAM levels all linked to the .US tld and since May 9th, 2017 we have rolled out a new set of rules to filter this content out. We are not blacklisting the tld, legitimate mail will still pass.

TLS issues on ExchangeDefender – We have finally decomissioned the TLS v.1 / SSL v.3 protocols on our inbound network and implemented more strict SPF record checking. This means that those old, unpached servers if any are still left will be forced to either send mail in plain text or upgrade their SSL implementation.

Public Folders, Shared Mailbox, etc – What do you hate about them? This is an open ended question, please feel free to send an email to vlad@ownwebnow.com with subject “Public Folders” and tell us what you’d like to see. As you may imagine, everyone uses and manages stuff differently so we want to see what we could change in our approach and control panels to allow for this to be done easier and quicker. We have folks using Outlook to manage them, we have folks using our control panel, we still have people that try to create a folder and give the whole world access to it (bad!) so if you’ve been frustrated by what we’re currently offering or if you’d just like to see something added, we’d love to hear about it.


April 12, 2017

Springing Forward

Filed under: General — vlad @ 1:42 pm

EasterWe’re hoping our partners are enjoying leap into Spring and on behalf of everyone at ExchangeDefender we wish all the best to those observing Passover and Easter holidays. In this season where things come back to life, ExchangeDefender is enjoying a very exciting rebirth of its own and I wanted to have a honest explanation of what we’re up to.

If you’ve kept up with us over the past few years you’ve noticed that we’ve been developing more and more of a service infrastructure and a service business. Some of that is due out of necessity because partners are unwilling or incapable of rolling out complex consulting and encryption services, some of it is out of opportunity where partners have rushed to outsource migrations and management to us. Over the past few years we merely began to scratch the surface of what we’re capable of delivering in the messaging and security space and with that came certain opportunities and challenges.

Our primary challenge was that of infrastructure and management policies. Who cannot relate to that? In order to make us a process oriented machine, Shockey Monkey had to grow and have entire sections rewritten from scratch. So much so that towards fall Shockey Monkey (under new name, brand and model) will come out as it’s own standalone business. We added data centers, power, infrastructure – all at the same time that we’ve been upgrading and migrating to the latest and the greatest all around a new process that has truly changed the organization at it’s very core.

Which leads me to the biggest challenge we’ve had to overcome: Deeply skilled and long tenured staff really loves new processes, changes and sudden urge to move faster than ever before to take an advantage of new business opportunities. I wish. We lost a great deal of talent that had unfortunately grown comfortable in their roles – but as you know, opportunity waits for no one. After several months of brutal schedules, deadlines, changes and audits I am happy to say that we have the most talented staff I’ve ever had the pleasure of working with.

This winter has been long, dark and full of challenges. But we’ve sprung forward in a way that I haven’t seen this company move in nearly two decades that I’ve ran it. Our opportunity, and our unique skill set, are making it possible for us to provide solutions to problems I never dreamed we could fix.

I wanted to take this opportunity to reconnect with you. If we haven’t spoken in a while, call. If we haven’t seen each other or chatted on Facebook, connect with me there. I’m excited about what we’re up to and look forward to showing you what we’ve been up to. But most of all, I wish you as successful of a spring season as we’ve had here. You can teach an old dog new tricks.

Sincerely,

Vlad Mazek, CEO


March 7, 2017

ExchangeDefender growing from Essentials to Compliance

Filed under: Consulting — vlad @ 11:40 am

st_patricks_webinarAs you’ve heard us repeat often in 2016, Essentials and Compliance are our fastest growing services and our partners have been using them to grow their business in very creative ways. We’ve interviewed our top partners about how they price, position and market these offerings and we would love to share the business model behind these offerings to help all of our partners find more success with ExchangeDefender in 2017.

ExchangeDefender growing business from Essentials to Compliance
Thu, Mar 16, 2017 12:00 PM – 1:00 PM EDT
https://global.gotomeeting.com/join/598282197

Webinar will be recorded (and available to partners shortly) but to get the marketing collateral and anything else we cover in the webinar, you have to attend live. Bring your beer and get an early start on St Patrick’s Day, you can always blame it on Vlad.


November 1, 2016

Billing Issues

Filed under: General — vlad @ 10:58 am

As some of you may have noticed with emailed notices, there is an issue with the billing this month. We are addressing this issue at the moment, updating invoices and correcting charges at the moment and expect to have it resolved by tomorrow.

We will update this blog post with the details of the issues that caused the problem and will be following up directly with the partners that were affected.

Update 3:22 PM EST: At this point we have correct invoices in the system and will be restoring order processing shortly. We are leaving both the correct and the voided invoice in the system for the benefit of those that were charged incorrectly so you can match up refunds with the correct charges.


Older Posts »