ExchangeDefender – ExchangeDefender Blog

April 4, 2016

Domain Password Expiration

Filed under: Development,ExchangeDefender,General — Cody Savage @ 2:42 pm

A major feature folks have been requesting from ExchangeDefender for a long time is better password policies. The first step in that direction is going to be having the ability to support password expiration. We have moved forward with this request as we realize the importance of forcing password changes on a security platform. One feature that was implemented recently that you guys might have seen pop up in your admin portal is domain Password Expiration.

passexp1

If you navigate to a specific domain’s configuration you can see you now have the option to implement 30, 60, or 90 day password expiration for all the users on a domain. Initially when the feature is enabled it will tag all the current accounts on the domain / domain aliases, then depending on what option you selected 30,60,90 days out upon logging into the admin portal it’ll require the user’s to change their password before allowing any other functionality. Clients can be proactive about changing their password regularly and avoid the prompt by using the Password Change in their own settings after logging into the portal.

passexp3

However, I think we know that that will not generally be the case. Once their password has expired upon logging into the Admin Portal they will be redirected to change their password before they will be allowed to login.

passexp2

If you have any questions regarding this feature email me at cody@ownwebnow.com

-Cody Savage


March 3, 2016

How ExchangeDefender Protects You From Ransomware

Filed under: Business Tips,Consulting,ExchangeDefender — vlad @ 10:57 am

vcThere has been a lot of news coverage of the new wave of ransomware infecting businesses, encrypting hard drives and data on network shares and creating a “ransom” demand in order to unencrypt it. Initially these viruses traveled as typical viruses do – as executable attachments or inside zip files. Most popular of these was CryptoLocker which has made millions of dollars from businesses that didn’t have adequate protection, most recently from a Hollywood hospital that paid $17,000 to get it’s data back. But ransomware has taken a more evil turn – traveling not as an executable that users have been trained to avoid but as a macro inside Word and Excel documents that users often open without a second thought.

As with any threat, it’s important to layer protection and defend your business with a good firewall, good desktop security product as well as a perimeter scanning service we provide through ExchangeDefender.

ExchangeDefender Layered Protection

Before we discuss how ExchangeDefender protects you from ransomware, the most important aspect of IT security isn’t prevention – it’s education:

If you receive an attachment of any kind from a source you don’t recognize: do not open it.

If you receive an attachment from a source that you do recognize but it looks and feels suspicious: do not open it. If the email address looks wrong, if there are misspelled words, unusual formatting or unusual activity: stop.

But let’s talk about prevention. Our partners have many options of using ExchangeDefender to stop the spread of dangerous malware.

Attachment & Content Type Blocking: The following process is the most flawless, but most disruptive, way to address an epidemic. You can choose to let ExchangeDefender block attachments that are used by Microsoft Office documents. We do not recommend this route but it’s nice to know it’s there for the events in which people are getting infected and virus scanning has not been able to pick up threats faster than they are infecting systems.

OLE Virus Filtering: ExchangeDefender will block macro (.vbs) attachments outright. But with the rise of Locky ransomware we now also scan Microsoft Office documents and look for infected and dangerous malware placed in those. 

Known Threat Sources: ExchangeDefender also blocks dangerous content before it’s even an issue. Most of the threatening content is sent from the same sources that are popular with spammers, hackers and malware distributors: hacked PCs, servers, and blog sites. We maintain a realtime list of networks that spread dangerous content and routinely block their ability to infect our users.

Firewall & Site Blocking: Ultimately, the largest single source of infections isn’t the ExchangeDefender protected or hosted mailbox – it comes through Yahoo mail, Gmail and other non-business email service. If you aren’t blocking those at your work you need to be.

What else can be done?

As mentioned above, client education is the #1 way to address these. Contact our marketing department and ask them to build you a branded best practices flyer for email and Outlook (Hosted Exchange clients only). There are very simple ways to tell when a message is not from your bank or from UPS.

Establish a regularly scheduled backup system for all critical client PCs.

Layer your antivirus protection. No, one AV vendor is not enough and ExchangeDefender uses several commercial and dozens of proprietary data sources to detect and isolate dangerous content. No matter how much you love your single AV vendor and they claim they are the best – like everyone else they will have an infection evade their scan. If you only have one AV engine, consider adding something like ClamAV to your arsenal.

Establish a review of policies and security implementations. We often see that partners rarely configure ExchangeDefender or monitor it in a way that gives them actionable intelligence. The same can be said for client PCs: Are you monitoring your AV implementations? Are you checking that users aren’t turning off AV or firewalls? Are you looking at strange traffic patterns, use of private proxy or VPN networks to evade network security policies?

CryptoLocker and Locky are neither the first nor the most dangerous threats networks face. But with ExchangeDefender, education and layered security we can keep most online outbreaks from affecting business operations.


February 13, 2015

LocalCloud – Update

Filed under: ExchangeDefender,General,Software — Tags: , — vlad @ 10:53 am

Today I’ve published an update for LocalCloud, which addresses a few issues that would result in a failure to upload a file. This issue would only occur under certain conditions and was only prevalent in large files It’s turns out this was a result of a known bug inside the .NET framework and how it handles event notifications for the filing system. In addition to resolving this bug, I’ve also implemented a few performance enhancements that should make the application run smoother.

Download: http://www.exchangedefender.com/software/XDStorage.exe

If you’re running a previous version make sure to uninstall it first. However, we’ve upgraded to a new installation platform and all future updates will be patched automatically.

lc_androidlc_iphone

Several months ago we added the LocalCloud feature set into our ExchangeDefender mobile application for both the iPhone and Android. Now you have the ability to access your files from your desktop, mobile workstation and practically any mobile device!

 

 

If you have never heard of LocalCloud, it’s a cloud based storage solution for documents. It recognizes multiple file types and is 100% compatible with office applications. You can share documents between computers and even allow other individuals access to your files. With multiple access points comes great responsibility, for this we have access control. This feature allows you or another individual to “check-out” files to prevent accidental overwrites while the data is exchanged in the cloud.

lc_desktop


February 10, 2015

Hosted Exchange – Configuration Checker

Filed under: Development,ExchangeDefender,General,Support — Tags: — vlad @ 9:39 am

Throughout the day we receive hundreds of requests for new services and  existing account modifications. Luckily we automated this process from a very early stage and this helped to prevent 99% of account provisioning errors. Believe it or not, there was once a time where everything was processed manually!

However on occasion when there is a hiccup, then it’s simple a matter of locating the source of the issue. While issues on our end are rather easy to diagnose and fix, it’s not always as simple  on the partner’s side. There can be a handful of issues that can arise if the account is not properly configured or contains an invalid parameter.

This is why we’ve implemented a well overdue feature integrated directly inside the service manager. If you select the drop down box next to any Hosted Exchange account, you will see a new option called “Check Configuration”.

check_address1

After selecting this option you will be brought directly to the “Check Configuration” page. It will automatically populate the email address from the previous screen and run the initial check. Also keep in mind that you are able to test other accounts without leaving this page.

It will perform several checks including: Syntax, Server Location, Provisioning, MX Record, Autodiscover and validates that the account is protected by ExchangeDefender. In the event an issue arises you have the option to either “Email” or “Open Ticket” which will automatically include the onscreen results.

check_address2check_address3

We believe that solving the issue promptly makes for a better long term relationship. So if there are any features or adjustments we can make to help smooth the transaction between you and your clients, don’t hesitate to let us know! Our support staff eagerly awaits the opportunity to speak with you about how we can continue to improve our process!


February 2, 2015

ExchangeDefender – Licensing (Enhanced)

Filed under: Announcements,ExchangeDefender,General,Software — Tags: — vlad @ 10:24 am

Over the years we’ve always had a desire to increase the aspects of reporting in several areas. However due to time restraints and prioritizing our efforts towards ensuring we made our platform completely stable and continuing to provide a rock solid solution, we had to defer until later.

This has been the case for the last few years. We all worked insane hours to ensure that everyone had an awesome product, that they would be proud to call their own! Now we are enjoying the fruits of our labor and focusing on creating more of the eye popping visual features that will really help showcase our product!

As a result, I’m proud to showcase one of our latest ExchangeDefender features.

While signed in as a (Service Provider) account, you can view the licensing page located under: Licensing->Management. Here you could see the total seat count for the desired domain at a glance. We’ve expanded this to also include the ability to list each individual account under the domains. This is a toggle-able option that is off by default to help limit the initial page load for those who don’t want the extra information.

XD Licensing

Not only that, you also have the ability to save and download a PDF of the current view. This has been highly requested by several users as to provide them the ability to keep archived copies of their seat counts each month for financial records. Other users have simply expressed the need to print these reports, which we have also implemented with one click access.

XD - Licensing 2

Lastly we understand that our partner’s clients also like to be kept in the loop about their spam information from time to time. Listed next to every domain is the ability to view and print the current SPAM statistics for that account. All of this information is simply one click away, quick and easy access to the information your clients want to see!

Stay tuned we’re working on even more exciting features to help ease the load of bringing a new client on-board and continuing to manage that account!


December 2, 2014

Outlook Add-In (New Features)

Filed under: ExchangeDefender,Software — Tags: , , — vlad @ 10:09 am

Over the past few weeks, we’ve improved some core functionality inside of our Outlook SMTP Security Platform. We’ve reviewed customer feedback on a few issues, features requests and overall usability. In addition to the software improvements, we’ve introduced a new feature available to all ExchangeDefender Pro customers (not available in Essentials).

Flag Robot

This new feature is called the Robot Filter. The feature allows for automatic processing of newsletters into a sub folder within your inbox. Messages that are deemed to match the extensive rule set are quickly processed and sent to this folder.

This works for existing (unread) messages and new messages that arrive after Outlook has been launched. Also if you come across a message that was missed, you can use the “Flag Robot” button to report that sender and catch future messages. Now when you come into work, you don’t have to spend hours going through your daily newsletters. However these messages will still exist perfectly save inside of the Robot Filter folder to be reviewed at your convenience. In the event you locate a message that you don’t want flagged, you may click the button that says “Always Inbox” to have the rules skip the designated sender.

You may also use the “Report Spam” anywhere inside of your inbox to quickly flag a message and submit the headers to us for improved filter results.

Use our product and if your not happy tell us how to improve, that’s all we ask!
Your feedback shapes our future developments, so tell us what you need.


September 2, 2014

Development Log

Filed under: Compliance Archive,Development,ExchangeDefender,Software — vlad @ 2:05 pm

Over the past few months I’ve taken the time to update several different aspects of our product offerings. The updates and products we decided to implement were prioritized based on bugs & feature requests that had been submitted properly through our internal support portal.

First on the list was our Outlook 2010 & 2013 SMTP Security Add-in, which also applies to the desktop agent. We’ve added several new features, improved performance and fixed a few bugs. Listed below are the enhancements we’ve added based on user feedback.

  • Added the ability to view & manage alias accounts.
  • Added the ability to disable automatic refresh.
  • Added a direct link to the user’s web portal.
  • Fixed a link causing quick links to not work properly.
  • Added version numbers to the settings page.
  • Updated the “Dismiss All” label to “Review All”.
  • Window size & state are now persistent between restarts.
  • Added the ability to resize the window.
  • Added the ability to resize columns.
  • SPAM counts are now listed next to the addresses.
  • Right click menu has been added.
  • We’ve added the ability to trust an entire domain.
  • Updated Documentation
  • Updated Publisher Information

We’ve also went through an updated most of the online documentation since we’ve undergone such dramatic changes throughout the years. New images have replaced old instructional images, revised steps and procedures for various platforms and even structured the documents to allow for easy navigation. You can find all of the updated documentation here: http://www.exchangedefender.com/documentation.php

Several core internal programs have also been updated to allow our highly trained support staff to escalate and speed up response time for some of our more complex requests. One area of improvement has been geared towards Compliance Archive and simplifying the process to retrieve an export of a user’s mailbox.

We’re currently working on bringing several enhancements to LocalCloud. We’ve had several clients report issues with client stability. So we are working on a performance update, which will also allow for automatic updates in the future. We are also working on enhancing the Web Sharing file uploading service, by enhancing the upload controls and server-side timeouts.


August 14, 2014

What the VP of Development does at ExchangeDefender

Here at ExchangeDefender we have a wide range of products and service offerings. With close to seven years with ExchangeDefender, I’ve designed and written a majority of the software that is offered as a part of continuously growing platform. This includes several of our key systems such as: Encryption, Compliance Archive, Web Sharing, LocalCloud and even our service ordering & account provisioning! The only areas that I don’t touch directly are mobile applications, we have additional developers who designs and tackles any issues that may arise on our mobile platforms.

Throughout the course of the day I find myself working on various bugs and communicating with our team to ensure that bugs and new feature requests are considered and placed within our internal development pipeline. Recently I’ve been going through our old documentation and working on updating that with fresh information detailing step, by step how to use our products.

Keep in mind that it takes a while to develop and test fixes to assure they don’t introduce other problems. There are no quick fixes or features, everything we implement needs to work well across web, desktop and mobile devices and our support staff needs to be trained and alerted of these upcoming features.  So if you have a bug or feature request that is absolutely something that we must fix and/or implement, we would love to hear about it! However, due to my schedule and workload I’m typically a very hard person to reach. So first open a ticket in our portal, our highly trained technicians will review your ticket and possibly collect further information. After which, they will then escalate the ticket into a bug or feature request. Once in this section, it will be reviewed every Friday to see just how we can make our services even better!

Here at ExchangeDefender we want to help you fill your services portfolio with everything your client needs to operate their business successfully. We strive every day to be the absolute best for all of your service needs. So please (I cannot stress this enough) if you think we are falling short due to a software glitch or missing feature, let us know!


July 23, 2014

Mobile – XD Business Communicator

Filed under: ExchangeDefender,Software — Tags: — vlad @ 1:28 pm

XD Business Communicator is one of our latest additions to our mobile software suite. Extending the functionality and portability of our ExchangeDefender product line, this app keeps your connected!
 

Quarantine
You have the ability to manage your SPAM & SURESPAM quarantines. You can view each message in real time with a life preview pulled directly from our secure network. In the event you come across a message that has been caught by mistake, you can release the message for delivery. You also have the ability to whitelist (trust) a sender to ensure future mail delivery from that specified contact.


Encryption
Another useful feature packaged within the mobile application is the ability to generate an e-mail message ready for encryption. This feature will start a new message with [Encrypt] prepended to the subject line. This will ensure the message is sent through our encryption mail delivery channels. The only thing left for you to do is enter the recipient and message body and hit send.

LiveArchive

In the event of a catastrophic failure and your mail server is down or inaccessible, you have direct access to your live archive account. By clicking the button labeled Livearchive you will be signed directly into your business continuity account. This provides a quick and workable solution in the event of an emergency!

2FA

This feature is one of our newest additions. If you have 2FA enabled on your ExchangeDefender profile, this will allow you to generate a one-time use authentication code to access your account. Upon attempting to sign-in to your online profile, you will be prompted for the 2FA code which will be available on this mobile device. Those who required increased security, this is the feature that will help bring that comfort home!
 

About

We’re constantly providing updates to our applications. The about page display general information about the application and information about what’s changed between software revisions.


July 16, 2014

SMTP Security Outlook 2010, 2013 & Desktop Client – Major Update

Filed under: Development,ExchangeDefender,Software — Tags: , , — vlad @ 9:36 am

Today we’ve published an update to the Outlook 2010, 2013 and Desktop Client SMTP Security application. This update addresses several bugs, performance issues and even a few feature requests!

  • We’ve added the ability to view and manage alias accounts. (See Figure 1)
  • An issue where the submission of multiple spam messages at once has been fixed.
  • Messages submitted as SPAM are now sent to the “Junk” folder.
  • Fixed several performance issues relating to “Hanging” or “Freezing”.
  • We’ve fixed the issue that was causing the “Add-In” tab to be renamed.
  • We’ve added the ability to disable the automatic refresh cycle. (See Figure 2)
  • Fixed an issue that was causing compliance messages to not populate.
  • Fixed an issue that caused the quick links to not work correctly. (See Figure 3)

 
If you currently have the add-in installed, simply close and re-launch outlook. If you had our most recent version previously, the add-in should automatically update. However, if you notice that an automatic update did not occur, simply uninstall the old version and obtain the latest version.

 

Downloads

 
 

Figure 1 – Ability to view and manage alias accounts.
You alias accounts will populate in this list in the order of the main account, then followed by domain and users alphabetically.

Figure 2 – Ability to disable automatic refresh intervals.
You now have the option to disable the automatic synchronization.

Figure 3Fixed an issue that caused the quick links to not work correctly.
Clicking this link will sign you into your web management console automatically!


Older Posts »