General – ExchangeDefender Blog

Most Popular Products

EMAIL SECURITY

Services that protects your mail from spam, viruses, and malware.

ARCHIVING

Secure long term message storage and ediscovery reporting.

BUSINESS CONTINUITY

Constantly archiving your sent and received mail.

Signing up for the Compliance Archiving service is the first step in reaching regulatory compliance when it comes to email retention and eDiscovery. The following five steps will put you on the right path of achieving and maintaining that compliance:

 

1.Understand what you need to keep and for how long.

Your regulatory/oversight body will provide details about how long you are required to hold on to your email. In our experience with Compliance Archiving, you also need to pay attention to the Statue of Limitations that your business may be liable for. Very often the discovery process for lawsuits includes legal hold requests and record requests that are longer than regulatory requirement.

2. Get the right product and implement it correctly.

Your compliance has to be all encompassing – all email must be archived. With ExchangeDefender Compliance Archiving all of your inbound, outbound, and interoffice email is collected, archived and protected in the cloud. You can search for any document at any time and be certain that it has not been tampered with and that no emails have been deleted – something that sets our eDiscovery/archiving apart from backup solutions.

3. Keep an eye on it to make sure it works

Just setting up a compliance archiving solution is not sufficient enough. there is no protection for technical negligence in regulations. You are expected to keep your mail server and everything connected to it secure. Penalties for data loss, compromised credentials, and data leakage are severe and are not a valid excuse for not having compliance.

4. Create Compliance Officer reports frequently.

Compliance Officer within your organization must create reports on a monthly basis to assure no confidential information is allowed to leave the organization. Some industries have an even more specific and severe restriction on the type of communication that can take place over email and what sort of information can be sent – compliance officers run eDiscovery reports to assure nothing confidential is being shared and address problems and exceptions routinely

5. Routinely audit the entire system to maintain compliance.

Organizations grow and change over time and remaining compliant with new regulations is key. ExchangeDefender Compliance Archiving service often sends out advisories, best practices, tips and suggestions to adjust your process because you are always expected to be in full compliance with the latest requirements. Every time you add a new employee or change your mail server configuration or new lines of business – compliance must extend to cover these new records that may be of interest to someone down the road.

“One of the biggest mistakes organizations make with regulatory compliance is thinking that it’s a service, product or a one-time effort: quite the opposite!”

 

Achieving regulatory compliance means implementing the right product, conducting routine audits, complying with changes in regulations and having full control of the environment where messages are stored as employees come and go.

In the event of an audit, you will be asked to produce record and you will be judged on your ability to provide specific records that are requested, not the best effort you made in trying to achieve compliance. Considering the fines and legal complications, it makes sense to revisit the five steps outlined here annually and make adjustments as necessary.

Not growing as fast as you’d like, or spending too much time on email/client support? Hear our CEO’s thoughts on what is fueling our growth and how ESS is already playing a huge part in growth of managed services across our client base.

Posted by ExchangeDefender on Friday, April 13, 2018

Not growing as fast as you’d like, or spending too much time on email/client support? Hear our CEO’s thoughts on what is fueling our growth and how ESS is already playing a huge part in growth of managed services across our client base.

ExchangeDefender Become a Partner banner

Our new Service Manager is now live, beta version is running on top of https://support.ownwebnow.com and after a brief period of testing, it will go live across every Shockey Monkey portal. It’s currently running in parallel with our legacy system so it doesn’t matter which one you use.

golive

We’ll be doing a special walkthrough of the new system and discussing all the new features that you will start seeing as the new Shockey Monkey feature set makes it into the overall ExchangeDefender platform:

Service Manager Webinar
Wed, Apr 11, 2018 12:00 PM – 1:00 PM EDT
Click here to register

And since I’m on the subject of webinars… Please come and attend this one too – brand new ExchangeDefender UI (first in probably the last 7 years, rewritten from scratch) is coming this month!

ExchangeDefender 9
Wed, Apr 18, 2018 12:00 PM – 1:00 PM EDT
Click here to register

Hope to see you there.

-Vlad

CEO, ExchangeDefender

65% of all emails sent are spam, what’s the solution?

At ExchangeDefender we kill SPAM for a living. We spend a ton of time and energy identifying, filtering, and destroying junk mail. If you’ve ever wondered how you could make your email experience better, even without the massive layered security that ExchangeDefender provides, these are the steps you could take today:

1. Configure strict SPF/DKIM DNS records

SPF and DKIM (DMARC) can help you protect your domain name from being used in SPAM mailbombs. Spammers will often use real email addresses and domains to send forged “spoofed” email messages and SPF/DKIM provide a mechanism for identifying which email server/platform you use. By setting up an SPF/DKIM you can tell places that are receiving email from your domain what to do if the message wasn’t actually sent from you. If your inbox is full of email bounces and non-delivery receipts, someone is using your email address to send junk mail and an SPF/DKIM record will practically eliminate bouncebacks.

2. Get rid of generic email aliases
At ExchangeDefender we manually process SPAM complaints from our customers – that’s how we train our system to eliminate messages that otherwise make it through because they are legitimate in every way we can automatically process them. The number one way to get a ton of annoying email that may be on the borderine between legitimate commercial mail and an unsolicited one: generic email aliases. If you get info@, sales@, admin@ or so on, you are painting a giant bullseye on your Inbox and practically begging to be spammed.

3. Unsubscribe from newsletters
I know, I know, everyone that has your email address supports CAN-SPAM , would never send you unsolicited mail, would never sell their client list… and even if you believe all those lies most of the time, people still get hacked. All the time! As do their ISPs and infrastructure along the way. If you want to reduce the amount of junk mail you deal with, simply reduce the number of places that have your email address. Simple!

4. Don’t click on everything in your Inbox
Sometimes SPAM gets through. Sometimes dangerous stuff from your friends and colleagues gets forwarded around. Sometimes your antivirus isn’t up to date. Sometimes the firewall virus protection is misconfigured our expired. Things happen: none are a good excuse for the simplest thing you can do: avoid clicking on anything in messages that look or seem suspicious.

5. Do not blindly whitelist major ISPs
The second biggest source of SPAM complaints at ExchangeDefender is actually completely self-inflicted: people whitelist major email providers and wonder why blatant junk mail keeps on “slipping through” as whitelisted. Go through your whitelist entries in Outlook, etc and make sure you aren’t whitelisting Gmail, Outlook, Yahoo, Verizon, AT&T, Hotmail or any of the widely used and abused email domains. Spammers know your email admin doesn’t want to deal with complaints about messages you’re getting from these platforms so they treat them more leniently – so spammers simply abuse them.

It’s really that simple – following these steps will cut your junk mail pile in half within a day. If you want to reduce it to less than 1%, ExchangeDefender is here for you for less than a buck a month or you can layer it and add more protection if you need it because time is money: but no amount of technology and automation can replace just a little bit of common sense.

Federal Trade Commission
CAN-SPAM Act: A Compliance Guide for Business
The official website of the Federal Trade Commission, protecting America’s consumers for over 100 years.

On February 1st, ExchangeDefender will officially start providing end user support for all email issues related to our platform. For our many partners and resellers this means that we will, under your name and brand, take and place calls and help your clients solve email problems. At no additional cost, across our entire Pro line of services: ExchangeDefender Pro, Exchange Pro, Compliance, and Encryption.

It just makes sense. Our entire service lifecycle is structured around ITIL, integrates into our partners support infrastructure seamlessly, is covered by our SOC1 and SOC2 audits, comes with advanced reporting, security/id, session and call recording… and a lot more that we cannot publicly disclose. But if you join me:

Wednesday, February 7th, Noon Eastern
Click here for the NDA & Instructions

This is going to be one of the denser webinars we’ve ever put together and the audience includes everyone from management down to helpdesk – what I have on deck is a layout of our service model, our scope, our escalation policies, our compliance protocol, authentication and validation service, etc. Consistency in this service is key so winging it or improvising isn’t an option.

-Vlad

P.S. I encourage you to check this thing out live. If you think this will be a service you offer down the road, this webinar (minus the Q&A) will be required viewing and the software will track attentiveness so if you even mildly care, I’d tune in or make someone at the office watch it.

We have some cool new stuff going live before New Years that you need to be aware of. It’s been a very busy season for every elf in the workshop so we’re taking some time off after Christmas, please read below I promise it’s important.

Encryption

This service continues to be our focus as we bring up massive changes to UI across the product line and Compliance stuff in general for one simple reason – it’s in heaviest demand. If you aren’t building a business on it, we should talk. In the meantime, we have a huge facelift to the Encryption Notifications.

Gmail - Browser - New MessageGmail - Browser - Message Receipt

Now I don’t know about you but our old encrypted mail notifications looked more like a Nigerian Prince scam than legitimate business notifications. We now have beautiful HTML/txt email notifications for the entire notification chain and of course your colors and your logo will be front and center. After the ExchangeDefender UI upgrade is complete, this branding will be customizable down to the domain-level so that recipients can identify the organization directly instead of the MSP/VAR/reseller. Mobile looks pretty good too.

Gmail - Phone - Message Receipt

We have some new stuff happening with reporting, audit and log control that’s coming to the Compliance Officer section of ExchangeDefender launching in early 2018. If you have any feature requests, we’d love to hear them.

P.S. We know, we know, you want to send attachments through portal replies. It’s in the works. In the meantime, Web File Sharing does this stuff safely, securely and with a ton more compliance flexibility.

Fake / Vanity / Service Accounts

If you have fake, vanity, group, service, dog and generally non-person accounts in our support portal, they will be suspended next week.

We’ve announced this change several times this year and it’s going live next Wednesday. The reason is long and boring but it showed up in our numerous audits that looked at the our change control, service order and change mechanisms… and long story short, we nearly flunked it because you cannot have unidentified personnel change control of service records. Ooops.

Now I know, I know, I hear you… “But Vlad, business case scenario, my techs all need to see the upda..”I know. And we have already solved that problem. If you have an engineering team that works as a group and all of them need to get updates when one person makes a change or request, we have a policy driven system in place to handle notifications. If you go to your company and edit company details you will see the following at the bottom:

notifyall

Put any email, distribution list, PF address, etc there and every update, order, notification or (insert reason for having a vanity account) will be copied automatically. You can also check the box if you don’t want admin-level updates being sent to the group account. If you do, you will see a new checkbox on every ticket update (Admin CC) that will allow you to manually forward ticket updates for that specific ticket to your group.

Chat

While I have you on that page disabling vanity accounts (click on your profile and write down your PIN somewhere), we are going a step further in terms of support. As I mentioned on many webinars this year, our product and our service is going to get a lot more chatty and user-oriented. No, we’re not going direct or trying to cut you out of the food chain but the reality is that in order for us (and you) to be more valuable to our clients we need to communicate faster to our users when there are issues. Hence the changes to support, additional services for support handling, more features for notifications and upgrades to all the UIs and so on. One new addition that is already live is our public chat – it’s available on every page at ExchangeDefender.com in the lower right hand corner.
image

Tapping this button will launch a live chat and my entire company (myself included) is available on it and can be pulled in on demand. If you use your email address AND your PIN, my staff will be able to help you as if you were logged into the support system and opening a ticket. They won’t make service changes for you (see above about SOC1 & SOC2 audits) but everything else will be the same as opening a ticket.

Google Suite / Gmail Compliance Archiving..

Finally, yes we’re now providing Compliance Archiving for people on the Google business mail platform. We’ve tested and certified on the Google G Suite Business Solution ($10 and up, it should also work with the $5 one)

Reoccuring Invoices

Finally, a bit of a bugfix (with some additional functionality) that should help with billing. Many of you use our Shockey Monkey platform to manage accounts, users and to do reoccuring billing. After the system upgrade to PHP7 our infrastructure for reoccuring invoicing didn’t allow for changes to reoccuring invoices (oops) so we’ve had to go back and not just fix the issue but add more flexibility to it. Here is the new look:

image

The new Last Time Generated field allows you to reset the clock so to speak and rerun any invoices you may have skipped.  This is very much a temporary fix but we’ve had a lot of good feedback from folks that aren’t on top of their billing that this new feature helps solve those problems so it’s staying. Lot’s of new stuff on the SM front in 2018.

2017

We hope you had a great one. For us, it’s been a rather arduous rebuilding year that has seen us make massive upgrades to our infrastructure, redesign of our data centers, upgrades to backoffice stuff, dropping a lot of vendors that weren’t up to the challenge and while I wouldn’t wish this kind of workload on any of you, I’m really in love with what we’ve been able to do this year and all the opportunities it now opens for us and for our partners. While losing some flexibility has certainly cost us some business, it has brought a lot of predictability and stability across the board. While outright replacing a lot of gear and subsystems was really painful, everything that we’ve redone has reduced our problems and issues to a nil. And while all of this has been rough at times, sticking with the process, standards, audits and the way we run the business has brought a new level of resilience and optimism that I haven’t seen here in a long time. I don’t recommend it, but the results are incredible.

With that, I’m confident that everything we have in the works now will make everyone we serve far better off in 2018. Next few years are going to be amazing as we bridge that gap between the old world of email, compliance and encryption with the new world of on-demand service and realtime communications.

It goes against all marketing laws to write a blog post about a service or product you’re trying to pimp. Thankfully, my marketing folks have a few days off for Thanksgiving and my blog publishing credentials still work.. so on behalf of the whole team at ExchangeDefender, thank you for a wonderful year. We hope you had a wonderful day and I wanted to share something we’re all thankful for from the business perspective because it’s not all about the money.

Happy ThanksgivingThank you for your faith – When I first started Own Web Now Corp, I only promised to get your yellow pages ad on the Internet for $99. Fast forward 20 years, we have entire companies (large ones at that) trusting us with their entire communications chain from email to backups to business continuity. We deliver and manage that service from three continents on what has traditionally been very unreliable software and perpetually breaking hardware. The level of faith our clients put in us to make their data safe and secure every day is something we’re beyond thankful for.

Thank you for your trust – Our very business exists out of the core distrust for the content on the Internet. Our tagline is “I kill SPAM for a living.” Yet in a world that is increasingly antagonistic and unpleasant, we’ve found people on every continent that trust us to get their mail around safely and securely. That’s a level of trust that is hard to express the appreciation for – seeing how nearly 20% of our time goes towards audits, checks, monitoring, adjustments, drills, and tests.

Thank you for your feedback – It’s hard to say this with a straight face since it’s become the industry joke in a way that Microsoft outright dismissed partners issues without an ounce of sincerity. Personally, I mean every word of it. We’re far from perfect. But I appreciate the feedback in all areas of our business and I always tell my employees to treasure it. “This is a business. Competitive business. If a client is complaining they are doing the dificult work of trying to make things work. Treat feedback as if your job depends on it – because that client could have taken the easy route – just moving it somewhere else that this problem doesn’t exist. It’s not bitching, it’s free troubleshooting!”

Thank you for your loyalty – We’re lucky to have a massive client retention rate – we don’t take it for granted either, we work very hard to maintain it and we still have clients with us that have been here since 1997. If there is a legacy behind this business it’s that when you do a good job and care about the service you’re delivering, people will stick with it because they know you’re on their side. That loyalty behind Own Web Now is what made ExchangeDefender possible, with ExchangeDefender we were able to build Shockey Monkey and with the new partners that brought us we’ve been able to become more valuable and get migrations, support, billing and soon every service you may need. Even the really stickly, legal and complex ones like Encryption and Compliance Archiving.

As a team, we’re thankful for this and much more. We hope you had a wonderful day, in US and abroad, and we thank you for your business. Always.

It has been a while since we’ve upgraded the ExchangeDefender UI but as you’ve seen with our other products and services, we’ve got something big coming over the next quarter: redo of all of our web interfaces to be more responsive and more useful. We’re starting with Encryption simply because it’s our most popular service. Allow me to unpack this upgrade as it’s a lot more comprehensive than it seems.

Login Screen

First thing you’ll notice is that ExchangeDefender will begin integration with 2FA/OTP for an additional layer of security. Two factor authentication, one time / disposable passwords, security tokens and so forth allow the users to login and use the service only if they have their password as well as a company issues OTP device. If your users tend to use the same password on multiple sites or like weak passwords that they never change please give us a call and let us set you up with a device.

On the exact opposite spectrum of concern, there are recipients of encrypted messages that generally don’t want to provide their email, name, etc or fill out long forms. For sites that interact with third party recipients (Encryption, Web File Sharing, Local Cloud, etc) we’ll now allow social media authentication as a login.

Inside the product itself you will find a fully functional email client with a responsive interface that quickly loads data without page refresh or long delays.

Inbox Screen - 1

Since we have so many clients that actually live inside these interfaces and do bulk of their work there, we even have a lighter mode that hides a lot of the navigation and branding and helps you preserve some screen real estate.

Inbox Screen - 2

We’ve made massive improvements to the functionality of the product as well. With so many of our encryption clients (and corporate clients) demanding a more functional email experience we’ve decided to eliminate Outlook and Gmail from the equation entirely. With the new encryption product you’ll be able to send emails, attachments, respond, forward messages and print from the site directly.

Reply Screen

All these features are coming next week but we’re far from over: our Enterprise Encryption is getting a massive facelift as well. You’ll soon be able to create a full Compliance and Policy manager role that will be able to inspect and report on what is going through the encryption system. You’ll also be able to create specific encryption policies that will help route messages within the organization for manager approval, HR screening (man-in-the-middle role), content traps and much more very soon.

We hope you like it.. because it’s coming to the entire ExchangeDefender / Shockey Monkey universe. Our more ambitious goal is to build an entire application suite where organizations can more effectively manage their mail flow securely but also turn it into an actionable and accountable platform that doesn’t obsess with “inbox zero” and anxiety over email overload. The future looks bright.

Sincerely,

Vlad Mazek
CEO
ExchangeDefender

Sometimes perspective matters. Allow me to offer you mine as the CEO of ExchangeDefender.

Last week we held a huge webinar to announce the biggest addition to our business in over a decade. One that will see our business grow exponentially over the next few years. The response from the people that have attended the webinar has been fantastic. But if we’re being honest, we had more partners apologize for not being able to attend the webinar and ask for the recording than we had in attendance for the webinar. As always, we provide a direct link to it a few days after the event but this time we did something different.

Recognizing that our partners are swamped and busy running their business, we went a few extra steps. We called every single attendee that came to the webinar. Less than 5% answered the phone or returned the voicemail. We shot a quick 5 minute video to summarize the content of the webinar for people that are too busy. We created flyers.

Today I wrote up a bullet list summary of our webinar, again for everyone’s convenience, but I buried the big announcement as a single line bullet point half the way through the writeup and asked the marketing department to use half the newsletter to highlight our marketing and advertising efforts.

Why?

I have no doubt our new support service will be a smash hit. In fact, we’ve already been overwhelmed with the response to it. Not only will it make partners that offer these services instantly more profitable (because we’re doing the work) but it will open up a marketplace for partners that didn’t have an expertise in email security, compliance, encryption and other “real business concerns” a venue to provide the service now that someone else is going to stand behind it. I’m not worried about us, we’re doing great.

I am, however, worried about many of you. I totally understand not being able to get to a webinar, an hour is too much to ask. But if you can’t answer the phone or return a voicemail.. what are you doing to give yourself a chance to grow a business? If you’re too busy to answer the phone or see what the vendor you already work with can do to make you more effective and profitable, how are you going to implement and promote those solutions that are designed to help you? If you’re too busy with work to actually improve your work and to make it profitable, then how do you grow? How do you improve your odds to survive and thrive in an environment where big players are working tirelessly to eliminate and displace you? How do you learn about delivering the new services clients need and how do you talk to them before someone else reaches them?

We owe our business to our partners. Loyalty is a pretty big thing for me personally because I’m here thanks to the thousands of people that chose to trust us. Our business responsibility is to have your best interest in mind.

And with that, I wanted to highlight marketing. The IT world is changing and the concerns businesses face with their technology are going beyond uptime and reliability. I have assembled a great team at ExchangeDefender not just to help you deliver these services but to educate you and to help you promote that service to the business community you serve. Helping you double profits on our services next year is a short term goal. Making sure you remain relevant, profitable and successful 3-5 years from now – that’s where my mind is at.

-Vlad

P.S. I don’t mean to criticize anyone; I understand the time is scarce and you have a million webinars, phone calls, emails, voicemails and social media notifications. You know best how to spend your time and the last thing on my mind is trying to offend or guilt you about not attending the webinar – if you read this that way I apologize and I hope you give it another shot. Truth is, we track this stuff: partners that show up for our webinars, that take the time to consider the solutions and work with us to implement them do 23x better financially a year out (from Aug 2016 to Aug 2017) than those that don’t show up or answer the phone. Those are the numbers I know and the numbers I can track. I want that kind of success for all my partners. I have no doubt we’ll be killing it with support next year – but I feel like my responsibility to you, to all of our partners, is to help you grow. And I can do that much better through marketing efforts than we are doing right now. Hence the highlight.

As many of you know, ExchangeDefender HQ is in Orlando, FL and as of noon today that office is closed until further notice. As of the latest hurricane projection, Orlando is likely facing the worst case scenario of being in the NE quadrant very close to the eye of the storm that will roll over the county next to us. Best case scenario, we will be returning to our Orlando offices on Tuesday, Septembrer 12th. Our capacity at that point is obviously questionable because roads, infrastructure and staff may be impacted.

ExchangeDefender is a global business and we have made several contingency plans and do not expect any interruption to our services. Although the majority of our staff is in Florida, we don’t have a single piece of computer/network infrastructure here so the show will go on as usual. The SLA for normal support cases will still be within 4 hours, we will still answer support tickets and phone calls. You should not be able to tell the difference for ordinary issues.

Where we expect to have the most significant challenge is in the areas of projects and special “courtesy” assistance that we typically go well above and beyond the call of duty – things like exporting mail, adding accounts by hand, reaching out directly to clients on your behalf, sales engineering and proposal writing, legal advisory services, compliance officer training, marketing collateral design and event support services are highly dependant on manpower which is something we may be lacking. We will still not say no but we do hope you’ll extend us some extra patience as we go on.

I feel it is my responsibility to be honest and up front about our priority process as we go through next week. This is the typical disaster priority schedule our entire staff is briefed and drilled on but with obvious bias towards Florida and the hurricane.

1. Most important priority will be given to the US and Florida government organizations that are coordinating efforts in the disaster zone. Staff is directed to drop literally anything else they may be doing to assist them.

2. Urgent tickets, system outages and performance issues will be treated as a secondary priority.

3. Ordinary support tickets will still be resolved within the SLA 4 hour window.

We understand that any issue impacting our service is a critical issue to those unable to go about their work because of something in our realm of responsibility. We have made numerous contingencies, failover and backup plans and expect to execute the plan accordingly. We do not employ warm bodies and people that do not care – everyone that is a part of a team understads service delivery is a team effort and wants to see everything continue to work for you as flawlessly and transparently as possible. Hopefully this blog post gives you additional insight as to how we will be handling that with regards to Irma. Personally, I understand that many of our partners in Texas are reeling, that many of our partners and clients in Florida/Alabama/Georgia/Carolinas are scared and we have been working unprecedented hours to make sure everyone has their contingency and failover plans implemented, tested and documented. To everyone in the way, we’re in this together. There is no hurricane party or a 5 day weekend for us, it’s all hands on deck with that deck now spanning 4 states. We’ll get through this. We may move a bit slower than usual, but we will get through this.

Sincerely,
Vlad Mazek, CEO.

GDPR - GET STARTED

Our readiness kit contains valuable resources designed specifically to help businesses with GDPR requirements.

DOWNLOAD OUR GDPR READINESS KIT

IoT Security Solution

Introducing our newest security solution for IoT devices. Protect and secure your IoT environment with robust built in Security.

READ MORE

Are you an MSP?

See why you should consider our partner program. Become a partner at no cost, with no annual commitment, cancel anytime.

MORE INFORMATION