We recently won a very large financial institution contract with our ExchangeDefender Corporate Encryption by solving a not-so-unique problem many businesses have with their encryption solution:
“It’s a disaster. I spend more time resending encrypted messages or walking clients through how to access forms than I do on actual processing.”
This is what we heard over and over – email encryption solutions are ugly, not intuitive, not very user friendly, and half the time they get lost somewhere along the way. If your business has a loan officer doing email support, your email encryption is not working for your business.
“Sometimes we just text them parts of it blurred out so we can move ahead until they come into our branch.”
What if you could text them, but securely?
Mobile phones have become so ubiquitous that they are already being used a secondary security credential (via 2 factor authentication or OTP) – and now ExchangeDefender enables you to rely on them to securely grant access to confidential or sensitive information
ExchangeDefender makes this easy by allowing you to simply send anything you need to handle securely to your clients phone via SMS/text. And to do so while being even more secure than with email. Unlike email, that multiple people (from admin to IT) have access to, only you have access to your phone. Nobody else, with your credentials, can snoop on that. So compose a message, type in a phone number and send them the link to the document and attachments securely.
But ExchangeDefender Corporate Security makes that even better and more safe. First, you can password protect the message and either give them in a call or using other means. You can even make sure that they cannot share it or that it would get compromised later – just set the message to expire after it’s been viewed.
And of course you will be alerted when they actually click on the link and access your message.
You can even track it.
ExchangeDefender Corporate Encryption is truly enabling multi-platform secure sharing of secret, sensitive, and personally identifiable information. With our SMS/text feature, you can now reach people on their mobile devices and get them secure access to the information without an app or without dealing with their email issues. Best of all, your message never leaves you, the clients only get the link – so if you made a mistake, you can revoke and destroy the message immediately.
This level of secure messaging and audit trail is unprecedented – and now you can say “I’ll just text it to you, but securely. Password is encryption and it will auto-destroy after you pick it up.”
ExchangeDefender recently launched our second update for 2020 Corporate Encryption, and the feature that caught the most attention from our partners was the ability to send and control sensitive content via URL (i.e. web):
At ExchangeDefender, we simply call this Certified Delivery. When you absolutely, positively, totally must get the information to the third party securely – know who, where, and when accessed it – and that it will automatically expire/destroy the contents so you don’t have to track it or worry.
How to securely share info on the web
As a subscriber to ExchangeDefender Corporate Encryption, you have access to our encryption portal at https://encryption.exchangedefender.com. You can even bookmark this shortcut so you can quickly send messages straight from your browser.
Once there, click on Quick Actions > Compose Mail. Select URL.
Type up your recipient’s name, subject, message, and attach any attachments you may want. After you click on Send you will see the following popup:
That is it. Your secure link is generated and you can paste it anywhere you want. It is as simple and as fast as that.
But suppose you wanted to get some more control over the message and our automated policy enforcement. Click on Advanced Options:
This is where the power of ExchangeDefender really shines as it integrates into the client’s unique business requirements, which may vary depending on the information, recipient, and sensitivity.
For example, I am going to be sharing a secure message with an attachment that is time sensitive. I am setting it to automatically delete itself after 2 days, meaning I don’t have to come back and delete it myself. I also want to make sure that this message gets destroyed as soon as the person I sent it to views it – that way I minimize the likelihood that whoever is snooping on their computer / phone can get the same data. And because I am not actually sending any data to their PC, I have full control – meaning I can revoke/delete this message before they get to it too. I am also adding a secondary password to this message that I will communicate separately. For extra piece of mind, I am also asking Corporate Encryption to send me an email when someone picks up this sensitive message.
But wait, there is more
Sharing sensitive information comes with responsibility to keep the system accountable – you want to know if they got the message, when they got the message, where they accessed it from, and ultimately what they did with it. So ExchangeDefender Corporate Encryption offers you a variety of ways to do this easily. The best option is the Activity tab in the Encryption Portal:
Here you can track down the activity for each message you send, export the data for analysis, or just save it for your records. There is even a weekly email report if you don’t want to get flooded by email notifications when you share info with multiple people that might be accessing it frequently. ExchangeDefender Corporate Encryption brings several additional layers of information control and accountability. It actively works to keep you, and your information, more secure. And we’re thrilled to be able to save our clients time on tasks they do every day – to see more of what our clients asked us to build, take a look at the webinar recording!
ExchangeDefender Email Encryption is a service that helps you control and distribute sensitive information. There is no shortage of solutions that help comply with the alphabet soup of regulatory requirements that help mitigate data leakage – the real challenge is making people that rely on encryption to be more productive.
We spoke to thousands of our users, across industries, to gain understanding for how they use the service and what would make it optimal. Here is their wishlist, delivered:
Encrypted Messages are about more than email
While Email Encryption services were designed to automate encryption of email that contained sensitive information, the practical use for email encryption is simply to securely deliver and track access of those messages. Depending on the urgency, sensitivity and the receiving party, ExchangeDefender’s Advanced Encryption Options make it possible to customize how long the message is available for, if the recipient needs to enroll in the service or simply click to view, who should be notified of message delivery/receipt/read status, and more.
ExchangeDefender is the only Email Encryption solution to feature multi-channel delivery of sensitive content. Simply put, organizations no longer only share data via email. Companies are now texting more than ever, as well as leveraging different portal and chat solutions to which sensitive content can be attached. ExchangeDefender enables you to send encrypted messages – automatically based on content or by your custom preference – but you can send it as an email, as an SMS/text message to a mobile phone, or as a URL link pasted on Facebook/Slack/Teams or any web or social media property.
Simply put, when you need to know that it got there securely and what they did with it afterwards, ExchangeDefender has the policies, processes, and automation to make it possible and simple.
Encryption isn’t an IT / CCO problem, it’s a business challenge
No software to install. No need to change any DNS records or move your email hosting. No devices or appliances to maintain or support. It takes just a few minutes to sign up for ExchangeDefender Corporate Encryption, add your users, and set the default corporate encryption policy and suggested lexicons/pattern searches to keep everyone secure. In minutes, IT’s job is done.
The real encryption challenge is with the people that rely on encryption to get things done. Staff that sends out hundreds of encrypted medical records each day. Staff that communicates sensitive financial information between multiple organizations. Staff that is more concerned about the message getting to the intended recipient that can easily access it – or they become the front line IT support for every recipient that can’t view the message, didn’t get the message, or worst case scenario, message was sent to the wrong party (you can revoke it at any time).
ExchangeDefender approaches the business challenge by helping the sender customize the environment and save settings to eliminate repetitive work.
Outlook or Outlook Web App
ExchangeDefender Corporate Encryption comes with an Outlook and OWA add-in product that adds buttons to the Outlook/OWA ribbon. Safe delivery of sensitive information is really just a click away: just click on encrypt. This approach removes the need for the web interface entirely, and follows the default encryption policy as defined by your IT and Chief Compliance Officer.
Most of encrypted email work is related to message delivery: When you want to know that they got the message and what they did with it. With traditional offerings this is a painful process of searching through tons of email notifications – but ExchangeDefender takes that a few steps forward.
ExchangeDefender Corporate Encryption features a powerful Activity tab that enables users to see live activity across all the messages they’ve sent recently. For example, if you’d like to know whether the recipient attempted to print or forward a message you restricted them from printing or forwarding, you’ll find an alert on the Activity page. If you send a ton of mail, our powerful search will help you define the actions you’re looking for, search for a specific time period, or just search by text/subject. From there you can export it to Excel, PDF, CSV, or just print out the report.
If you don’t send a lot of messages or dislike constant email notifications from encryption services, we’ve got you covered as well. ExchangeDefender features a weekly email report that shows you all the messages you sent and the associated activity.
Management Default Policies
ExchangeDefender makes it really simple to define a corporate security policy that automates the encryption of sensitive information. Whether you want to screen for standard personally identifiable information (PII), or use one of the predefined lexicons for a number of industries, or you want to define a default corporate policy to keep all users secure, ExchangeDefender has you covered.
ExchangeDefender keeps its users productive by eliminating the user interface clutter – a byproduct of a highly flexible and customizable interface. Sending an encrypted message is simple and requires no training by design, the entire process is obvious and intuitive.
To be productive, you will need to rely on some of the more advanced features of ExchangeDefender Encryption that help control notifications, message rights, message age, and additional security requirements. ExchangeDefender allows you to save your policy customizations as a new policy, so that all the settings you configured can be reused and reapplied with just one click, on demand.
The Encryption Opportunity
The purpose of email encryption is to help automate the encryption of sensitive information. ExchangeDefender excels at this requirement with domain policies, lexicons, advanced pattern searches, and custom policies.
There is a lot more to encryption when you consider the people that rely on it to do their job – and ExchangeDefender offers Outlook/OWA addins to make encrypted email as simple as a mouse click. From there we provide powerful Activity reports in the encryption portal that allows you to search for messages, activities, and even filter down to the right time frame. Because encryption isn’t only about sending – it’s about knowing that the message was received securely – you can create custom reports that can be printed, saved, or exported to Excel.
Ultimate opportunity is in realizing that message encryption needs to evolve with how we work. Covid-19, office closures, physical distancing, and reducing touch points has made us all rely on social media, chat platforms, portals, and social media to communicate with our coworkers, partners, and clients. We now share sensitive information via email but also over the web and via text/sms to mobile devices. ExchangeDefender supports them all, secures them all, and enables secure productivity.
It’s easy to see why Corporate Encryption is our most popular product, please submit a ticket for a free trial.
ExchangeDefender Email Encryption: When you need to make sure your message was read, securely.
ExchangeDefender is proud to announce the launch of a new version of ExchangeDefender Email Encryption, our second update to this service in 2020 built entirely from user feedback.
Covid-19 pandemic has permanently changed how we exchange secure documents with people outside of our organization. In 2020, encrypted email has become a standard for secure delivery of confidential information. When you absolutely needed to make sure your documents got delivered and received, you’d turn to a fax machine or certified mail – but in 2020 with remote work and reducing touch or even office – we’re turning to Email Encryption. It’s no surprise that Email Encryption is now our most popular service.
For this new release, we went back to our users with a question: How can we make you more productive?
Encrypted Email is the modern version of a certified letter
When you have sensitive information that you need to make sure stays confidential, email encryption is your go-to solution. In fact, the biggest complaint about email encryption is usually about how clunky and user unfriendly it is. This is because email encryption was not designed with a sender or recipient in mind, but the IT and Corporate Compliance Officer staff that needed to protect ordinary email flow and keep any sensitive information from leaking out.
We wanted to solve this problem so we focused the new version on productivity.
This meant spending more time perfecting the user experience, both for the person in charge of sending sensitive information and making sure that the recipient can easily and safely access the message. With no training, no obstacles, no software installation, and accessibility anywhere, anytime.
Almost all of the corporate effort in email encryption is focused on acronyms and alphabet soup of regulatory requirements that are largely automated. But the real opportunity – and our clients identified obvious pain points – is in the day-to-day use of the email encryption system to send confidential information and make sure it’s received.
Sending Encrypted Messages
Our biggest goal was to make sure everyone could send encrypted messages without a ton of effort – so we’ve made it possible to subscribe to Corporate Encryption without subscribing to ExchangeDefender at all. Yes, it’s available a la carte and you just need to sign up (no MX record changes, no hosting provider changes, just sign in to the encryption portal and click Send).
For our clients that live in Microsoft Outlook or Outlook Web App, we’ve made it even simpler with the ExchangeDefender Encrypted Email addin. Now email encryption is just one click away.
Our biggest challenge was to make encryption easy to use – with so many powerful features and settings, modern email encryption solutions feel like an airplane cockpit to many white collar workers. We started by simplifying the user interface and giving IT/Compliance Officers the ability to create default organization policies – so users only need to worry about the message and where it’s going. All the advanced options are just a click away, enabling users to tweak email encryption to meet any unique business task.
So we’ve made it easier to obtain, easier to get started, and beyond effortless to use!
Controlling & Automating Encryption
We did not forget about our power users and our new release has all the features our clients have requested. Advanced Options no longer clutter the screen, but they are only a click away.
Once you customize the policy for a new message you have the option of saving it as a new policy and simply reusing it later (instead of always going through all the settings).
Regardless of the industry or the role we spoke to, our clients stressed that one-size-fits-all approach simply doesn’t work. While all appreciate and understand that there is a security policy requiring encryption of sensitive data, the pain point for everyone is the notification system: We all have to comply with the encryption policy, but we’d all like more flexibility with how we’re notified about our encrypted messages. Simply put, it can depend on the content, the urgency, the concern for how the message is shared with 3rd parties, and even on who is being contacted. As one office manager told us:
“When I’m sending a letter to our attorney or CPA, I need to know the moment they got it. But when I send out 300+ lab reports, I really don’t want to get 600 notification emails. I wish I could manage how chatty the service is for each situation”
Now you can – just save the new policy and reuse it as often as needed.
Important thing is, everyone stays secure using the default organizational encryption policy. New users don’t need to be trained or taught every single setting, they can just rely on the corporate policy that assures they don’t make mistakes.
Tracking Encrypted Messages
One of the biggest additions to Corporate Encryption is the Activity Report. As our users consistently put it: “Encryption is half about protecting the content and half about making sure it got to the recipient”
Tracking receipt of messages using encryption solutions is generally about searching through tons of email notifications: finding a specific message and what happened to it is an analytical process. We fixed that, for power users and occasional users alike.
If you’re constantly sending encryption messages, tracking them becomes simple using our encryption portal that is accessible from any PC or mobile device. Simply login at https://encryption.exchangedefender.com (branded URLs coming soon) and click on the Activity tab. Here you can locate a specific message and see every activity related to it.
If you’re after a report, you can also use our powerful filtering to select the right action, date range, and contents – then just export it to PDF, Excel, CSV or just print out the web page and you’re done.
If you are not a power user, but send a lot of encrypted messages, we’re making your life simpler as well. Instead of getting an email every time something happens, you will now get a weekly email report showing you all of the messages you sent and what got delivered, read, printed, forwarded, etc.
Simple. Encrypted. Reported.
ExchangeDefender’s new Corporate Encryption is all about giving organizations better control over their sensitive information. For many business purposes surrounding security and data leakage, ExchangeDefender’s powerful encryption policies, lexicons, pattern recognition, and support for hundreds of regulatory standards will help keep you safe.
ExchangeDefender is about more than just safe, we’re about safety and productivity. Our new UI will make sending confidential information faster and simpler. Our new policies will make custom notification templates and message control effortless. Our ability to make an encryption platform that fits the way you run your business, be it email or a shared URL or even an SMS message — that future is now.
ExchangeDefender Encryption is getting it’s second massive upgrade of 2020 – not just because it’s our most popular new product, but because more and more of our clients are starting to leverage it to solve old business communications problems more securely. This is a feature packed upgrade, heavily focused on automation, branding, encryption policies, long term message archiving, and most of all productivity updates.
We have listened to our clients and their challenges in the Covid-19 business interruption era and found that the biggest need is in the area of business productivity. It is no secret that almost all the compliance and encryption services were designed specifically for FINRA, SOX, PCI, and other popular regulatory standards. But what we’ve found out is that most of encrypted email traffic is actually focused on descretely and securely delivering lots of messages as a matter of business process.
It’s the modern version of a notary service, and it must fit the way people interact with email. When it doesn’t, when it’s clunky, when it’s slow, when it requires too many clicks, when it’s authentication is antiquated, when it is too restrictive – ultimately, when it’s not convenient people will not use it. That introduces inefficiency and lowered security standards.When we updated the ExchangeDefender Encryption in April of 2020, we focused on the user experience. We have kicked that up several notches, all based on the client feedback.
Encryption 2020 2.0
Live on Tuesday, September 29th at noon EST
We can’t wait to show it to you.
Features not available from anyone else in the industry.
Please take a moment to come see it. Due to popular demand, I’ll hit all the highlights in the first 15 minutes, and then go into full detail about what this can do. We’ll also be offering free trials and NFR during the event. Because this service doesn’t require the mail flow to go through us (no MX record or hosting/provider changes) it’s super quick and easy to deploy and requires no technical expertise to manage.
We’ve had a very busy summer, working on all sorts of features that are helping our clients and partners run a more profitable & predictable business. All of these new features will be available through ExchangeDefender as well as Wrkoo shortly.
This post is unfortunately not about one of those features. During the implementation of full automation for service subscriptions, terminations, and billing we found several partners that were committing outright financial fraud against us. This has caused us to revise our billing process and policies so that we can continue to provide a service that is both affordable and profitable for everyone.
In 2019, we’ve spent an average of ~62 hours per month dealing with delinquent accounts.
Delinquent accounts are those that do not pay their bills by the 5th of the month. By our policy every account that does not pay their invoice in full on the 1st has a ticket generated and assigned to the Billing Contact for the company. We then follow up with an email and a phone call to the billing contact. We understand that business can be difficult and unpredictable (credit cards get compromised, it’s hard to track expirations with all the vendors, some clients pay slow, etc) and we go out of our way to make sure the business is aware of an unpaid invoice. Invoices that are not paid by the 5th (after we’ve contacted the billing contact every possible way) are charged a late fee. If the invoice is still not paid we continue to make the best effort, and if it’s still not paid after the 15th the service is disconnected.
Delinquent Account Handling
If you were seriously late paying an invoice more than twice in 2020, your account will be flagged as delinquent. If any of the future invoices are unpaid by the 5th, you will be asked to provide a secondary funding source:
If neither funding source can be charged by EOD on the 3rd (after tickets have been opened and emails sent), the services will be suspended.We are hoping that this automation helps our partners and clients avoid service interruptions and late fees.
Due to popular demand, we’ve added some new Distribution Group features to our Exchange/M365 Service Manager. The features are all about external (mail enabled) contacts that have a huge presence in the SMB/consulting organizations:
External Contacts or Mail Enabled Contacts are great when you need to give a person an email address on your domain without giving them their own mailbox. This is a very popular feature in SMB/consulting community when it comes to contractors and third parties that already have their own email infrastructure but for compliance (or vanity) purposes they need an email on your domain.
External Contacts allow you to assign an email address on your domain (email@example.com) and automatically forward all their mail to their existing email address (firstname.lastname@example.org).
Not only does this feature help save money on licensing costs, it also eliminates the need for the person to setup another account and check mail at a new place.
The upgrade we’re announcing today has to do with External or Mail Enabled contacts as a part of a Distribution Group (Exchange term for “mailing list”): You can now add external email addresses to any internal/external distribution group from the Service Manager at https://support.ownwebnow.com. Now when you try to create or modify a distribution group, your “Add a new member” screen will show your defined external contacts as well!
This is one of the most demanded features in Service Manager, and we hope it serves your business well!
But her (external) emails!
Unfortunately for some, the Internet standards still apply and most service providers are rapidly removing features that have anything to do with external mail forwarding. This is mainly due to rise of SMTP authentication/authorization protocols like SPF, DomanKeys (DKIM) that do not work with the way mail enabled external contacts are implemented in Microsoft Exchange and other email servers. When the mail is being forwarded to the external contact, the From line remains intact so that the recipient can identify the person sending the email (for example, email@example.com). But when the message is forwarded to the external contact, the receiving server will look at the from line and see that the message is from a domain hosted on Gmail but sent from the ExchangeDefender address space (that is obviously not a part of Google Gmail SPF/DKIM record) and depending on configuration might consider that message to be a forgery/spoof/SPAM.
This isn’t an ExchangeDefender issue, or a Microsoft issue, or a Gmail issue, it’s a part of the protocol specification. And while everyone else is making this feature go away (because it can affect server reputation), we’re working on rewriting/improving it. We are currently working on a feature that will rewrite the From line, so when Exchange forwards an email “From: Vlad Mazek <firstname.lastname@example.org>” to an external contact, the recipient will get an email that shows this on the from line: “From: Vlad Mazek <email@example.com>” that will help bypass SPF/DKIM checks on the receiving side.
ExchangeDefender has always tried to help our partners when it comes to billing management. Perhaps you’ve noticed that no matter when you sign up for the service during the month you are not charged. Not even a prorated amount.
The terms of service do require a 30 day notice, but we understand that sometimes our IT partners are too busy to remember to cancel stuff. As we’ve grown over the years, it’s become necessary to lock down our subscription management a few days before the billing cycle that runs on the 1st. Inevitably someone forgets or waits till the last moment and opens a ticket nearly at midnight making for an awkward pointing to terms of service. Worse, some partners make their staff wait till the last of the month to manage cancellations and adjustments, which stresses everyone out unnecessarily.
So we’ve got a solution. When you come to delete / cancel the service you will be given the option of selecting a cancellation date. This allows our partners to have the service scheduled for automatic deletion so you don’t have to worry or wait until the end of the month. Now that this bit is automated, our team will no longer accept cancellations of services unless they are made through the Service Manager
It’s been a year since we launched the ExchangeDefender Automatic Enrollment feature and it recently got a major upgrade to function with our new cloud infrastructure. This is our favorite way to enroll ExchangeDefender users for two reasons: it’s the simplest and the most seamless way to onboard new users.
When ExchangeDefender detects a new email, it will put it in the enrollment process which consists of the following:
– Creating an ExchangeDefender account and supporting service accounts
– Applying existing policy defaults for the organization
– Creating LiveArchive account and routing policy
– Updating administrative and licensing systems
– Generating a welcome email
On the service provider side, there is a full and searchable log of all account enrollments so everyone is kept in the loop in real-time.
As for the user experience, everything is branded and automatically taken care of. When they send an email to any external email, their address will be provisioned within 1 hour and they’ll get the following email inviting them to get started. Even if they ignore it, the ExchangeDefender auto attendant will automatically apply all the domain/organization specific policies for them automatically. And of course, if something on your network is sending email by mistake you can just block it and you won’t be billed for it.
There is a lot of work and testing currently being done on several Microsoft integrations (Azure Directory sync, Outlook/OWA addin) but more on that during our August webinar. We are also doing some very interesting integrations on the Enterprise side, and some of those features may appeal to our MSP partners (although some may be cost / infrastructure prohibitive). For example, we have a client who required accounts to be approved before they could be auto-created (even though they were synced through our Azure integration) and we were able to enable them to do that. If you’ve got feature ideas we’d love to hear them, but there is a lot we can also build with our partners.
At ExchangeDefender we get an over-sized serving of “weird email problems” on a daily basis, and keeping the client up and running and email flowing securely is our first priority. Trouble is, some of the issues our clients face can’t be easily replicated because they often involve a complex setup or a device that we do not have control over, naturally leaving the paying client in a position to make us prove that we aren’t causing the problem. And the customer is always right.
Today we are announcing a new service, included with ExchangeDefender Pro, that will help improve monitoring, problem detection, recovery, and diagnostics for email problems that fall in the weird category. By simulating real-world email traffic we can match up our timestamps, headers, diagnostics logs, and identify problems and their cause in real-time. Our email diagnostics service can be scheduled with preset intervals, message specifications, test parameters and more to help detect a problem with the mailbox or mail routing in general.
What kind of tests can we run? Here are a few of the top used cases:
– Email sometimes experiences a delay
– None of the emails with attachments sync with the mobile device
– Messages aren’t consistently signed with DKIM
– Messages to/from different sources cause a delay
– Messages “arrive all at once” or “never at all from 9PM to 11PM”
In the two months that we’ve been testing this new service, we have yet to find a problem that can either not be identified by this tool or that we cannot fix very quickly. This system can detect issues within the ExchangeDefender cloud, as well as any other email infrastructure out there (Office/Microsoft 365, Gmail, etc). This feature is a part of a much larger set of security enhancements we’ve been developing/testing, and would welcome any feedback and suggestions.
If you have found an issue that is causing a problem for the client, please let us know by opening a ticket. From there we can simulate the sort of traffic that is not reaching their mailbox correctly and give you tons of samples that will help identify exactly where the issue likely is.
To get started, open a ticket with “Email Diagnostics Request” and the type of problem you’re trying to solve and we’ll get right on it. This service is a part of a more elaborate mail testing package we are currently building to assure all our clients are properly setup, properly locked down, and ensure any issues are detected and addressed before they impact productivity.