ExchangeDefender Blog

ExchangeDefender introduces bypass email addresses

Every now and then you will need to receive an email from someone that is on a compromised/spam network, or you’ll have to get an attachment that is blocked by corporate policy, or a domain with misconfigured SPF/DKIM domain – we see it every day and it’s incredibly frustrating for the users. On one hand, you have to adhere to the company IT policy but you also have to get the work done and many resort to using free mail systems that shouldn’t be allowed on corporate networks under any circumstance.

Or maybe you’re just signing up for something online and don’t want to deal with the SPAM that will probably come with it. 

A Disposable Email Address

ExchangeDefender is pleased to announce disposable email addresses. They are free, simple to setup, mask your real email address, and they bypass all security policies.

Free

You can setup as many disposable addresses as you wish, they can be created and deleted at any time.

Simple

Just go to https://admin.exchangedefender.com, login and click on Bypass Addresses

Private

Bypass Addresses mask your entire address and domain (unlike less secure systems that just append + or . to the real address, that is easy to strip and spam) 

Bypass

Mail sent to bypass addresses isn’t checked for SPF, DKIM, spam content, infections, GeoIP, or other typical security restrictions.

Secure

Each email subject is modified to start with [WARNING! | BYPASS.XD External Message] so you don’t inadvertently open an email you were not expecting.


How to get started

Bypass Addresses are available to all ExchangeDefender Pro clients at https://admin.exchangedefender.com

Simply login with your credentials for ExchangeDefender Admin portal, select “Bypass Addresses” under My Account, and click on the ” + Add New” button.

That’s it. The system will generate a random disposable email address and any mail delivered to it will automatically be passed on to the real address you select. It takes less than a minute for it to go live! 

Once you’re gotten the email you’re expecting, you can return to the admin portal and delete the address. If you’ve created an email address for an e-commerce site or something that will likely generate a lot of SPAM, you can deactivate the email address and mail sent to it will not be delivered to your inbox. If at some point in the future you need to get email at that address again (forgotten password, two factor authentication, etc) your address is permanently attached to your account and can be reactivated in less than one minute.

03/31/20 ExchangeDefender Solutions Redefined Webinar Highlights

Our team at ExchangeDefender has been putting insane hours to launch massive upgrades to the ExchangeDefender products and services you enjoy today. As mentioned in the previous webinars, big upgrades to all our core products are coming as is the ability to subscribe to them without relying on us for email. Our file sharing platform is getting a massive boost, our business continuity email resilience platform will help you cut Office 365 spending by up to 85%, we have decoupled Email Encryption from ExchangeDefender, and we even have a huge Wrkoo surprise to share as well.

Webinar – ExchangeDefender Solutions Redefined

In case you missed it, the main highlights of the webinar were:

UI upgrades

The new responsive UI is live across 85% of our applications to include the Wrkoo model. Compliance Archive will be updated soon.

A-la-carte ExchangeDefender Solutions

We are Offering individual ExchangeDefender apps without email.

Quickly roll out services and add ons – no migrations.

Available individually as Encryption, Compliance Archiving, Web File Server, and LiveArchive.

Professional services and solutions that are in heavy demand: Live Archive, Corporate Encryption, Web File Server, Compliance Archiving

Wrkoo – Small Business Management Platform (B2B)

Wrkoo is free – for now. All new UI makes transition between ExchangeDefender and Wrkoo seamless. Full, rich, responsive interface across desktop & mobile (no apps!)

Introduction to Service Bundle Options

ExchangeDefender introduced our brand new service bundle options to partners that focus on solving the IT challenges that real small businesses face.

The sneak peak showcased the following service bundles for Email Security, Email Compliance, and a full Enterprise Suite.


COVID-19 Update:
04/01/20
ExchangeDefender is OPEN from 8am to 6pm, (Monday – Friday) until further notice. We are all working from home, all is well and our response times for service requests are normal.

Our Special Offer to Partners:
Wrkoo PRO – a B2B small business management system is free! Due to the current health crisis, business disruptions are high and we would like to offer our partners the ability to manage their clients, and their employees using our cloud platform. Sign up here: www.wrkoo.com/sign-up

Employees are suddenly finding themselves working remotely due to the current health crisis of the Coronavirus that is sweeping nations across the globe.

As we protect thousands of businesses from the drastic uptick of phishing emails and ransomware attacks claiming they are from verified sources, we have noticed new tactics that hackers are using to fraud employees working from home.

Here are our top 3 cybersecurity implications of working from home:

  1. The lack of authentication and authorization

    There is an increased need for two-factor authentication, monitoring access controls and creating strong passwords. Managed Service Providers should encourage their clients and end users to add additional security safeguards.

    We recommend changing your password every 90 days, and enabling OTP/2FA to improve your account security.  To manage this for ExchangeDefender, view user guide.

  2. Increased risk to cyber attacks

    There’s an increase risk to attacks like phishing and malware, especially since employees will now likely receive an unprecedented amount of emails and online requests.

    ExchangeDefender Phishing Firewall (EPF) automatically secures inbound mail by rewriting HTML links so they are forced through our firewall when you click on them in Outlook, Gmail, or any web-enabled email application.

    To add a new web site to the Whitelist or Blacklist click on the + Add New button in your ExchangeDefender Admin portal. To learn how to manage this setting, click here!

  3. Unsecured BYOD (Bring your own device)

    Remote working can successfully widen an organization’s attack surface. Mainly due to employees who use their own devices for work can introduce new platforms and operating systems that require their own dedicated support and security. As a result of so many devices being used, it’s likely that at least some will fall through the security cracks.

    ExchangeDefender Pro offers users a VPN server to connect to in a secure manner no matter where they go. Public Wifi hotspots tend to have questionable security at best and can be used to compromise a device that is connecting blindly across the Internet. Connecting your phone automatically to a VPN can assure that email access (and all the confidential data in the email) can never be snooped on. 

Webinar Announcement: ExchangeDefender solutions will soon be available “a la carte” to clients. Attend our webinar on Tuesday, March 31st at 12:00 PM EST. Register Now!

Dear ExchangeDefender Clients, 

As you’ve come to expect from us over more than two decades, we’re open and ready to serve you 24/7. If there is anything we can do for you, please let us know at https://support.ownwebnow.com or just call us at 877-546-0316.

Our Orlando Headquarters has been closed to public since Thursday, March 19th. There is a county-wide curfew in effect starting tonight so we will not be accommodating visitors until further notice. Our data centers will also have restrictions on remote visits.

If you need any troubleshooting or maintenance related to your equipment, we will do our best to assist you, but physical access to assets will not be allowed until further notice.

While we regret that this inconveniences everyone involved, we want to assure you that we’ve got your back during this uncertain time. As Floridians we are accustomed to working remotely and we look forward to being as helpful as we possibly can be.

Please be safe and stay healthy, to keep current on our updates, please follow us on:

FACEBOOK
BLOG


In other news, we have an upcoming webinar “ExchangeDefender Solutions Redefined” approaching on Tuesday, March 31st at 12:00 PM. Please join us to learn more about the new changes and expansions in our service portfolio. Register, click here.

Take a look at what we’ve been able to beta test over the past few weeks! The brand new version of ExchangeDefender’s ridiculously popular Web File Server (WFS) is launching in March and we wanted to give you a sneak peak:

ExchangeDefender Announces Web File Server Upgrade

Yup, we have our new UI running on it which will allow it to seamlessly integrate with ExchangeDefender email security services, Wrkoo business productivity products, and something else we’re not allowed to discuss yet. But in terms of a “smart” file server, it gives organizations unprecedented amounts of security controls for content sharing, revision control, and ability to be productive with access to everything no matter where you are and what device you’re using.

New WFS features were just released from Beta this week.

Vlad hinted at some of the more exciting changes that are coming up to WFS during the last webinar –  the ability to purchase WFS without signing up users for ExchangeDefender, better branding and customization features, reporting, compliance, sync to cheap cloud services for backup, and much more.

But the most exciting feature has just left beta and we’re looking for clients that want to test the first production builds. We will be announcing it during the March webinar, but if you currently have a WFS client that has an extensive Personal Library please open a ticket with our team and ask for preview access.


To learn more about ExchangeDefender’s Web File Server, click here!

ExchangeDefender Password Vault is an affordable password management system.

Small businesses are the target of most cyber-attacks due to lack of security protocols. In 2019, an estimated 80 percent of all confirmed data breaches occurred due to weak, stolen, or default passwords.

A password manager is a security tool.

A password manager is a centralized system that helps organizations store and manage logins and passwords that are critical to their business. The credentials entered into the password manager is stored with the highest form of encryption (military grade) to ensure top level security.

Yes, they are safe to use for business.

Yes! Top tier password managers are completely safe and can be trusted to protect your organization’s account logins. The best quality services make sure that your passwords are encrypted with AES-256 algorithm, which is U.S government approved.


And No, don’t worry – the folks working behind these password managers DO NOT have access to your credentials, it is encrypted on both ends.

All great password managers must have these top features.

An enterprise-grade password manager must be able to do the following, securely:

Offer Secure Password Storage
Passwords are encrypted with AES-256 algorithm, U.S government approved.

Provide Centralized Control
Store and organize all of your secured identities in an ultra-secure web interface

Enable Secure Password Sharing
Share passwords securely while maintaining the security of critical corporate data

Access from Anywhere
Access to the web interface must be available from any wifi-enabled device

3 reasons why a password manager is a must-have:

To Control Access to Your Critical Data

SMB struggle to manage password vulnerabilities meanwhile password reuse, and password sharing is on the rise.

To Make up for the Lack of Password Management Training

Most SMBs do not offer their employees password management training for the workplace.

To Reduce the Risk of Human Error

According to recent TechRadar reports, 90% of data breaches are caused by human error.

We have the right solution, meet Password Vault.

ExchangeDefender Password Vault helps organizations securely manage logins and passwords. Password Vault makes generating, storing, and sharing passwords easy and safe.

Top Benefits include:

Eliminating Password Fatigue
Eliminates the need to memorize multiple passwords by deploying a password manager for secure storage.

Centralized Web Access
The password management dashboard is available anytime, anywhere with a WIFI-enabled device.

Password Control
Control access to admin passwords, securely share passwords with your team on a need-basis.

Managed by IT Experts
Password Vault is managed by ExchangeDefender, a cyber security firm with 20 years of active IT experience.

>> See full features

Every password used for your business is an entry way for a cyber-attack. A secure password management system makes it easy to secure all of your credentials in one powerful online interface. ExchangeDefender’s Password Vault offers small organizations an affordable smart password storage system, the ability to share passwords securely with co-workers, and so much more!


You can setup a password vault, company-wide in just minutes.

Corporate Email Encryption for Business

Sure, there are plenty of reasons to use Encryption to protect your sensitive data – but there are three key factors, that all organizations share in common. The current state of cyber security woes for businesses presents itself as a harsh fact: 88% of companies suffer a data breach due to non-encrypted emails with sensitive information being hacked.

So, what are the key drivers that persuade organizations to take encryption seriously?


1 – To comply with data security regulations and requirements

Organizations must comply, by using the proper security and storage protocols, with U.S and E.U regulations in order to be considered (legally) in good-standing.


2 – To protect intellectual property of the business  

Trade secrets are a real deal, and are highly sought after by hackers for ransom and blackmail which often results in bankruptcy of the company due to lack of money and trust from customers.


3 – To protect customer information

Protecting customers and their personal information is at the forefront of security concerns for business. The rise of data breaches within the U.S shows that implementing stronger security protocols is vital to business continuity.

Our Solution: ExchangeDefender Corporate Encryption

For the modern workplace, all types of business communications are done via email, and now data exposure has turned into a problem of great magnitude. With just a single wrong-click, an employee could unintentionally expose secret company information, financial statements, contracts etc. In order for organizations to thrive on business continuity, they must protect their data by enabling an email encryption solution.

ExchangeDefender Encryption enables organizations to securely send, receive, and manage confidential email, providing an easy, seamless way to implement content protection.

Powered by ExchangeDefender, Corporate Encryption complies with the SOX, HIPAA, SEC and local government requirements for information encryption. It also integrates easily with our email hosting solution, and is compatible with all major email service providers – including Office 365, on-premise Exchange, and G-Suite for Business.

What types of Encryption do we use?

ExchangeDefender Corporate Encryption involves multiple systems to encrypt the message contents and notifications generated by the system.

Channel Encryption

ExchangeDefender uses SSL/TLS encryption of the SMTP communication between the client’s email server and the ExchangeDefender network. All traffic is automatically encrypted using the same level of security that is used with online shopping, banking, etc.

Managed Web Encryption

ExchangeDefender web servers are encrypted using commercial SSL certificates. Client configuration, email review, message retrieval and all services provided through ExchangeDefender websites are automatically encrypted and cannot be accessed through a plain-text process that bypasses encryption.

Data Encryption

ExchangeDefender web servers, email servers, and routing hubs secure all client data through multiple layers of security including:

Complex account and login restrictions

Remote access restricted to ExchangeDefender NOC IP address space

All remote access sessions are recorded and authenticated

Administrators do not have access to client message data or configuration information

Keep business data safe with Encrypton

To protect your organization from data breaches, email encryption should be used as a preventative measure against tomorrow’s hackers. ExchangeDefender’s Email Encryption solution involves encrypting, or disguising email contents in order to protect sensitive company information from being read by unauthorized personnel. Our system is entirely transparent with no software to install, or manage on either end.


Explore full Corporate Encryption features
Protect your business communications for less than $5 a month*

ExchangeDefender Real Time Blacklist Process Change Report

Change Synopsis:

ExchangeDefender has changed how our inbound nodes will handle emails delivered to our server when the sending server is on a Real Time Blacklist (RBL). Previously, RBL listings would cause emails to be rejected and not able to be delivered to the recipient (even if requested). Now, when a server is listed on a public RBL, the message will score high enough to classify as SURE SPAM instead of rejected back to the sender.

Changes to how ExchangeDefender handles Real Time Blacklisting (RBL) of the senders server will be visible to both the and MSP Customers.

Customer:

Customers with STORE / QUARANTINE see a dramatic increase of items in the SURE SPAM quarantine, including email quarantine reports.

Customers with TAG AND DELIVER will see a dramatic increase of sure spam items delivered to their inbox.

MSP:

MSPs will have two settings to control how RBL listings are handled with regards to matching whitelist rules. By default, whitelisted senders will override the RBL listing and will allow the scanner to ignore the RBL entry. MSPs will have an option within the domain’s phishing configuration with regards to handling whitelisted senders who wind up on an RBL.


The full migration to Exchange 2016 has proved to be extremely challenging, but with much success we are managing to move ALL of our clients hosted with us to the new platform.

New changes have occurred to our Service Manager to best compliment the new migration. Below, you’ll find explanations and screenshots of what you’ll be seeing from now on.

You can access your service manager inside our support portal via support.ownwebnow.com

Service Manager (Exchange 2016)
  1. Clients must select the organization they would like to manage
  2. Once they select the organization, the list with all the domains mailboxes and distribution groups under that organization will be updated below
  3. It is possible to search for specific accounts or filter by domain

Navigating the Create button.

If you click the + Create button, a list with options will be displayed:

  • New organization
  • New mailbox
  • New domain

If you click on create organization, a pop-up window will be displayed where you would have to type the name of the organization and add as many domains as they need at once.

How to: Create a new organization

If you click on new mailbox, a pop-up window will be displayed where you would have to select the domain and then type all the information for each one of the mailboxes.

How to: Create a new mailbox (Exchange 2016)
Creating multiple domains has the same process as “new domain” (above)

Updates are as followed:

  • The list of accounts is now grouping the records by domain, and sorting them by the display name in ascending order, that way it makes it easier to find accounts when you have a lot.
  • From there you can change the password of multiple accounts at a time, create a distribution group based on your selection or add the accounts selected to existing distribution groups
  • You can also delete accounts

If you click on Manage, another view will be displayed with the information of the account selected. From there they can:

  • Update the information of their account
  • Reset their password
  • Create a forward rule
  • Add aliases
  • Configure their protocols
  • Add permission rules

From there, if they want to create new aliases they just have to click on the button +Add alias

How to: add an email alias

To add an alias they will have to pick a domain, and type the local part of the email (local part of the email is everything before the @) and the alias automatically will be displayed in the table .

To update their protocols they just have to click on the switches to turn them on/off and click on save.

How to: update your protocols

The permissions work pretty much the same way as aliases, with the exception that you have more options.

To add permissions, you must select the type of the permissions you would like to grant and the account (only accounts under your organization will be displayed that do not have a permission rule created for the same mailbox, that way there are no repeated permission rules for the same pair of mailboxes)

How to: Add new permissions

IMPORTANT CHANGES THAT COULD AFFECT THE USER’S EXPERIENCE:

  • In Hosted Legacy, you could create Distribution Groups with no members and add the members later. In Exchange 2016, there cannot be empty Distribution Groups, so the only way to create groups now is checking the boxes of multiple accounts (mailboxes), and clicking on the button “Create new group”.
  • In Hosted Legacy, there were no such thing as an “Organization”, in Exchange 2016 organizations were implemented to give our MSPs a way to group different entities like Domains, Mailboxes, Distribution Groups, etc under the same “Client’s structure” (organization), that way it will be for them to manage their clients since they have everything for each one of them in the same place.
  • In Exchange 2016 you can create three types of mailboxes: Regular, Shared or Room (an explanation of each will be provided later).

ExchangeDefender Corporate Email Archiving is reliable, and affordable.

The age of information has certainly changed the way in which people from around the world interact and communicate with one another.  Businesses have been the hardest hit in trying to store and manage email communications that are critical to their organization.

A shocking 300+ billion emails are sent per day, with the average office employee receiving a shocking 130+ emails every day. The daily number continues to climb, so the question is: What can organizations do to successfully manage all of this data?

The Answer: Email Archiving for Business

Email Archiving solutions provide a systematic approach to storing email communications, both inbound and outbound email. ExchangeDefender Email Archiving provides encrypted, long-term storage, and email recovery. The solution also helps businesses achieve email compliance which requires organizations to be accountable and transparent by using a proper storage solution for their messages.

10 Reasons to get Email Archiving for your organization today!

1 – Immediate access all emails ever sent and received

2 – Automatic backup of all email communication

3 – Automatic backup of all contacts, calendar items, and other relevant data

4 – Achieve regulatory email compliance for HIPAA, GDPR, SOX, SEC and more

5 – Fast eDiscovery – speedy access to all emails to adhere to requests of information quickly

6 – Corporate email policy – Implementation and Monitoring

7 – Infinite storage of all email communications for 10 years or more

8 – Employee oversight – customize policies that are available organizational-wide to restrict the deleting of critical information

9 – Knowledge management – have oversight of what was sent, by whom, and when.

10 – IT productivity – significantly reduce mail server storage issues, in turn reducing additional server costs

Quickly access information about employee and end user communications with a simple eDiscovery search that can search on average, 10,000 inboxes at once. ExchangeDefender’s Email Archiving system takes all of your emails and stores them in a safe place, multiple times for redundancy. Of course, it is still possible to delete an email, but copies of those emails will be kept within the archiving system, which offers additional space storage to enhance your server capacity.


Keep business emails securely stored, with tamper-proof email archiving. ExchangeDefender Email Archiving provides encrypted, long-term storage, and email recovery.

Learn more about ExchangeDefender’s Email Archiving solution here.