June 2018

Have you been putting off offering or relying on Compliance Archiving to meet regulatory compliance requirements? If so, you’re among friends as most businesses tend to view it as a form of a backup until they receive a letter from a law firm. Recently we published a quick and informal techie-free post about business continuity and we wanted to do the same for archiving because the #1 thing that will keep you out of trouble is making sure your entire organization is on the same page.

With that in mind, here are three steps that your organization needs to follow to get started with Compliance Archiving:

  Step 1: Understand how your organization communicates

If you only knew what everyone did and what they had access to, things like security and compliance would be a non-issue. In the real world, organizations have a revolving door of staff, vendors, clients, laws, and projects that is constantly spinning. The notion that you can get something to manage it all, held together by IT staff and automation, is nothing short of a fantasy. Or rather, a nightmare, because you’ll get in trouble over one thing that was missed and went wrong not a million things that went right.
Our Compliance Archiving touches every message in your organization: doesn’t matter if it’s a message you sent to a client, a message you received from a vendor, or an interoffice email you sent to a coworker – we get them all. The important thing in step one is identifying the people and making sure that the way you communicate is set in stone: “We communicate with everyone through @ownwebnow.com email addresses, every ticket, every update, every inquiry, every quote, every bill pay – everything either comes from or is cc’d to an @ownwebnow.com address.”


  Step 2: Get a grip on your devices, apps, and processes

Convenience is the enemy of order. And if you’re going to run a business, you cannot have everyone do exactly what they want to do. Yes, Subway will make your sandwich any way you want them to, but if you walk in and order a key lime cheesecake you’re going to be hungry. Same method applies to all the devices, apps, processes, etc. The simplest, most common sense, most effortless thing to do is to just give everyone that works on your behalf an email address on your infrastructure and have them use that email for all company communications.
If they use something else, and for some reason you wish to permit that rule change in your business, request that everything is cc’d to a local shared mailbox where you can keep ownership of it. Don’t make a big deal out of it – we get our office beer and red solo cups from Costco – and believe me we don’t have a massive asset inventory tracking system around it with people signing off on stuff left and right. We just take a picture of the receipt/order form and email to a receipts@ address – done.

  Step 3: Get a regulatory compliance plan

The worst thing you can possibly do is start thinking about a plan when you’ve received a request for information or a legal hold. The good news is, step #3 is the simplest one because it’s just a matter of calling us at 877-546-0316 and talking to someone about implementing the Compliance Archiving solution. The complexity isn’t in the technology, it’s with the people and the constant sprawl of apps and devices that hold vital corporate information.

The great news about what we offer with our partners is that anything going in and out of your company can be screened, monitored, reported, and produced on demand or automatically for just a few bucks a month. The biggest challenge is knowing what to do – and you have to actually get started.

We look forward to serving you and making regulatory Compliance Archiving a breeze.

We live in interesting times when it comes to business email. The widespread abuse of email by hackers and spammers has always provided a cover for some rather shady email sending patterns used by small businesses. The rise of GDPR, CAN-SPAM, and other rules, regulations, and acts has built a financial incentive for regulators to go after businesses that violate the rules and small businesses are a sitting duck – too local and easy to track, too easy to report, and often very easy to fine.

imageEmail is quickly becoming a great source of revenue for enforcement agencies – and protecting businesses from themselves (your marketing department in particular) is a challenge so many small businesses need to get a grip on before excessive penalties threaten the very existence of the business that crosses the line even once. So congratulations MSPs, VARs and security professionals, now your SPAM and mail flow management isn’t only going to concern illegal/hacker abuse, you’re now going to be at odds with your clients and how their “unique business case scenario” that will likely get them fined out of business. Fun, right?

Management of all these new things is a subject of our upcoming webinar, next Wednesday, where we hope to give you some technical insight and practical business advice on how you can help businesses manage their email activity properly. Bring your techies and business/sales team in as well, as this affects both sides of the house. Or, you can just tell your clients not to SPAM out and hope they listen to you – my wallet thanks you in advance if you choose this route (sarcasm heavily implied).

Wed, Jun 27, 2018 12:00 PM – 1:00 PM EDT
Click here to register

To be clear, this is not another webinar about GDPR. At all. But you can use GDPR to inform your clients about the potential issues that are coming up. Big businesses and marketers are already facing the inevitable and I bet you that even with the onslaught of all the emails and notices you didn’t quite appreciate what those “notices” were meant to do in the first place. Inform you about GDPR and updated privacy policies, right? Wrong. They are being used to get you to opt back into messages that you accidentally got rolled up in the first place. And this is for things you knowingly entered into – think about how a typical small business gets it’s leads – from purchased lists to sweepstakes and raffles and “win a free lunch for your company” business card drops – all of that is about to become a nightmare for the IT department to manage and protect.

Or you could just see how we do it with Corporate Encryption and Compliance Archiving.

As we hinted before in our Outbound IoT announcement, there are some big enhancements coming to our ExchangeDefender outbound network. The job of getting the mail delivered over the Internet is more art than science and we are looking to put more resources behind this as encryption, compliance and GDPR take over. So today, I want to briefly walk you through our vision (roadmap to follow on this months webinar) of what we’re about to offer at scale.


The biggest obstacle to efficient email delivery are the actual users. I know it sucks to have a finger pointed back at you but truth is most of the delivery problems aren’t caused by connectivity, routing, or SPAM filtering software, they are caused by behavior and sending patterns of users. They fall into two categories: negligence and inappropriate email usage. Negligence comes in many forms but primarily lack of security (weak passwords, unpatched servers, compromised networks/accounts) leading to a SPAM outbreak from a domain that otherwise wouldn’t be sending SPAM. Inappropriate email usage comes from users knowingly abusing their personal email accounts to send large mail merge, mailing list, commercial SPAM sort of content. Yes, everyone has a justification and an excuse for behaving the way they do and we’re not here to judge that – but machines have 0 judgement and only work off “score” that is calculated by adding points to a total until a message has enough to qualify as SPAM. If you look like a spammer, the remote system isn’t going to care much that you aren’t. We can only address these through education and we’re committed to doing that at ExchangeDefender… but, we can do even better. And that’s our vision for our supported outbound network. 

We are currently working on consolidating our entire outbound network into a single outbound.exchangedefender.com – that means saying goodbye to –corp, –jr, –int, –misc and specialty email routing services we’ve written to help address unique business requirements of our users. Starting soon, the entire network will simply allow outbound mail for person-to-person communication regardless of the message format and contents (yes, you’ll be able to use out of office (OOF) notices and autoresponders again). For non person-to-person email, we’ll use outbound-auth for devices, services, etc. For marketing (newsletters) we’ll have one as well.

The big change will be in support and an active managed postmaster. This simply means that there will now be a monkey-in-the-middle facilitating, reporting and auditing outbound mail sending patterns to assure delivery and proper routing. Say Bob from Marketing decides to do a mail blast using his Outlook and attempts to hit 5,000 contacts. All but maybe 100-200 of those messages will actually make it through our network. Say your “Password1!” security credential was compromised and someone started using your Exchange login to run a SPAM campaign – that too isn’t getting out. And the support team that will be managing this flow will be the same one that will be helping you address mail problems immediately, not as a reaction 3 days later when your domain ends up on an RBL.

That and you’ll have additional intelligence embedded in outbound mail routing to assure delivery and start realtime conversations for things that are better handled in a chat vs. email. But sssssh that’s a secret for now. Everything else about this (and the new UI) is coming in this months webinar, I cannot encourage you enough to register for it, tune in live and ask questions:

New Features Webinar
Wed, Jun 27, 2018 12:00 PM – 1:00 PM EDT
Click here to register

We believe that the division of email flow – separating machine/service/device/non-person mail from person-to-person email will give us the unique ability to more precisely deliver messages over notices and also improve our ability to get around bulk filtering that plagues us just because of the way email is routed. Getting support in there, in realtime, will make the difference between an issue being handled directly and right away as opposed to dragging on for days and offering no assurance to the client or recipient where the message went. So not only will support and client relationships improve, so will our ability to embed more features into outbound mail that will make it more effective as opposed to leaving it at “best-effort”.

It’s crazy to look at the ExchangeDefender roadmap from last spring and see how well we’ve been able to integrate the vision for a fully supported communications platform for business into our existing security, compliance and encryption product suite. To be honest, this whole process started well over a year ago with our ExchangeDefender Migrations where we learned just how poorly organized and borderline mismanaged most corporate email handling has become. And all the tools that are on top of it – from Outlook to supplement chat platforms – are just making the mess bigger and compliance problem more complicated and expensive.

I’ve personally spent countless hours with my staff looking at tons of research, behavioral data, purchase patterns, market leaders (and which features people most demanded from them compared to which features they actually used the most) and that’s where we started building our new platform. And if you’ve attended any of my webinars for the past year or so, you’ve heard me repeatedly call on partners, MSPs, VARs, etc to focus on the messaging, compliance and security because that is where the money has been and will continue to be – and it won’t be something you’ll ever earn with a low end network admin hire (not to mention that we’re better and far more affordable than another body).


I am beyond thankful for all the feedback, input and suggestions (keep them coming, as brutally honest and direct as possible – no, we don’t expect you to be cheerful if/when we cause you support problems) that are pouring in as we start to expand this product. In terms of vision of what we’re building here:

A platform for secure, compliant and organized information management, sharing and collaboration.

If that sounds like a Dilbert cartoon too heavy on jargon, what I mean is that we’re launching a series of web sites, mobile apps, web applications and automation scripts that any organization out there can plug in their email into and start assigning, prioritizing, discovering and working on issues together. We’re not just talking about b2b or b2c email either, anything that generates an email notification or a social alert or an order receipt or booking confirmation or a tweet or a Facebook update – anything that impacts your business – will be more secure, better organized and have a clear chain of custody, deadline, track record and more.

This is not a one-off upgrade that we’re thankful to be done with, this is just a piece of the overall puzzle we have for our partners to help organizations get better organized. So please, stay in the loop, and most of all understand the game plan: we aren’t building this to amuse ourselves – what you see here will be your product in another month or two and you will be able to sell, implement, customize and manage. And that kind of work pays a lot better than hard drive swapping, OS reinstall and malware license renewals.

We hope you like it. And we hope that if you don’t like it, you tell us what you need. Either way, we won’t do this without you. #team


We’ve been getting incredible feedback since the launch of our new support portal but believe me when I say that this is just the preview of what we’ve got going on behind the scenes. As ExchangeDefender’s business model continues to shift towards security and compliance services (instead of just software/cloud) our ability to provide excellent service becomes the top goal organizationally. And it matters the most to you, our clients and partners, because we’re lifting the burden of support and platform management from you so we need to be able to provide support on a whole new level as a result of it.

On the bottom of all the new sections of the portal you will see a link that says [BETA] Give us feedback


Tap that link and tell us what you would like to see.

I cannot overstress the importance of us getting this right, not just for our own sake but for yours as well: support and assistance will start getting bundled and integrated into the very solutions we provide. This means that we will be using your brand, your logo, your site to deliver ExchangeDefender services on your behalf and that will include realtime communications with clients, employees, staff and anyone else with valid credentials. You will have full control over it all, along with analytics and reporting: we won’t do this without you is more than just a tagline on every webinar I’ve held in the past two years.

So please. Whatever you see, however minor, whatever idea you have, however major: I want to hear it. Developers won’t. I want us to continue providing an integrated cloud service end-to-end that continues to thrill customers instead of frustrating IT people. We’re changing the game here.