July 2019

ExchangeDefender Phishing Firewall continues to impress in terms of performance and user engagement – it’s catching dangerous content and keeping users safe from phishing attacks that often result in security compromises and breaches. Phishing accounts for over 90% of IT compromises, and as we’ve written before more than 1 out of 5 links our clients click on have lead them somewhere dangerous. With those numbers it’s clear to see why hackers are relying on phishing as the first and most effective form of attack – people will click on anything!!! And as intrusive as EPF seems to some (thank you for your feedback), our development team has been working overtime since the launch to make ExchangeDefender Phishing Firewall out of the way when it should be, and in your face when something dangerous shows up.

The goal of ExchangeDefender Phishing Firewall is to keep you safe from potentially dangerous sites and out of the way the rest of the time. You can keep up with our Dev fixes over at https://www.anythingdown.com and keep sending us your feedback. We love to hear it and we love improving the service so it can help keep you and your business safe. We also like to hear what you want us to add to the service that would make it more valuable. One such piece of feedback helped build a “Report Issue” feature:

If you click on something that you don’t recognize and you can’t tell what it is – DO NOT CLICK ON THE LINK – we are here for you. Our security concierge will open the link in an isolated virtual environment and see what kind of data is being sent back-and-forth. You will get a response, generally within minutes, with either a thumbs up or thumbs down. How cool is that?

Keep the suggestions coming, we love making ExchangeDefender Phishing Firewall the key part of your defense from phishing.

ExchangeDefender Phishing Firewall has had an outstanding first * X days * protecting our clients from phishing. While the roll-out of such a massive service is always going to be a challenge, we cannot be more thankful for our users and the relationship that has lead to tons of feedback, bug fixes, new features, and a meteoric rise in additional security that everyone enjoys.

Just as a reminder, ExchangeDefender Phishing Firewall is an always-on phishing protection for email and web. As someone emails you phishing content, in hopes that you’d click on it and give away credentials and download malware, ExchangeDefender both helps keep that email sanitized and quarantined so that it never gets to your Inbox to be clicked on. But that’s not a fool-proof process, nor is it realtime – a site that was safe when the email was sent could have just been hacked and dangerous content uploaded – but we’ve got you protected there too: when you click on any suspicious site in ExchangeDefender scanned messages you will be directed to our firewall site, instead of directly to the suspicious content. Once you’re there, you are further protected by your corporate policies, and you’re given additional information that helps you determine if the site is dangerous or not. Once you’re sure you can either whitelist or blacklist the site and you’ll never be interrupted again.

How cool is that? Well, it’s so cool that during just the first two (2) days of use, ExchangeDefender Phishing Firewall caught 770,000 clicks on suspicious sites that aren’t one of the top 5,000 Internet domains – and 164,000 requests proceeded to known dangerous stuff.
When you’re dealing with email and dangerous links, you need every bit of security and intelligence in your corner and ExchangeDefender Phishing Firewall delivers that:

It’s always on, always scanning your messages

There is nothing to configure, setup, install, or buy

It works on Outlook, Gmail, and any other email service

It protects you on your desktop, laptop, tablet, and anywhere else you click on links

It gives you a database of known dangerous/suspicious sites

It protects you by isolating patterns/data from ExchangeDefender’s reputation table

It secures you by leveraging data-sharing relationships we have with the worlds largest security vendors

It logs your activity so you can backtrack and identify dangerous activity

It gives your business ability to setup custom policies and block/allow access as needed

It gives you control over which sites to whitelist and blacklist so you’re not interrupted

It learns what you click on and how so you don’t have to manage a whitelist

Most importantly, it gives you access to our Chief Security Officer infrastructure where you can Report an Issue and have our team help evaluate a potentially dangerous link.

Not only are we doing everything to keep you safe and secure online, we’re literally available in person to assist when necessary. We know that every feature/block isn’t going to be loved by everyone, we know that every change can grind some folks the wrong way, we know that it’s not going to be perfect – but we’re in your corner, we’re here for you, and keep on sending us feedback so we can build this into a security service everyone loves as much as ExchangeDefender.

Thank you for your business and have a SAFE day on the Internets :slightly_smiling_face:

ExchangeDefender has assisted partners and clients with migrations from third party platforms onto our award winning platform. On July 31st 2019, we will schedule our last third party migration onto the ExchangeDefender network and will only support them under special projects going forward.

We’re sure this will disappoint some of our clients and partners that have hoped to bring their clients to our network, unfortunately this work is simply too expensive to deliver free of charge. Over the years we have given our prospects incentives – free licensing, free third party migration tools, free hosting, etc and we were able to do so on the back of deep expertise across other platforms.

But just as we continue to decommission our own older versions of Exchange clusters and third party email systems, the rest of the world is doing likewise. We feel like everyone that was truly interested in a smooth transition has made or scheduled that move already. Clients that have waited on 5+ year old infrastructure probably did so because of customized workflows, third party integrations, older versions of integrated software that doesn’t support Exchange 2016/19, etc. Keeping the immense staging, data transfer, and consulting resources on hand for legacy platforms is expensive and is needed as we roll out new features for ExchangeDefender. SplitMX, Multiroute and duplicate delivery will no longer be supported by ExchangeDefender, on our network or on Office365/Google/3rdparty.

We’ve been mentioning the sun-setting of this service since early 2018, and if we’ve missed anyone there are still 2-3 weeks during which we can swing almost anything over. Past that, we will offer migrations to ExchangeDefender as a part of our enterprise services contract.

Thank you for your business and we’ll continue working hard to keep you in love with ExchangeDefender. If you want to join the fun, let us know by August 1st, 2019.

Today we’re happy to announce the launch of ExchangeDefender Self Service portal. You can find the application at https://www.ExchangeDefender.com/ss

We’d like to thank our partners and support clients for helping us identify issues and tasks that come up with our platform frequently. These simple tasks often require opening up a ticket, placing a phone call, verifying identity, etc and we’ve decided to give our users the power to manage these issues on their own.

What can you do with ExchangeDefender SS?

Unlock a Hosted Exchange account

Request a PTR bypass because of broken DNS

Get a PIN for phone support

Reset an ExchangeDefender Encryption account

Some of these tasks require multiple steps, but we feel it is easier to address them as a user than to float it up the typical IT support channel. For example, let’s assume you cannot get into your account because it got locked out due to a DDoS or hack attempt. Well, the user already types in their email address and password all day long, it’s easier for them to unlock the account by going to the site than to open up a ticket, place a call, provide all the information, wait, wait, test, etc – and we’ve heard our users loud and clear: You want more control. ExchangeDefender SS gives you that control – and makes it easier to get things done without having to talk to anyone.

Of course, these issues can also be done through the same old fashioned phone and ticket support (and we’d be happy to help you at https://support.ownwebnow.com) – but honestly, this way is quicker and if our Feedback inbox is any indication – the users demand it. We look forward to adding more functionality and making common problems easier to solve, quickly and efficiently through Self Service Portals – so keep on sending us feedback (available at the bottom of every page) and your suggestions.

It is our pleasure to introduce you to the ExchangeDefender Phishing Firewall support services. While the launch of the XDPF has been rocky, we’ve received nothing but glowing reviews about it and the potential behind it to solve other email related issues (more on that in the webinar). Now that most of the dust is settled, we’re moving on to expanding this service to better serve and protect our users and the first feature out of the gate is the most obvious question a user would ask their IT/security person:

“Is this link safe to click on?”

Prior to ExchangeDefender Phishing Firewall deployment, nobody would even think of such a question. You clicked, and if you clicked on something malicious, boom you’re pwn3d. Now you’re presented with the link, the path, and you suddenly have a choice to make: “Do I trust this site?” – well, sometimes it’s hard to guess and we’re here to help. When you click on an HTML link, you will be taken to the ExchangeDefender Security Center and there will be a new yellow button there labeled “Report Issue”:

If you click on the yellow button you will be presented with a form to provide additional comments and contact information. After you provide the minimal required information, a service request will be sent to a human being at ExchangeDefender that will evaluate the link for you:

We will basically look at the link and the email data (sender, charset, SPAM data, reputation) as well as the link destination. The link will be opened in a virtual sandbox environment and we will look for any obvious payload that is automatically downloaded or data requested from the browser. We will then report back to you in an email within 24 hours and let you know what we found.

Obviously, we will also be using the same form for any support or issue management, basically setting up the ExchangeDefender Phishing Firewall as a managed, supported, and facilitated service end-to-end.

We will be discussing this feature in far more detail during the webinar on July 10th, 2019: https://register.gotowebinar.com/register/5418502553065819404 but in general terms this is a huge commitment to us that requires us to be available as a Security Officer whenever our clients need us. As a result of managing both the email and the web security incidents, we now have far more data and reputation information that can rely on to help secure our clients in near real-time. As it becomes harder and harder to know who to trust, businesses need security expertise and analysis provided on demand so they can get back to work – phishing is far too profitable and as the #1 attack vector leading to breaches and compromises, it is only going to get worse. With ExchangeDefender, you have a trusted partner that is there to help beyond just another automated security layer, our power is in the people.

Keeping up with ExchangeDefender subscriptions used to be relatively easy back in the day when everyone had their own server.. and while we still proudly support XDSync, the new usage scenarios and new platforms are making user management a chore for IT people and those in charge of reconciling billing alike.

Starting with July 2019, ExchangeDefender will automate the provisioning, billing, and enrollment of new users automatically.

How will it work? How ExchangeDefender will be monitoring outbound flow of mail from the organizations that are protected by ExchangeDefender. Whenever we encounter a new email address sending email, we will check the existing users table and if we find someone new we’ll start the enrollment process. It will work as follows:

(1) ExchangeDefender finds a new email address on a protected domain.

(2) ExchangeDefender creates a new account and provisions default domain security policy.

(3) ExchangeDefeneder sends the user a welcome email with an enrollment link.

(4) ExchangeDefender sends the domain administrator and CIO (or service provider) a notification.

That’s it, we’re keeping it that simple. And since you never get billed for ExchangeDefender accounts added in the middle of the month you can always correct any mistakes and lock down mailboxes that get created as a result of a security breach for example.

FAQ

Q: Will the bill for the new user be prorated?
A: We never bill during the partial month, so if you sign up a new user on the 14th, they will not be billed for the service for the part of the month.

Q: Will this automatically categorize printers, devices, etc?
A: Printers and smart devices are free if they are setup as an IoT device.

Q: What if this is just an alias on someone else’s account?
A: In ExchangeDefender, inbound aliases are free (terminated employees email addresses, vanity accounts, department or distribution groups, etc) as long as they are associated with another users account. If for some reason they both receive AND send mail, those accounts under our licensing model are indistinguishable from users and must be billed as such.

Q: Will I have the chance to review the new additions?
A: Yes, you will get an email from enrollment@exchangedefender.com when the account is added and remember, you will not be billed for it until the 1st of the month. So long as you delete the account more than 72 hours before the end of the month, it will not be billed.

Q: What will the user experience be like?
A: Identical to the way it is now. They will receive the same welcome email they would get if you manually added them at https://admin.exchangedefender.com

Q: So which address should they email to start the enrollment?
A: Any address you wish.

Q: How about automatically deleting accounts that aren’t being used? A: We are working on it. As we’re dealing with folks email (and compliance, encryption, archiving, contacts) automatic deletion is never a good idea but we realize that billing and account management is a pain. The way we’re currently designing it is with the expectation that the domain owner will set an inactive date in the portal. Any user that hasn’t sent email in the quarter or in a year (depending on policy) will automatically be removed from the active roster and you’ll be able to nuke them all through a review process.