The new kid on the block – ExchangeDefender Inbox – has been running our client’s business continuity for over a year and it’s proven to be more efficient and popular than LiveArchive. Just log in to your account (https://admin.exchangedefender.com) or use passwordless login and click on Inbox. You’ll have the last two weeks of email waiting for you there and you can send/receive while your email server/mailbox/or whatever is down or under maintenance.
Longer Term Archiving
While Inbox will take care of our clients’ email needs when their email is having issues, many of you need long-term archiving. If LiveArchive was ever power-used it would be in the realm of data recovery after a disaster, cryptolocker, or other threat destroyed the client’s email infrastructure. For those of you who are aware of the risk, there will be a need for archiving to go way beyond two weeks – even years. This is what the new LiveArchive will start doing for you on January 1st, 2024!
First, let’s get ready for the retirement of the current LiveArchive – the service will shut off on December 31st, 2023 at which point all data including backups and configurations will be removed from our network. This means that if you wish to keep current LiveArchive contents the migration request must be put in as a ticket at our support site at https://support.exchangedefender.com. Simply open a ticket with the subject “LiveArchive Migration” and provide the domain names you wish to migrate and the S3/RDS login credentials by December 1st, 2023. As promised on the webinar, we are offering this migration free of charge to our clients and partners but you need to get in the line by December 1st and have your AWS S3/RDS or self-hosted setup completed.
Second, if you need any help with AWS S3/RDS or if you’d like assistance with deploying this solution in your home office or data center, we got you too. If you need help and get in touch with us by December 1st, we’ll take care of it for you. It’s super simple, takes about 5 minutes total, and is extensively documented – but we love our clients and if you want an extra pair of hands we can help you. After December 1st (and depending on availability) we will take care of the setup for a one-time fee of $499 for AWS or $999 for self-hosted.
Future of LiveArchive
We look forward to this middle tier that every organization that relies on email to run their business needs. For business continuity, Inbox will give you access to email anywhere, anytime. For backups and long-term retention across various clouds and storage options, LiveArchive will take care of archiving your data. For additional assurance and best-in-class storage that meets complex compliance and insurance requirements, ComplianceArchive is your eDiscovery and compliance archiving solution. Simply put no matter how critical email is to your organization we’ve got a solution that fits your problems and your budget.
The new LiveArchive will start doing for you on January 1st, 2024!
We would like to invite our clients, partners, and enterprise users to a closed beta of Project: Inbox – an affordable email solution that can be used as a standalone solution or in hybrid mode with M365 and G Suite.
If you are interested, please email email@example.com along with a domain name you will be using for the beta test.
Our CEO recently held a webinar explaining the strategy behind this new service and it has been evolving ever since based on market feedback. Simply put, there is a huge market for affordable mailboxes that still meet the high end security and business requirements like top of the line email security, SSO, IMAP/Outlook/Mobile access, and still use the same domain name as the more expensive Exchange or Gmail office suites.
For an overwhelming majority of users within larger organizations, email is an absolute necessity but the average cost of $150/year/employee is putting a strain on IT budgets. Furthermore, the projected slowdown in the economy will make our clients more cautious about their IT spending. Our models show a trend of more users being mobile-first (with remote work being mobile-only) and a growth of service-related mailboxes is creating an opportunity to help us improve our clients security while reducing their service bill.
If this sounds like a winning opportunity for your business or your clients we hope you’ll join us in building something new and awesome. Those that help us out will enjoy the service for free for a while but we have a limited number of spots depending on industry and seat count so if you’re even remotely interested please email us as soon as possible.
Recently, Cybernews reached out to ExchangeDefender CEO, Vlad Mazek to learn more about how we keep businesses safe from cyber-attacks using top of the line security solutions. The informative discussion centers around the topic of cybersecurity, and what that means for the modern business.
With the recent rise in phishing attacks, it is smart to double-check if it’s really your coworker that emailed you.
By now, it’s probably hard to find an Internet user who has never received emails from someone claiming to be a long-lost relative who wants to share their fortune. While the majority of us are familiar with this type of malware, phishing attacks shouldn’t be underestimated. Nowadays, when threat actors start to include more personal details, posing as coworkers or even bosses, staying vigilant is key.
To discuss the topic of cybersecurity and phishing prevention, we reached out to Vlad Mazek, the CEO of ExchangeDefender, a company eliminating email threats before they even reach your inbox.
ExchangeDefender has been providing various security solutions for more than 2 decades. What was your journey like throughout the years?
We originally started ExchangeDefender to improve the reliability of our Microsoft Exchange servers by offloading all the security tools to a more scalable infrastructure. Over the years we’ve expanded our security portfolio to protect other email servers, as well as deliver more secure ways to rely on common office tasks such as file sharing, collaboration, and compliance.
Can you tell us a little bit about what you do? What are the main problems you help solve?
We used to say “We kill SPAM for a living” and to this day we simply eliminate common threats that lead to security compromises and service outages by providing email encryption, long-term archiving & eDiscovery.
We make it easier to rely on email for secure and reliable communication; which we do by keeping potentially dangerous content away from your webmail, mailbox, desktop, or phone. Simply put, we make it easy to get things done more securely.
What technologies do you use to detect and stop threats in their tracks?
We primarily rely on our internal early warning system which tracks unusual activity from known threat actors. Because of our size and client base, we often have the luxury of being among the first to be targeted which helps us identify safe and unsafe developments before they go “viral”.
We also participate in many proprietary, open-source, and data/intel sharing projects that help raise the security profile of everyone involved.
How did the pandemic affect the cybersecurity landscape? Were there any new features added to your services?
Pandemic actually improved the security landscape for our clients because they suddenly had to shift to a remote work model which inherently came with more stringent security requirements and more awareness for security policies and secure collaboration.
We noticed a significant shift from traditional office communication methods to SMS/TXT and we moved quickly to make all of our services SMS-aware. Mobile phones have become a security identification token, a mobile presence device, and far too often a failover computer. That’s why we invested heavily in extending our services to meet our clients’ needs to go beyond just sending email messages.
What sectors (for example, financial, healthcare, etc.) do you think should put extra attention towards email security?
The best way to answer this question is to think like a hacker because for them it’s not personal, it’s business.
Organizations get compromised for one of two reasons:
- They have assets (data) that are valuable
- They have a reputation that is valuable
If you have a lot of valuable data or a trustworthy relationship with your clients, you’re a valuable target regardless of your industry. It would be difficult to hack a financial institution because they have dedicated IT and security teams, go through routine audits, and can respond to threats quickly. Compare that to a small CPA firm that uses standard tools and an antivirus bundle that came with their PC.
When it comes to cyber threats carried out via email, what are the most common ones?
Email is the most popular way to get cyber threats into an organization, according to a recent study over 90% of security compromises started with email and it has not changed significantly in the past few years: the #1 cyber threat is from spear phishing. Spear phishing is a practice of forging the identity of the sender and the look of the email to something the recipient would find trustworthy enough to click on. What has changed significantly is the end goal of spear phishing:
- Deployment of RAT (Remote Access Trojan) software
- Theft of PII (personally identifiable information)
- Theft of security credentials
This list actually flipped in the last two years mostly due to the sophistication of RAT software that can give an attacker access to the entire network instead of just a single PC or cloud account. The latest variants target UEFI bios which keep the threat in place even after you get rid of the infected hard drives. As these threats evolve, they also highlight other security issues on the network which makes them difficult to remove and require constant monitoring.
With so many teams working remotely nowadays, what are the best practices when it comes to secure file sharing?
The single most important recent advancement in overall IT security that really deserves wider adoption is the use of MFA/2FA/OTP: multi-factor authentication that requires secondary verification before accessing any sensitive system or information. Working remotely, outside of a managed network and access to IT staff, creates a new universe of security threats that should be mitigated by:
- Deploying & requiring MFA for access
- Deploying a more aggressive backup and imaging solution
- Controlling and reducing the attack surface (by limiting access only to required web sites & services)
Besides secure collaboration solutions, what other security measures do you think modern companies should invest in?
You are probably already spending too much on overlapping, redundant, and underutilized security solutions.
The best security investment you can make today is to get an audit of your existing security portfolio and its integration. Being secure doesn’t come simply from paying for a security software/service license – it has to be properly integrated, configured, and monitored in order to truly keep users away from dangerous content. Due to the chronic lack of security focus and the habit of deprioritizing security for the sake of end-user comfort, many organizations find themselves in a perilous situation with cyber insurance demands.
We are seeing organizations getting compromised not because they don’t have security solutions or adequate training but because they don’t take the time to properly and fully implement the security solutions they are already paying for. An overwhelming majority of ExchangeDefender subscribers rely on less than 30% of the security features they already pay for.
Can you give us a sneak peek into some of your future plans for ExchangeDefender?
Our biggest technical investment for 2022/2023 is to make it possible to access external content (email attachments, files, messages, sites & services) in a secure online sandbox environment where dangerous content wouldn’t even have a chance to reach the user’s desktop, phone, or network.
Our biggest investment is in the area of security audits and assessments. While there is always a shiny new tool or service that promises better security, our data indicates that it’s rarely the lack of a tool, and more often the lack of proper deployment and management of sensitive information that leads to a security compromise.
We’ve helped countless businesses that have been compromised over the years and it usually comes down to neglect of security processes combined with a lack of a plan to respond and recover from a hack. Our future plans are to help organizations change that scenario because cybersecurity isn’t something you buy, it’s something you do.
To celebrate the launch of our new small business service plans, we are currently offering 30-day free trials for any service. Interested in ExchangeDefender? Please visit www.exchangedefender.com/business to request your free trial today!
The importance of data security has catapulted to the forefront because of the fast-moving, unforeseen Covid-19. The pandemic caused most office workers to work from home for months, and required many organizations to build remote workflows. Remote working has offered prime opportunities for hackers to take advantage of unsecured data. The safety of confidential information in the remote workforce is becoming increasingly difficult to achieve without the proper security tools, (which most businesses lack).
ExchangeDefender Corporate Encryption is the perfect solution for organizations that need to secure their company data. Employees are able to encrypt emails simply, and share documents securely with Encryption. (Ask for a demo!)
Skilled Employee Shortage
Yes, we’re in the middle of a talent shortage. Businesses are experiencing a lack of skilled employees as the pandemic, and the Great Resignation movement continues to rage on. The IT department in many businesses are suffering, with 93% of employers reporting an overall skills gap. Staffing issues in IT are creating disruptions in other parts of the business as well – making increasing productivity a dream rather than reality.
There is an opportunity for MSPs to offer IT services that organizations are unable to fulfill inhouse due to staffing. Services like cybersecurity, data storage, encryption, and disaster recovery are in very high-demand since the beginning of the pandemic. Offering businesses services that are mission-critical, and that can guarantee work productivity or continuity is vital!
The COVID-19 crisis brought most businesses to a near stand-still causing major stress to business owners, and corporate CEOs alike. The future is uncertain, but what we can do is actively factor in future trends into our business growth goals. This means focusing on what the market needs (like providing solutions related to trends that are exploding), and on your customer base. The best data you have is from your current clients. Look for similarities, ask them questions along the way.
Cybersecurity threats increasing
Approximately 2,200 cyber attacks happen every day, which means every 40 seconds, a hacker gains unauthorized access to information. Company data has become one of the most valuable assets of a business. Data breaches continue to rise as hackers take advantage of vulnerabilities, particularly within the remote workforce. 68% of business leaders feel their cybersecurity risks are increasing.
The most common way of cyber-attack is through email, and every business is susceptible. 94% of malware is delivered by email, and about 50% of malicious attachments are Office files. The pandemic has brought in a new wave of cyber attacks with Phishing. In fact, 1 in 13 requests lead to malware – making it increasingly difficult to discern what is real, and what is not. Human error is driving data breaches, and organizations need to implement security measures to ensure the safety of their people and data. (Explore ExchangeDefender PRO)
Business Continuity / Disaster Recovery
When the COVID disaster first occurred, businesses realized that they did not have an active business continuity plan. This is a plan that details what to do in the event that a disaster, natural, or otherwise happens. We have experienced a significant increase in demand for email outage protection, archiving, and file sharing services. Businesses have the challenge of making sure they can still operate as usual despite disruption, or public health crisis. Organizations that take advantage of solutions that empower productivity from work or home will experience the least amount of interruption.
This summer has been hot for ExchangeDefender, like really hot. Yes, we do live in sunny Orlando, but we’re raving about our newest releases. We have been focusing on making processes easier for both our partners and our clients. “Keep it simple, stupid.”, has been our motto and we hope that our new releases are a reflection of that mantra. The uncertainty and added stress that the pandemic has caused, is what inspired us to look inside of our company, how we offer our services, and support.
We created a Desktop SPAM manager.
To be fair, we created a desktop application to manage your SPAM about ten years ago. We retired it, and decided that we needed to design a new and improved management system. The ExchangeDefender Desktop SPAM Manager is a multi-platform app that works well with Windows, Mac, and Linux. It is designed to provide users SPAM notifications. The manager lets you know when there is SPAM waiting, and allows users a secure way to access, read, reply, and forward messages. Interested in getting desktop notifications? Please open a ticket at https://support.exchangedefender.com, and we’ll send you a link!
We added Starter kits to our Marketing Collateral.
Did you know that we have a special section on our website for Marketing collateral? (www.exchangedefender.com/marketing) This page features a collection of sales support tools to help our partners sell ExchangeDefender services. We recently designed Starter Kits that provide useful information on our solutions. Whether you are a new partner, or a veteran – Starter Kits contain valuable material that can be shared with prospective clients. If you are an active partner, marketing collateral is available to you for free. You can even get your sales documentation branded with your logo. Simply visit the Marketing page, and submit your request.
We were featured on CBS, FOX, and NBC news.
Recently, ExchangeDefender was showcased on several U.S news outlets for the surge of new partnerships we are experiencing. We believe that the rise of popularity for our partner program has been due to the Covid-19 pandemic. Managed Service Providers, like most other businesses, are searching for ways to lower their costs, and boost their service offerings. Our partner program is free, and has always been free with the confidence that our clients would be able to focus on building their business. ExchangeDefender hopes to build meaningful relationships with MSPs who are seeking to build their business, while keeping IT costs down. To read more about our latest news coverage, please click here.
ExchangeDefender has been providing email security, compliance, and business continuity solutions via Managed Service Providers since 1998. We believe in offering our partners exciting opportunities to build their MSP businesses with IT solutions that are profitable, flexible, and custom to fit their client’s needs.
Build an award-winning service portfolio with no upfront costs.
ExchangeDefender’s cloud technologies are distributed exclusively through our partner channel. Our commitment to your success is at the core of all we do. Joining us means you’ll be able to offer the following IT services instantly:
Advanced Email Security
ExchangeDefender PRO is a multi-layered security suite that protects users against SPAM, viruses, malware, phishing attacks, and more. The email security solution is compatible with all major email service providers – including Office 365, on-premise Exchange, and G-Suite for Business.
ExchangeDefender Corporate Encryption enables users to send and receive encrypted messages by email, url, or sms. It is easy for organizations to quickly adopt, and also includes advanced real-time reporting with analytics.
Email Archiving and Compliance
ExchangeDefender Compliance Archive provides long-term email archiving, with unlimited tamper-proof encrypted storage. It includes powerful eDiscovery search, and helps organizations achieve email compliance with regulatory requirements established by IRS, FINRA, HIPAA, SOX and SEC.
Email Outage Protection
Yes, that’s right – say goodbye to email outages. Plus, how many other service providers do you know that offer this type of email continuity solution? ExchangeDefender Live Archive enables users to send and receive email during service outages from Outlook and Gmail.
File Sharing with Unlimited Storage
ExchangeDefender Web File Server is a professional file sharing software that offers secure sharing, and management of information. Web file sharing makes it easy for teams to share documents without having to rely on email, or old file servers. Provide your clients with the oversight and security of their most precious asset, their data – for just a few dollars.
Managed Email Hosting
ExchangeDefender empowers our partners to offer a secure full-service email hosting solution using the latest Hosted Exchange. Partners are able to provide clients peace of mind with professional email that is managed, supported, and secured by email experts.
Become an ExchangeDefender partner today!
Membership is free, you can cancel at any time. Enjoy full access to all of our solutions within minutes after being approved! – APPLY NOW –
ExchangeDefender has recently launched an ‘Official Partner’ logo, designed exclusively for our current partners. The logo is a graphic brandmark that features our traditional ExchangeDefender design, as well as the addition of ‘Official Partner’ underneath in dark grey.
There are currently two different versions of the logo to best assist all partners and their individual websites. The option to choose the light, or dark version is totally up to the preference of the partner, (their brand colors, website colors etc.)
Ways to use
We have a few suggestions on how to use your Official Partner logo. The first is on your website. You can download the logo and paste it into your website. Preferably on the front page to show your clients, and prospective clients the current security vendors that you are in partnership. We believe the display of partner logos help express credibility to future clients that you are in good company, and collaborate well with others.
The second option is adding the logo to documents, sale sheets, brochures, invoices – things you would normally give to a potential client. Normally, you would add your company’s logo on the left side, with your partner logo on the right side. Visually its outstanding, and assures the client that you are doing well as an ExchangeDefender business partner, (which you are!).
The third option is using your email footer for when you are emailing back and forth with clients. For example, if you were to look at a company’s signature – you would see the name, title, contact details, as well as any programs, or products that they are currently associated with. The logo is easy to add into outlook or Gmail, and should only take a few mins to complete.
Oh! You can also use the partner logo when making posts on your MSP social media. This could be attached to product specific offerings, or showcasing the third-party vendors that you currently are in partnership.
How to download?
To download is simple.
Below, you’ll find the light version and dark version of the logo. The images are PNG and have transparent background to suit any color. To save, simply right click the image and click save.
Traditionally, ExchangeDefender has been an email security platform, first and foremost. In order to secure your email on its way to/from your email infrastructure, your MX records needed to point at us and all your mail was secured using our platform. In May of 2020, that changed.
As of June 2020, you can offer ExchangeDefender solutions without ExchangeDefender or mail going through to us at all. It’s no secret that all the add-on cool features in ExchangeDefender (LiveArchive, Web File Server, Encryption, Compliance) are in their 3rd or 4th generation, and those services are in huge demand on their own.
You will shortly be able to purchase most of our offerings directly without the complexity of joining our partner program and without needing to implement a bunch of other features if you only need a way to securely collaborate. Our web site, ExchangeDefender.com will remain a partner-centric experience and we are introducing a new site used to manage ordering and processing of subscriptions to our a la carte services.
Our partners will be able to continue provisioning and ordering ExchangeDefender services as is. As a partner you’ll also have a choice of placing orders through the new a la carte service as well (if you don’t want to be involved in management, support, etc for your users) just without discounts and incentives (since we’ll be doing all that work now).
We strongly believe that our partner ecosystem provides a lot of value to the organizations that consider IT security to be critical to their success. The reality is that many do not, and our partners tend not to sell services to clients they deem too small or too unprofitable for the overall offering: now we have the means and ways to help them through service bundles and individual service offerings specifically designed for the cloud.
If you’d like to be on a beta test, please let us know, the new platform will launch next week!
Employees are suddenly finding themselves working remotely due to the current health crisis of the Coronavirus that is sweeping nations across the globe.
As we protect thousands of businesses from the drastic uptick of phishing emails and ransomware attacks claiming they are from verified sources, we have noticed new tactics that hackers are using to fraud employees working from home.
Here are our top 3 cybersecurity implications of working from home:
- The lack of authentication and authorization
There is an increased need for two-factor authentication, monitoring access controls and creating strong passwords. Managed Service Providers should encourage their clients and end users to add additional security safeguards.
We recommend changing your password every 90 days, and enabling OTP/2FA to improve your account security. To manage this for ExchangeDefender, view user guide.
- Increased risk to cyber attacks
There’s an increase risk to attacks like phishing and malware, especially since employees will now likely receive an unprecedented amount of emails and online requests.
ExchangeDefender Phishing Firewall (EPF) automatically secures inbound mail by rewriting HTML links so they are forced through our firewall when you click on them in Outlook, Gmail, or any web-enabled email application.
To add a new web site to the Whitelist or Blacklist click on the + Add New button in your ExchangeDefender Admin portal. To learn how to manage this setting, click here!
- Unsecured BYOD (Bring your own device)
Remote working can successfully widen an organization’s attack surface. Mainly due to employees who use their own devices for work can introduce new platforms and operating systems that require their own dedicated support and security. As a result of so many devices being used, it’s likely that at least some will fall through the security cracks.
ExchangeDefender Pro offers users a VPN server to connect to in a secure manner no matter where they go. Public Wifi hotspots tend to have questionable security at best and can be used to compromise a device that is connecting blindly across the Internet. Connecting your phone automatically to a VPN can assure that email access (and all the confidential data in the email) can never be snooped on.
Webinar Announcement: ExchangeDefender solutions will soon be available “a la carte” to clients. Attend our webinar on Tuesday, March 31st at 12:00 PM EST. Register Now!
ExchangeDefender has changed how our inbound nodes will handle emails delivered to our server when the sending server is on a Real Time Blacklist (RBL). Previously, RBL listings would cause emails to be rejected and not able to be delivered to the recipient (even if requested). Now, when a server is listed on a public RBL, the message will score high enough to classify as SURE SPAM instead of rejected back to the sender.
Changes to how ExchangeDefender handles Real Time Blacklisting (RBL) of the senders server will be visible to both the and MSP Customers.
Customers with STORE / QUARANTINE see a dramatic increase of items in the SURE SPAM quarantine, including email quarantine reports.
Customers with TAG AND DELIVER will see a dramatic increase of sure spam items delivered to their inbox.
MSPs will have two settings to control how RBL listings are handled with regards to matching whitelist rules. By default, whitelisted senders will override the RBL listing and will allow the scanner to ignore the RBL entry. MSPs will have an option within the domain’s phishing configuration with regards to handling whitelisted senders who wind up on an RBL.