ExchangeDefender has assisted partners and clients with migrations from third party platforms onto our award winning platform. On July 31st 2019, we will schedule our last third party migration onto the ExchangeDefender network and will only support them under special projects going forward.
We’re sure this will disappoint some of our clients and partners that have hoped to bring their clients to our network, unfortunately this work is simply too expensive to deliver free of charge. Over the years we have given our prospects incentives – free licensing, free third party migration tools, free hosting, etc and we were able to do so on the back of deep expertise across other platforms.
But just as we continue to decommission our own older versions of Exchange clusters and third party email systems, the rest of the world is doing likewise. We feel like everyone that was truly interested in a smooth transition has made or scheduled that move already. Clients that have waited on 5+ year old infrastructure probably did so because of customized workflows, third party integrations, older versions of integrated software that doesn’t support Exchange 2016/19, etc. Keeping the immense staging, data transfer, and consulting resources on hand for legacy platforms is expensive and is needed as we roll out new features for ExchangeDefender. SplitMX, Multiroute and duplicate delivery will no longer be supported by ExchangeDefender, on our network or on Office365/Google/3rdparty.
We’ve been mentioning the sun-setting of this service since early 2018, and if we’ve missed anyone there are still 2-3 weeks during which we can swing almost anything over. Past that, we will offer migrations to ExchangeDefender as a part of our enterprise services contract.
Thank you for your business and we’ll continue working hard to keep you in love with ExchangeDefender. If you want to join the fun, let us know by August 1st, 2019.
This Thursday, June 6th, we will be announcing a major overhaul in the way we deal with spear phishing SPAM. No, it’s not a mind-blowing patent-pending stroke-of-genius sort of stuff, it’s much closer to what your parents told you growing up:
Don’t get into a car with strangers don’t click on links or open attachments from strangers.
In a way, ExchangeDefender has had protection from this issue for years. If you had a decent IT Solution Provider implementing ExchangeDefender for you, they would have setup your SPF record and eliminated this issue – but many don’t. Or they would have turned on ExchangeDefender protection where all messages spoofing/forging your domain would automatically get junked – almost none of them do. Which is why ExchangeDefender as a service has become less of an IT tool and more of an end user suite of services to get stuff done.
When features like this are left disabled “because they might become support issues” it becomes really difficult to secure users. But I get it, IT companies have a business to run too, which is why we’ve really stepped up our support efforts and are going to be there to help folks get things done without becoming an additional problem for the IT department. Doing so has really made us rethink how we implement features and how the service behavior needs to speak the same language as the end user. Which brings me to phishing beyond forgeries.
Can you spot a stranger?One of the new phishing protection features in ExchangeDefender will allow you to flag messages that are coming from outside of your organization. You will have two settings – to modify the subject and to modify the header of the message so when you look inside of your mailbox you’ll know what came from a stranger right away. Try it:
Even from the message listing you’ll know which messages shouldn’t even be opened. But suppose you ignored even that – you can set another warning, printed inside of the message, giving the user even more of an instruction of what to do.
Warning: Message was sent from outside of the organization. Do not click on links or open attachments if you don’t recognize the sender.
Far from subtle. And it has to be – because most people check email quickly, between tasks, or are simply interrupted by it. ExchangeDefender has your back, and we’ll make sure we alert you to possible issues before they become problems. Which we hope everyone will be aboard with.
Please join us, June 6th at Noon, for our NEW webinar featuring ExchangeDefender’s Phishing and Spoofing protection, plus see what’s new with Encryption, WFS, and Wrkoo!
ExchangeDefender is opening a wider beta test of our whitelisting functionality, which allows IT Solution Providers to whitelist sender mail servers that have broken DNS (missing PTR, mismatched A/PTR records) and poor sender reputation (hosts listed on multiple RBL blacklists).
If you have a sender you would like to whitelist against these essential network tests, please open a ticket at support.ownwebnow.com with subject “Whitelist PTR/RBL: IP Address” and provide as much information in the ticket so we can accommodate this specific request. Only hard non-negotiable rejections to whitelist will be for unknown address space and dialup/consumer cable IP addresses (because due to their nature those are typically dynamically assigned address spaces that shouldn’t be relaying mail at all, they should be using their ISP mail server provided smarthost)
Requests will be reviewed and either approved (and enrolled) or rejected within 24 hours by our CSO.
Background: Inability to previously whitelist broken DNS and dynamic IP address space is rooted in our mission statement. We are here, beyond everything else, to help secure the email. We know our partners, IT Solution Providers, VARs, MSPs, etc do not have the skill set, the time to properly research underlying issues, enough data and statistical models to evaluate sender IP reputation, or even the incentive to discern how big of a security threat and compromise a specific IP address with broken DNS or poor reputation may pose to your client.
In fact, you pay us to worry about those things and keep your clients secure. But, sometimes clients like to think they know better than their technology experts, generally accepted security standards on the Internet, and ExchangeDefender. And the client is always right. But, when they get infected attachments, broadcast storm, password dumps, or other security compromises because they insisted on lowering their security – then ExchangeDefender is on the hook for securing them. And we don’t get to say “told you so” nor do we have any rapid means to fix the issue.
Since my retirement, all of those hard-line policies designed to keep clients safe beyond whatever “specific business case requirement” they may have, are slowly going away. Good news for the client, good news for the partners. Good news for us, because going forward we will start providing Email Security Engineering services – so when you get a security compromise or an usual issue and you’ve asked us to compromise your security – we will be able to address the issue on your behalf.
I choose to look at this as a positive – we will help our clients meet their business needs and get the mail they desperately need – and if something breaks we will be there to help assist with the cleanup (for a fee, of course). This, among many other service related things, is just the part of the ExchangeDefender being more responsive and service oriented when it comes to our clients demands as opposed to our expert opinion as a security policy.
As promised in the last webinar, we’re moving as aggressively as possible to make sure our partners have as flexible of a tool as we can imagine to communicate with clients in the event of an IT catastrophe. Or, in our case, to further increase transparency and collaboration with all our ExchangeDefender service providers so you can get better insight into our network and when we’re dealing with a lot. That said, I believe that the product/service is now production ready and we’ve already tied it up in our ExchangeDefender Enterprise product so you’ll know as we know. 🙂
Remember, ExchangeDefender’s AnythingDown.com , or https://yourserviceproviderid.xdnoc.com – is your own brandable, real-time alert system that covers ExchangeDefender managed resources as well as your own custom defined events.
Let’s go on a little tour, shall we?
First, here is the nearly-final look of the site. It will of course feature your logo, your contact information, and your own services but you can see that there is now a sign in section as well as nested posts – so when something is updated it’s done so in-line and can be read normally (as opposed to just seeing the latest update and not knowing what it’s about at all).
Sign in screen is for you, just provide your service provider ID and password and you’re in your own portal.
As for your users that want real-time updates via email or RSS/blog, we have a signup page (I know, I know, it’s idiotic but GDPR and EU have put this obstacle in place where we need contracts and disclosures about signing up for an email list).
Once you’ve signed in as the service provider, you will have access to manage and create new service advisories. Just click on the Add New button in the upper right corner. If you’re managing a larger NOC and have a ton of fires going on (you’re among friends, #respect) you can also search current open advisories and make sure you update the correct one.
New advisory posting is pretty flexible and gives you actually quite a bit of power to include images, links, and other multimedia. As network geeks we’re used to plain text, ASCII, 80 columns across black on white kind of alerts but in the 21st century with lots of things going on sometimes you can throw out a quick alert with a screenshot of what’s going on rather than trying to document every single detail (for example, a cloud of daily network/ISP outages as an explanation why things are moving slow or getting delayed or buffered)
And of course, you can update every service advisory.
As mentioned last month, ExchangeDefender XDNOC </a> service is all about helping us work better with the people that pay us to help protect their networks and users. I have some rather personal thoughts on that subject, which will be a matter of another post. However, when you design software and when you serve as the gatekeeper, your primary responsibility to the people you’re protecting and waking up to keep safe every day is not just to keep things going but also to keep everyone aware of what is going on to improve things – because hackers don’t take days off.
When things malfunction at other companies, they blame vendors and equipment. When things malfunction at ExchangeDefender, we build products and services so we never have to deal with the problem in the first place. As a result of a DDoS attack last month, I am happy to introduce you to our new service that will improve one area in which we undoubtedly suck the most: communication.
Say hello to AnythingDown.com:
It’s an offsite NOC alert site that’s branded for you.
At ExchangeDefender we do a pretty amazing job communicating and working with our partners, it’s actually our #1 selling point, that you can come to our offices and data centers, you can work with our team and get things done. But when something breaks, that same business friendliness and accessibility is an achilles heel – clients swamp the phones demanding to be briefed on every detail, “Friends of Vlad” call every staff cell phone they can find, the staff that is there to help/coordinate/assist in technical work cannot efficiently correspond and inform every user particularly when things go down and everything isn’t working as it should.
This is where ExchangeDefender XDNOC (aka “AnythingDown.com”) helps.
It’s off site. Doesn’t rely on our networks at all.
It’s on it’s own name space. Not dependent on our DNS/registrars.
It’s branded. Your name, your image, your message.
That last bit is pretty important – we realize that our larger clients have many employees that have never heard of ExchangeDefender, ditto for our partners that don’t want to reveal ExchangeDefender is behind their branded email offering.
Not to worry, your site is already branded and you have your own Service Provider XDNOC: https://<yourExchangeDefenderSPId>.xdnoc.com
It’s yours, it’s yours for free, and we’re just getting started. For the next week or two, the site will host ExchangeDefender content only as we add in the mechanism for RSS subscriptions, linking, SMS/txt alerts, and email notifications.
But this is just the beginning. As an ExchangeDefender subscriber you will have access to this site to tweak it as necessary and to add your own NOC alerts. That’s right, we’re not just building this for ourselves, we see it as a role of central accountability for everyone that relies on our services and all the services you use to deliver a solution. We all want to keep the client happy and informed and this will help out a lot towards that goal.
Our expectation is also to have our proprietary monitoring and alert feeds published on AnythingDown.com going forward so you can see or anticipate the issues that our infrastructure is seeing even before there are tickets or human confirmation of the problems. For many that will be way, way, way too much data but we feel it’s better to present it and get more eyes on it than hide it and hope it’s handled through automation or our staff activity.
In closing, I hope this helps. I know outages and service interruptions or performance issues or networking issues all suck, nobody wants them. They come with the territory and everyone knows it – so it’s not about technology malfunctions, it’s about your communication about the IT work that is done to make it as flawless as possible. We thank you for your business and for your continued support of ExchangeDefender that makes stuff like this possible.
Many IT professionals have gone through a lifecycle infrastructure upgrade – the all important cycle of improving the infrastructure as the vendors push down new features with ever increasing resource demands. We’ve been doing that since 1997. One thing that has changed in the past 20 years is the scope and magnitude of both attacks and the network demands to manage them all. We’ve done an excellent job keeping up with them all, with our last major outage (that lasted nearly 4 hours) back in 2011. We learned a lot that day – and rolled it up into our products and services that many of our partners have experienced. These days, with the cloud services, the game is completely different.
I hope you have a moment to join our WEBINAR next Thursday, April 11th, at noon
It won’t be the usual rah-rah new features new stuff show. I will speak candidly about how we’ve managed to overcome and triumph in the “Cyber” security game and how we’re still always one step behind whatever 0-day attack vector comes down. I’ll be discussing (somewhat intimate) details about the performance issues, DNS issues, DC issues, subscription issues, 3rd party IP issues, and how all of these have become both an IT management issue and customer service nightmare. I truly hope you join us. I know your time is valuable and schedules get tight so if you can’t make it, the recording will be posted in our portal as usual.
What we learned last week – for the millionth time – is that communication in cases of issues is paramount. When things appear to go down, people panic. They require not just information but reassurance, confidence, and a plan required to address issues. For smaller companies, that’s a matter of just falling back to a cell phone – for larger ones (if it’s not already you, it definitely is something to consider for your clients) that is simply not an option and the volume of activity will easily and quickly overwhelm you. I used to see it every day – when issues come up for our partners, their clients call us.
We’ve made an overwhelming investment – not just in technology and features but manpower – that has fueled our growth for the last few years. I want to share, personally, exactly how we operate and how we’ve been able to both prioritize and execute some of the more impressive infrastructure enhancements and how they are going to be here to serve you for years when something happens.
And then I hope to offer you the same – as a token of our appreciation for your business and your loyalty through the years. Pretty excited, I hope you can join us.
We are currently experiencing a large scale DDoS attack on our network specifically our DNS servers.
Our team is working diligently to correct the issue, please stand by for more information – or give us a call (877-546-0316) if you need any assistance!
We will make sure to keep you updated via the ExchangeDefender blog, our facebook (@exchangedefender), and within the portal as access gets restored.
Thank you for your patience.
Partner to Retail Transfers
After nearly 21 years in business, we have seen just about everything, from partners dying to companies disappearing overnight. More often than not, they leave businesses they served stranded and ExchangeDefender has to pick up the pieces. As each case is different, we’ve always handled every issue delicately with great care from a dedicated employee at ExchangeDefender to handle the issue.
While that sounds nice on the surface, it’s actually a horrific mess with a point person playing coordinator, negotiator, project manager, liason, unofficial legal advisor and more often than not wasting more time than neccessary.
As a result, there is now a 3 month initiative at ExchangeDefender to streamline and automate most of our processes that involve external parties. The honor of the first such automated process is the “Transfer of Services”:
Transfer of Service
ExchangeDefender is exclusively sold through our IT Solution Partners. However, when one partner disappears (death, bankruptcy, laziness, poor customer service) we do not have the means to refer them to a new partner. Often, even if we can find someone local, partner may not have an incentive or business case to sell them ExchangeDefender if the client will not sign up for other support services that are required by our partners to deliver XD. Sometimes, clients get bought/sold, hire their own IT staff, or move to a new provider and want to keep ExchangeDefender. All of these scenarios create a massive mess for ExchangeDefender, for the client, and ultimately for the partner.
The site is designed to create a process-oriented survey that ties in all the parties involved in service delivery – the client requesting the transfer, the existing partner, and if applicable the new IT Solution Provider. This way we have the contact information about everyone, we have set milestones in the process, we have everyone moving along the project and we have deadlines so nobody is left stuck or forgotten. The same ExchangeDefender SLA for support applies to the transfer process but it makes ExchangeDefender handle it.
That is the key part and perhaps the most valuable one for our existing partners that may be worried about account transfers. From our experience, when a client decides they want to leave the service (be it ours, or our partners) there is little that will stand in their way of either moving to another ExchangeDefender partner or another service. This can be painful, awkward, and at times emotional as a loss of business can be stressful. This is where ExchangeDefender can help as well – instead of having to deal with asset control, configuration, transferring credentials and doing support and the work of the new IT Service Provider, our partner can just sign a waiver and from that point on anything regarding the old client and ExchangeDefender will be handled by our team. This way the current partner that is losing the service isn’t stuck with an uncomfortable process of dealing with a client that fired them or training their competitor how to manage the service – it’s simply all on us.
We had to do something. All our future transfers will happen through the “Partner To Retail” web site at https://exchangedefender.com/transfer
Our mantra remains the same, we are still very much a partner-channel based organization. These process automation projects are meant to give our partners and clients a more predictable, measurable, and accountable system backed by an SLA rather than a single point person. If there are processes that you’ve found frustrating, unpredictable, difficult, or frustrating please let us know by contacting your account manager and we’ll put some priority on those. Otherwise, we look forward to serving you better.
About the PIN requests
Several years ago we introduced the ExchangeDefender Phone PIN support to enable our clients and partners to obtain full support over the phone as if they were in our support portal. Being able to talk to someone that can directly make any change you need to make on the go is incredibly valuable for on-the-go business manager that is typical in SMB.
Our implementation left a lot to be desired. We put the PIN in the area where few people looked. We had no system to quickly retrieve your PIN. Some of our support techs took advantage of the system to avoid helping clients. All these issues have been addressed so we wanted to go over our phone support process again.
Our Support Process
We have a typical 3 tier support system – people on the phones (Level 1), people in the support portal (Level 2), and people managing network services and software that approve overrides and make changes manually (Level 3).
When you call 877-546-0316, you will always be speaking to a Level 1 person. Their job is to be friendly and help you figure out how to get things done. In general, they will walk you through the portal, provide our manuals and walk through guides, open a ticket on your behalf, and sometimes even provide additional information about services. Their goal is to eliminate the clutter, the transfers, the “not my department, not my job” you often get when you call a company for help.
If you call our support and are active, in good standing (no late or past due invoices), with proper credentials – our team will greet you with “Thank you for calling ExchangeDefender, whom do I have the pleasure of speaking” and will try to locate your profile and your PIN. From there, we’ll take good care of you. If you don’t know your pin, or if we cannot locate you in the portal, our support will still provide basic public information about our services but is prohibited from discussing pricing, settings, passwords, company data and so on. This is for your security and protection – we’ve all experienced identity theft, people pretending to be someone else, people that have been terminated looking to sabotage their employer, etc – the PIN removes that from being an issue.
What requires a PIN?
Anything that is not public or available on our web site will require you to provide an email address and a PIN. Things that don’t require a PIN are basic answers about how our products work, where to find documentation, if there are any issues with services at the moment, how to become a partner, marketing collateral requests, etc.
Everything else that is account-confidential will require a PIN, for example:
– Getting a copy of the invoice, pricing information
– Account modification, service change, settings change
– Opening a new support ticket on your behalf
– Adding a new service or subscription
– Modifying service settings (passwords, IP addresses, credentials)
There are only two things that our support on the phone will not do regardless of whether you know your PIN or not: add a new contact to the support portal and delete any service/subscription. For legal, compliance, and past experience reasons that is a red line we cannot cross.
OK so how do I get my PIN?
You can find it in your Contact information at https://support.ownwebnow.com
If you don’t know your PIN or support password, you can request a new PIN at https://exchangedefender.com/pin
If you don’t have a contact in our portal at all, you will be provided with a PDF to provide to whoever manages the ExchangeDefender relationship in your organization.
We hope that as we introduce chat and more phone support you can still get everything you want done much faster and more efficiently – but most of all: securely.
ExchangeDefender 9 is off to a fantastic start, as mentioned in the previous post we’ll keep you up to date with any new bugs and fixes as we find and fix them here (http://www.exchangedefender.com/blog/2018/08/exchangedefender-9-launch-bugfix/). Great news on that front is that the entire codebase is new and thanks to new development methodology fixes for minor issues won’t take long. Neither will the addition of the new features: which is what we’d like to discuss today.
The following big features are coming in September and we’ll cover them in detail leading up to the release: ExchangeDefender encryption is getting a major upgrade in threaded conversations and ability to include attachments both ways, our support portal will begin mixing in live chat and status updates so you know immediately where your ticket is in our system and who is working on it, and we’re taking a major step forward to help you manage your security credentials.
ExchangeDefender Encryption Upgrade
ExchangeDefender Encryption is getting a major expansion of features when it comes to handling files and conversations. Specifically, we never want you to have to leave the ExchangeDefender web site in order to communicate effectively and securely. Starting in September, we’re adding two major features to enhance our clients ability to exchange secure content with remote recipients: threaded views and attachment uploads.
Presently, only our clients (protected by ExchangeDefender) can send encrypted attachments. Soon, senders and recipients will be able to work through our portal to send encrypted contents back and forth. The way we’ll present the entire conversation will really take our clients productivity to the next level.
Support / Ticket Live Chat
We’ve been testing a live chat/alert/popup functionality in our support portal where we can huddle up and work on the ticket in realtime with the entire team. This is a far cry from the traditional model where a ticket is accepted, assigned, worked on and completed by a single tech within a SLA mandated period of time.
In the new model, we all have the ability to work on every issue at once and quickly add relevant resources to the conversation: which is effectively what the new support is going to look like. So instead of a ticket being a single monolith of a problem that is handed from one person to the next in it’s entirety, we can now break it down into manageable pieces and a senior engineer can quickly pinpoint, triage and offer guidance that would let other technicians that are available assist the client far faster.
You will also be able to see who is viewing and working on your ticket and where/when the next update will come – this will eliminate the need for phone calls, escalation/status update requests and so on because the system is 100% reactive to what is going on – if the engineer is looking at the ticket they have a counter and they are printed on the ticket. We look forward to extending this functionality to our clients in September, we’ve been using it internally to raving reviews by our staff.
Password Policy Enforcement
ExchangeDefender is a security product – one whose origins and some features trace back to the 90s. In the past 15 months the product has been rewritten entirely, giving us far more flexibility to help you manage your users and their passwords. In September we will start storing passwords with irreversible encryption and complying with many new technologies such as Magic Link that will make password tracking a thing of the past. Additionally we’re rolling out 2FA/OTP across ExchangeDefender with our own API to extend to other applications in the ExchangeDefender universe.
There will be many more features coming along as all our departments have stepped their game up – but these major ones will definitely change the way you work with ExchangeDefender and how much we’re able to do for you and your clients. Privacy, security and management are in the news every single night and we hope to give our clients and partners a level of control over their data that will make it easier for them to sleep at night.