General – ExchangeDefender Blog

Most Popular Products

EMAIL SECURITY

Services that protects your mail from spam, viruses, and malware.

ARCHIVING

Secure long term message storage and ediscovery reporting.

BUSINESS CONTINUITY

Constantly archiving your sent and received mail.

Image result for how to determine spam email

The more SPAM stays the same, the more ways they find to get it through to your mailbox.

How we determine something to be SPAM vs legitimate mail is a bit of a science and it incorporates a ton of statistical analysis, data feeds, real-time blacklists, IP reputation scores, several antivirus products, several malware detection products, subscription services, etc. We pass each inbound message through almost all of these subsystems and assign it a score – as that score adds up the message becomes categorized as SPAM or SureSPAM based on the amount of UCE/malware/infected content the message has.

Every year we rebuild the ExchangeDefender engine to pull out things that no longer perform well, add new promising technologies, shift around the different plugins and so on. While ExchangeDefender filtering is updated in real-time and by tons of different vendors along with our in house technology, major improvements and technology shifts are necessary in order to prevent truly dangerous stuff from getting through. Unfortunately, this means that for about a week or two the amount of junk mail that gets through goes up as we reset all our scores, statistical models, weighs for different services and the implementation. While we wish we could just point and click, the process is far more complex than that, and requires delicate changes over a few days.

We appreciate your patience with us as we get the new engine online. The SPAM filtering levels should return to 100% shortly and we realize SPAM is annoying – which is why we’re doing this in the first place. Thank you for your business and trusting us with your email, we look forward to getting our best ever SPAM detection online shortly.

A new webinar for October 17th at noon has been scheduled! We’ve been working around the clock to provide our partners, and their clients new features that make all of our work process easier, and more effective. Cool things that are happening as of today, October 1st :

Exchange 2016, Finally

The new exchange 2016 comes with a lot of new features. We’re particularly excited about the ability to create shared mailboxes, and manage password and lockout policies.

Corporate Encryption

You can now reset your recipients accounts (PIN+Password) in Corporate Encryption.

SPAM Reporting

New ExchangeDefender SPAM Email Reports are launching on October 1st 2018 and we’ve made several significant changes to the look and feel based on user feedback.

Friendly Names

You’ve only been waiting 20 years for this feature and we’re happy to finally deliver it: ExchangeDefender will now show friendly display names and email addresses, giving you a better idea of who the email sender is.

Watch ExchangeDefender’s CEO, Vlad Mazek discuss newsworthy topics to be discussed during the upcoming webinar on the 17th at noon. Stay tuned as we share key advancements of our products and within the company. Reserve for the webinar now!

Partner to Retail Transfers

After nearly 21 years in business, we have seen just about everything, from partners dying to companies disappearing overnight. More often than not, they leave businesses they served stranded and ExchangeDefender has to pick up the pieces. As each case is different, we’ve always handled every issue delicately with great care from a dedicated employee at ExchangeDefender to handle the issue.

While that sounds nice on the surface, it’s actually a horrific mess with a point person playing coordinator, negotiator, project manager, liason, unofficial legal advisor and more often than not wasting more time than neccessary.

As a result, there is now a 3 month initiative at ExchangeDefender to streamline and automate most of our processes that involve external parties. The honor of the first such automated process is the “Transfer of Services”:

Transfer of Service

ExchangeDefender is exclusively sold through our IT Solution Partners. However, when one partner disappears (death, bankruptcy, laziness, poor customer service) we do not have the means to refer them to a new partner. Often, even if we can find someone local, partner may not have an incentive or business case to sell them ExchangeDefender if the client will not sign up for other support services that are required by our partners to deliver XD. Sometimes, clients get bought/sold, hire their own IT staff, or move to a new provider and want to keep ExchangeDefender. All of these scenarios create a massive mess for ExchangeDefender, for the client, and ultimately for the partner.

The site is designed to create a process-oriented survey that ties in all the parties involved in service delivery – the client requesting the transfer, the existing partner, and if applicable the new IT Solution Provider. This way we have the contact information about everyone, we have set milestones in the process, we have everyone moving along the project and we have deadlines so nobody is left stuck or forgotten. The same ExchangeDefender SLA for support applies to the transfer process but it makes ExchangeDefender handle it.

That is the key part and perhaps the most valuable one for our existing partners that may be worried about account transfers. From our experience, when a client decides they want to leave the service (be it ours, or our partners) there is little that will stand in their way of either moving to another ExchangeDefender partner or another service. This can be painful, awkward, and at times emotional as a loss of business can be stressful. This is where ExchangeDefender can help as well – instead of having to deal with asset control, configuration, transferring credentials and doing support and the work of the new IT Service Provider, our partner can just sign a waiver and from that point on anything regarding the old client and ExchangeDefender will be handled by our team. This way the current partner that is losing the service isn’t stuck with an uncomfortable process of dealing with a client that fired them or training their competitor how to manage the service – it’s simply all on us.

We had to do something. All our future transfers will happen through the “Partner To Retail” web site at https://exchangedefender.com/transfer

Our mantra remains the same, we are still very much a partner-channel based organization. These process automation projects are meant to give our partners and clients a more predictable, measurable, and accountable system backed by an SLA rather than a single point person. If there are processes that you’ve found frustrating, unpredictable, difficult, or frustrating please let us know by contacting your account manager and we’ll put some priority on those. Otherwise, we look forward to serving you better.

 

 

Billing Compliance Enforcement

September marks another huge month in which we’re cleaning up some of our old “small business ways and means” and replacing them with industry standards, in every facet of our business. But before we get into that, as the changes are both service related and product related, we would again like to remind you to sign up for the big webinar we have on September 5th:

ExchangeDefender New Stuff Webinar
Wednesday, September 5th. Noon EST
https://attendee.gotowebinar.com/register/1810967512151336450

“I cannot urge you enough to attend the webinar and see the changes and improvements that are coming to our products and services. You truly need to understand the structure and the vision behind it because we’re doing the same thing we’ve always done: respond to client requests and how the marketplace dictates what people will pay for and how. So I urge you to please attend the webinar and hear directly from me what we’re up to and how you can run into fewer issues and make more money with us.”

-Vlad Mazek
CEO, ExchangeDefender

Billing Policies

None of the following policies are new or designed to impact our clients in good standing.
Our billing policy has not changed in 20+ years, but we’ve never enforced it fully, and we believe it won’t be an issue for anyone. So for the record:
– We need a 30 day notice on any services you wish to remove from ExchangeDefender (and any of our products, sites and services). We tend to be fairly flexible with this and will continue to do so.
– Any services cancelled within the last 2-3 business days of the 1st of the month will be billed on the 1st and there will be no refunds. See the 30 day policy above.
– Service cancellations will be disabled within the last 12 hours of the month. Our staff will not be able to process them via phone/tickets, they will be locked out as well.

The reason we are suddenly enforcing this policy is because we’ve noticed a significant amount of fraud related to people gaming first/last of the month (where you cancel the service on the last of the month, skip the billing cycle that runs on the 1st, then setup the new service on the 1st and get a free month). If our enforcement of our billing policies seems unfair please keep in mind that we do give you free service from the moment you sign up for the service until the 1st of the month. The other reason is that we cannot process changes and update invoices within hours of the amounts being submitted to the credit card processor.

 Late Fees

Late fees will also affect a small but persistent contingent of our client base that is trying to game and hide from what are fair business practices of paying the vendor. Because we’ve never charged late fees we have a few dozen clients that hide, provide fake credit card numbers or otherwise try to get as much free service as possible. Payment for all services is due on the 1st. If the invoice isn’t paid by the 5th (12:01 AM) invoice will automatically get a $39 late fee. If the invoice remains unpaid by the 15th (12:01 AM) the services will be suspended and subject to other legal remedies, along with an additional $69 re-connection fee.

These policies have not been enforced as a matter of personal courtesy we extended to our partners during the economic collapse of 2006-2009. Today, they require personal interaction and activity by a member of our staff, and every unpaid invoice and billing ticket about not cancelling the service in a timely manner is costing us (and our partners) which isn’t fair.

As mentioned above, these policies will not be an issue for anyone but a small handful that has been abusing the system. As a security company we are constantly being audited and leaving open invoices, not charging, late fees, policies that aren’t being enforced and so on are constantly flagged by our accounting, legal and even compliance auditors so we’re being forced to get a grip on everything. Thankfully, it won’t be much of an issue and we look forward to using freed up resources to deliver a better service to all of our clients.

 

ExchangeDefender 9

ExchangeDefender is proud to announce that ExchangeDefender 9 will be exiting the beta stage next week and will be in production for all of our clients on Saturday, July 28th, 2018. We want to prepare our partners and clients for our rollout schedule so that everyone is ready to go for what we expect to be a very seamless and effortless transition. You can see the new version at https://admin8.exchangedefender.com and we have written about it extensively here. 

 sp_management_accounts_show_userssp_theme_DARK_BLUEuser_dashboard_tabsuser_sureSpam_reply

 

ExchangeDefender 9 has been running with new infrastructure since August of 2017, new UI launched earlier in the Spring of 2018 and all the automation and functionality has been tested extensively.

To sum it up:
   Brand new outbound network Brand new inbound network
   All new infrastructure, network, switching and security workflows
   Brand new user interface and user experience
   Tons of new features

The best part of it all is that all the functionality that you already use is in the exact same place, behaving the exact same way, and yielding the exact same results. The magic is in everything around it – everything is faster, more accessible, more streamlined and has far more functionality and flexibility than before. Just as a minor example, the new user interface allows you to interact with ExchangeDefender the same way no matter whether you’re at your desktop or on your mobile phone – and you get the full feature set, not just limited mobile experience.

    Rollout Schedule

ExchangeDefender infrastructure is already running on the new code and has for months. This piece of our network is under constant maintenance and monitoring and we’re certain about it’s performance. You will not see any changes here.

On Saturday, July 28th, 2018 we will switch https://admin.exchangedefender.com to the new version of the UI/UX. Users will begin to see changes nearly immediately starting with 9AM EST. There may be a period of about an hour during which some users will experience the new UI and old UI – our support desk will be available via phone, chat, Facebook, twitter and support portal at https://support.ownwebnow.com the entire weekend to handle any issues that may come up. End users will also have a direct link to us to resolve any issues so if you’re one of our partners and don’t have a 24/7 support line – consider it covered.

On Sunday, July 29th, 2018 we will conduct a routine maintenance crash test – intentionally taking down random sections of our platform in order to determine resilience. This test will be conducted at random times during the day and we do not expect it to interfere with any operations.

New documention, marketing and collateral will become available the week of July 23rd but most of it is already available at www.exchangedefender.com right now.

Thank you for your business!

ExchangeDefender is proud to announce the new look for our Network Operations Center (NOC) which includes new status pages, new blog, new look and yes – even more information you can pass on to your clients. The idea behind the redesign was to give end users and our non-IT partners a way to get an assessment of the network at a glance, a deep dive into technical issues, and to provide recent and historical service issues so that IT personnel in charge of our services can match up service problems with times that we had an issue or maintenance window.

   Is there a problem?

This is generally the first question that a user will ask when they contact our partners for a service issue. And unless you follow us on Twitter @xdnoc, you probably need to check our NOC page. Here is the new look:

image2

Our users will be able to look at the NOC page and immediately see the issue and take the next step.

   What is the problem?

By the time there is an issue or the maintenance window is concluded, service notices are closed and aren’t visible to partners anymore. We had a lot of reasons for this but needless to say that it’s been one of the top complaints from our partners for years and it took us a while to figure out how to do this discretely and in a way that would be beneficial for everyone. Since support folks tend to either follow us on twitter (@xdnoc) or are living in our portal at support.ownwebnow.com, we wanted to put it in a location that would make it most actionable. You will notice quite a few changes to our support portal:

image (1)

Now this screen will continue to change – but the idea is the same – if you resell or manage our products, I want you to know immediately upon logging in what the issue was and how it was resolved. You can then match up the timeline and work from there but you will get all the information in one, secure, compliant and process driven environment.

The point is – if you’re a lurker or just wondering, I want you to see if there is an issue at all. If you work with us, I want to arm you with all the information you can ever need and I want a support tech on my side to be available to you immediately to advise what to do.

Afterwards, you can read about the details on the NOC blog at www.exchangedefender.com/noc where we write up longer technical articles that nobody will ever read, but our partners find them extremely valuable because they aren’t written in technical jargon – they are meant to explain to your clients what happened, what we did, and what we’ll do next to make sure that issue doesn’t repeat.

Psst. It’s time for better support.

ExchangeDefender has been working on a massive infrastructure upgrade and reengineering project since early 2017 and we’re happy to report that we’re providing better service and offerings than at any time in the past. Now we’re thrilled to announce the launch of our newest support portal that will converge email, chat and support ticket activity in a single, process-driven solution.

This means we will be able to help you better, faster, and in realtime. Tomorrow, June 1st, at noon… we will launch our new support UI:

Responsive User Interface
Our entire UI is now built on a responsive user interface that looks great no matter what device (desktop, browser, mobile, tablet) you use it from. No more smudged and unreadable fonts, no more zooming, panning and scrolling. Best of all, much faster and refresh-free UI!

Fewer Clicks, Faster Access
Hate having to click 80 times to get to what you need? So do we – and most people access ExchangeDefender on a touch-enabled device these days! We listened and designed a new portal that gets you where you need to go faster.

More Intuitive Design & User Experience
You no longer need a masters degree in CRM software to navigate around the platform, anyone can do it. No more scrolling through pages of text and form fields, everything you need it at your fingertips.

Friday, Friday, Friday… at noon!

As mentioned above, the new UI is designed to help real people, doing real work, in the real world – not just office power users on arcane hardware (don’t worry, we got shortcuts and powerups for you as well). In order to accomplish that, everything in the new interface is intuitive. Want to create a new ticket? Here is how:

clip_image002

Same behavior you have on the desktop is the same behavior you’ll have on your tablet and phone. Best part is, we are not taking anything away, just adding more useful content that is always at your fingertips. For example, take a look at the new ticket screen:

We have removed the clutter, emphasized the important announcements, improved page loading time, require far less scrolling and the elements you need will automatically load into view as you start a service support request.

clip_image004

You’ve probably seen paper after paper illustrating how much modern consumers rely on self-help and self-service sites rather than picking up the phone, sending an email or opening up a support request. With our integrated FAQ, smart answers and realtime resources (including chat) we will be able to help you with the routine and simple tasks without having to wait. Or scroll.

Working on a bunch of issues at once? Our system will now allow you to quickly access all of your tickets and see updates without opening a million tabs or scrolling for days.

clip_image006

We have added a bunch of new conveniences that allow for realtime results, automatic refresh and quick updates.

The big idea with the new portal is that many problems, projects, issues or inquiries can be handled much faster without having to switch from ticket to ticket, system to system, or screen to screen. Most of the service is simply acknowledging that the issue has been received, acknowledged, reviewed and assigned to the right person that can help right now.

If you’re used to the old way of doing things, and don’t look too closely, not much will change. It’s still all there, just much cleaner and simpler:

clip_image008

Working on tickets and on teams is now simpler than ever. We got rid of the old one-owner one-client one-issue model and can now easily add employees on this side that can help. Unlike the old days, the issue and responsibility doesn’t end at the point of assignment – everyone is still accountable to the client and now we can respond faster and work on an issue as a team.

clip_image010

You will notice that our ticket update screen has gotten a lot simpler as well. When you update tickets, you won’t see an entire page refresh either. There is a reason for that: We are moving towards full realtime portal – meaning we can start supporting users in a chat and reduce the amount of time wasted searching, navigating and waiting on the browser or page to load.

One of the most common misconceptions we get to deal with in the email business is the notion that the almighty cloud eliminates the need for backups, redundancy, compliance archiving, and disaster planning in general. Nothing could be further from the truth so please share this checklist with your clients and decision makers so they can make informed decisions about how much protection is needed for critical business data.

image

Now, let’s tear apart the myths we hear most often:

It’s in the cloud so it’s already backed up. You will not find a single cloud service provider that will offer their backup policies in explicit detail. This is not just a matter of secrecy (exposing the network and storage design) but also of implementation: some services just don’t have a backup only a lagged copy. Never, ever, assume that your cloud provider cares about your data more than you do, it’s no coincidence that the first thing you do with every service you sign up for is a mandatory acceptance of terms of service that you’ve likely never read. Your data is your sole responsibility.

It’s in the cloud and they say it’s there forever. Sometimes marketing gets falsely associated with the actual service deliverables: “You will never have to delete email to make space” doesn’t translate into “Your email will never disappear” – all major email providers have a well documented trail of losing clients mail, deleting their mailboxes “for policy violations” and otherwise shunning any responsibility.

It’s in the cloud so someone is actively managing it. Cloud service providers manage the cloud service, management of your personal data is often the secondary concern. That sounds harsh so allow me to elaborate the top down view: Imagine your service just crashed, massive catastrophe: What is your primary concern? Restoring access to service to send/receive email, or restoring clients data from 5 years ago? Now align those priorities with the budget: What is more important to the cloud provider: service operation or access to old data? Many services are even pushing for not keeping all of your data in the cloud at all, the notion of archive boxes and focused views is all about not having the responsibility for your data.

It’s in the cloud so it meets compliance. Your regulatory compliance requires assurance that data could not have been deleted. That kind of assurance only comes with services like ExchangeDefender Compliance Archiving which archives messages before anyone has a chance to tamper or delete the data. Furthermore, the backend system for an archiving or compliance solution is radically different because of the liability: companies that insure confidential data storage are far more concerned about redundancy, backups and data loss than they are about the uptime and service availability.

Now that the myths surrounding the false sense of cloud security are shattered, let’s look over a brief plan you need to implement to safeguard your data:

1. Document everyone with access to email.
2. Come up with a policy for adding/removing employee email.
3. Identify any regulatory compliance requirements.
4. Identify business case scenario requiring long term archiving.
5. Document who has access to what and how changes are tracked.
6. Come up with a data retention and data backup plans.
7. Understand the law and security, make neccessary adjustments.
8. Designate a Compliance Officer to manage everything.
9. Test your backups and compliance archiving routinely.
10. Periodically audit everything in the previous 9 steps.

Truth is, there are hundreds of steps in cloud security management for each of the 10 items I listed above: The goal isn’t to give you a blueprint, the goal is to make you aware of complexities and the issues that can come up when the basics are ignored. If you would like the details, give us a call, email is what we do for a living and (unfortunately) our expertise is developed over the years of cleaning up our clients neglect of their email infrastructure – let us and our partners know how we can help.

Signing up for the Compliance Archiving service is the first step in reaching regulatory compliance when it comes to email retention and eDiscovery. The following five steps will put you on the right path of achieving and maintaining that compliance:

 

1.Understand what you need to keep and for how long.

Your regulatory/oversight body will provide details about how long you are required to hold on to your email. In our experience with Compliance Archiving, you also need to pay attention to the Statue of Limitations that your business may be liable for. Very often the discovery process for lawsuits includes legal hold requests and record requests that are longer than regulatory requirement.

2. Get the right product and implement it correctly.

Your compliance has to be all encompassing – all email must be archived. With ExchangeDefender Compliance Archiving all of your inbound, outbound, and interoffice email is collected, archived and protected in the cloud. You can search for any document at any time and be certain that it has not been tampered with and that no emails have been deleted – something that sets our eDiscovery/archiving apart from backup solutions.

3. Keep an eye on it to make sure it works

Just setting up a compliance archiving solution is not sufficient enough. there is no protection for technical negligence in regulations. You are expected to keep your mail server and everything connected to it secure. Penalties for data loss, compromised credentials, and data leakage are severe and are not a valid excuse for not having compliance.

4. Create Compliance Officer reports frequently.

Compliance Officer within your organization must create reports on a monthly basis to assure no confidential information is allowed to leave the organization. Some industries have an even more specific and severe restriction on the type of communication that can take place over email and what sort of information can be sent – compliance officers run eDiscovery reports to assure nothing confidential is being shared and address problems and exceptions routinely

5. Routinely audit the entire system to maintain compliance.

Organizations grow and change over time and remaining compliant with new regulations is key. ExchangeDefender Compliance Archiving service often sends out advisories, best practices, tips and suggestions to adjust your process because you are always expected to be in full compliance with the latest requirements. Every time you add a new employee or change your mail server configuration or new lines of business – compliance must extend to cover these new records that may be of interest to someone down the road.

“One of the biggest mistakes organizations make with regulatory compliance is thinking that it’s a service, product or a one-time effort: quite the opposite!”

 

Achieving regulatory compliance means implementing the right product, conducting routine audits, complying with changes in regulations and having full control of the environment where messages are stored as employees come and go.

In the event of an audit, you will be asked to produce record and you will be judged on your ability to provide specific records that are requested, not the best effort you made in trying to achieve compliance. Considering the fines and legal complications, it makes sense to revisit the five steps outlined here annually and make adjustments as necessary.

Not growing as fast as you’d like, or spending too much time on email/client support? Hear our CEO’s thoughts on what is fueling our growth and how ESS is already playing a huge part in growth of managed services across our client base.

Posted by ExchangeDefender on Friday, April 13, 2018

Not growing as fast as you’d like, or spending too much time on email/client support? Hear our CEO’s thoughts on what is fueling our growth and how ESS is already playing a huge part in growth of managed services across our client base.

ExchangeDefender Become a Partner banner

GDPR - GET STARTED

Our readiness kit contains valuable resources designed specifically to help businesses with GDPR requirements.

DOWNLOAD OUR GDPR READINESS KIT

IoT Security Solution

Introducing our newest security solution for IoT devices. Protect and secure your IoT environment with robust built in Security.

READ MORE

Are you an MSP?

See why you should consider our partner program. Become a partner at no cost, with no annual commitment, cancel anytime.

MORE INFORMATION