corporate encryption Tag

Recently, Cybernews reached out to ExchangeDefender CEO, Vlad Mazek to learn more about how we keep businesses safe from cyber-attacks using top of the line security solutions. The informative discussion centers around the topic of cybersecurity, and what that means for the modern business.

With the recent rise in phishing attacks, it is smart to double-check if it’s really your coworker that emailed you.

By now, it’s probably hard to find an Internet user who has never received emails from someone claiming to be a long-lost relative who wants to share their fortune. While the majority of us are familiar with this type of malware, phishing attacks shouldn’t be underestimated. Nowadays, when threat actors start to include more personal details, posing as coworkers or even bosses, staying vigilant is key.

To discuss the topic of cybersecurity and phishing prevention, we reached out to Vlad Mazek, the CEO of ExchangeDefender, a company eliminating email threats before they even reach your inbox.

ExchangeDefender has been providing various security solutions for more than 2 decades. What was your journey like throughout the years?

We originally started ExchangeDefender to improve the reliability of our Microsoft Exchange servers by offloading all the security tools to a more scalable infrastructure. Over the years we’ve expanded our security portfolio to protect other email servers, as well as deliver more secure ways to rely on common office tasks such as file sharing, collaboration, and compliance.

Can you tell us a little bit about what you do? What are the main problems you help solve?

We used to say “We kill SPAM for a living” and to this day we simply eliminate common threats that lead to security compromises and service outages by providing email encryption, long-term archiving & eDiscovery.

We make it easier to rely on email for secure and reliable communication; which we do by keeping potentially dangerous content away from your webmail, mailbox, desktop, or phone. Simply put, we make it easy to get things done more securely.

What technologies do you use to detect and stop threats in their tracks?

We primarily rely on our internal early warning system which tracks unusual activity from known threat actors. Because of our size and client base, we often have the luxury of being among the first to be targeted which helps us identify safe and unsafe developments before they go “viral”.

We also participate in many proprietary, open-source, and data/intel sharing projects that help raise the security profile of everyone involved.

How did the pandemic affect the cybersecurity landscape? Were there any new features added to your services?

Pandemic actually improved the security landscape for our clients because they suddenly had to shift to a remote work model which inherently came with more stringent security requirements and more awareness for security policies and secure collaboration.

We noticed a significant shift from traditional office communication methods to SMS/TXT and we moved quickly to make all of our services SMS-aware. Mobile phones have become a security identification token, a mobile presence device, and far too often a failover computer. That’s why we invested heavily in extending our services to meet our clients’ needs to go beyond just sending email messages.

What sectors (for example, financial, healthcare, etc.) do you think should put extra attention towards email security?

The best way to answer this question is to think like a hacker because for them it’s not personal, it’s business.

Organizations get compromised for one of two reasons:

  1. They have assets (data) that are valuable
  2. They have a reputation that is valuable

If you have a lot of valuable data or a trustworthy relationship with your clients, you’re a valuable target regardless of your industry. It would be difficult to hack a financial institution because they have dedicated IT and security teams, go through routine audits, and can respond to threats quickly. Compare that to a small CPA firm that uses standard tools and an antivirus bundle that came with their PC.

When it comes to cyber threats carried out via email, what are the most common ones?

Email is the most popular way to get cyber threats into an organization, according to a recent study over 90% of security compromises started with email and it has not changed significantly in the past few years: the #1 cyber threat is from spear phishing. Spear phishing is a practice of forging the identity of the sender and the look of the email to something the recipient would find trustworthy enough to click on. What has changed significantly is the end goal of spear phishing:

  1. Deployment of RAT (Remote Access Trojan) software
  2. Theft of PII (personally identifiable information)
  3. Theft of security credentials

This list actually flipped in the last two years mostly due to the sophistication of RAT software that can give an attacker access to the entire network instead of just a single PC or cloud account. The latest variants target UEFI bios which keep the threat in place even after you get rid of the infected hard drives. As these threats evolve, they also highlight other security issues on the network which makes them difficult to remove and require constant monitoring.

With so many teams working remotely nowadays, what are the best practices when it comes to secure file sharing?

The single most important recent advancement in overall IT security that really deserves wider adoption is the use of MFA/2FA/OTP: multi-factor authentication that requires secondary verification before accessing any sensitive system or information. Working remotely, outside of a managed network and access to IT staff, creates a new universe of security threats that should be mitigated by:

  1. Deploying & requiring MFA for access
  2. Deploying a more aggressive backup and imaging solution
  3. Controlling and reducing the attack surface (by limiting access only to required web sites & services)

Besides secure collaboration solutions, what other security measures do you think modern companies should invest in?

You are probably already spending too much on overlapping, redundant, and underutilized security solutions.

The best security investment you can make today is to get an audit of your existing security portfolio and its integration. Being secure doesn’t come simply from paying for a security software/service license – it has to be properly integrated, configured, and monitored in order to truly keep users away from dangerous content. Due to the chronic lack of security focus and the habit of deprioritizing security for the sake of end-user comfort, many organizations find themselves in a perilous situation with cyber insurance demands.

We are seeing organizations getting compromised not because they don’t have security solutions or adequate training but because they don’t take the time to properly and fully implement the security solutions they are already paying for. An overwhelming majority of ExchangeDefender subscribers rely on less than 30% of the security features they already pay for.

Can you give us a sneak peek into some of your future plans for ExchangeDefender?

Our biggest technical investment for 2022/2023 is to make it possible to access external content (email attachments, files, messages, sites & services) in a secure online sandbox environment where dangerous content wouldn’t even have a chance to reach the user’s desktop, phone, or network.

Our biggest investment is in the area of security audits and assessments. While there is always a shiny new tool or service that promises better security, our data indicates that it’s rarely the lack of a tool, and more often the lack of proper deployment and management of sensitive information that leads to a security compromise.

We’ve helped countless businesses that have been compromised over the years and it usually comes down to neglect of security processes combined with a lack of a plan to respond and recover from a hack. Our future plans are to help organizations change that scenario because cybersecurity isn’t something you buy, it’s something you do.

To celebrate the launch of our new small business service plans, we are currently offering 30-day free trials for any service. Interested in ExchangeDefender? Please visit www.exchangedefender.com/business to request your free trial today!

Cyber attacks and the stealing of sensitive data has been big business for hackers and cybercriminals. Especially due to the disruptive covid-19 pandemic that has pushed workers to work from home. The BYOD strategy has caused major concerns for businesses, and to the Managed Service Providers who are hired to protect them. It is not all bad news though, with the introduction of an advanced email encryption software. Today, more security layers are needed to be put in place in order to protect business data and communications.

Email Encryption: A must have

Let’s first talk about the (obvious) reasons as to why SMBs need email encryption. Firstly, to have the ability to securely share sensitive information. When using email, its not as secure as you would think, and offers no real privacy. Of course, we would need encryption in order to avoid data leaks that could ruin a small business. Whether its financial records, client information, or confidential information – all are at risk of being nabbed by hackers. Email compliance is crucial, especially for businesses operating within the EU, or doing business with those that are a part of the European Union due to GDPR regulations. SMBs that are caught violating GDPR requirements when it comes to protecting user information could be subject to major fines. Businesses have to be mindful when selecting an encryption software. The right software should be able to meet all, or most of the requirements set by the organization. It’s not just about price, there are plenty of factors that SMBs will consider when choosing the right service.

Businesses have to be mindful when selecting an encryption software. The right software should be able to meet all, or most of the requirements set by the organization. It’s not just about price, there are plenty of factors that SMBs will consider when choosing the right service.

Top 10: What clients want

We have researched the top 10 features that your clients are looking for when making their decision on encryption solution.

1 – The service must be easy to setup, preferably a cloud application. Also, there should be no real training required.

2 – It must work well with all email service providers and on all devices with wifi access.

3 – The encryption software must meet all compliance requirements set forth by both U.S and EU regulations.

4 – The service must be able to offer zero-step encryption. (The ability to auto-detect sensitive information.)

5 – Granular access controls, particularly the ability to control the expiration of the message, as well as the ability to revoke any individual message to any one specific individual.

6 – Advanced Reporting – they want to know the who, when they opened it, and what they did with it.

7 – Secure web forms templates. Particularly for law firms and medical offices.

8 – Seamless recipient experience – how their clients perceive them and their sensitive data is very important.

9 – Pre-defined policy rules “filters” – available healthcare, financial, state, and education.

10 – Branding : the ability to add custom branding to the secure messages.

The restructure of the encryption portal was driven solely to enhance the user experience.  The ExchangeDefender Encryption Portal gives users central access to all encryption messages, contacts, advanced encryption options groups, SMS, URL as well as a full audit log. All available from a secure site, available via desktop and mobile.

Let’s take a look at what’s new:

For Contacts, we have made it easy to be more productive by saving contacts you often send messages to.

Click, Create New Contact and provide the name and email address. It is that simple.

Basic vs. High Security

Primarily High Security requires the recipient to create a profile to ensure the message is not compromised by a 3rd party. We strongly encourage the use of High Security. Basic Security also provides end-to-end encryption, but does not require the recipient to register with ExchangeDefender.

Advanced Options are located on the right hand side of your screen, these features were created to enhance the user experience and to offer more flexibility for the user.

  • Automatically destroy the message after # days.
  • Notify this user when the recipient reads this message
  • Password protect this message
  • Notify me when the recipient reads this message
  • Actions allowed for recipients: Allow Reply/Forward or to Print

Groups

ExchangeDefender Encryption also supports groups.  You can add contacts to a group by clicking on +Create New Group and providing information about your contacts.  At any time, you can also click on the + icon next to the group name to +Add more members or click on the red X button to remove from the group.

Send encrypted messages via URL (Website)

ExchangeDefender Encryption enables you to send encrypted messages to web sites and services while maintaining the security and custody of the message contents.

The system generates a short URL that can be copied and pasted into Slack, Teams, Facebook, social media, or any other web site. URL Encrypted Messages are the most popular features as it provides a secure authentication layer, automatically deletes contents, and provides tracking.  Simply type your subject, message, attach documents and click Send and a dialog box will pop up with the link to the message. You can copy and paste this link and everyone with the access to it.

Send encrypted messages via SMS

Send encrypted messages to mobile devices via SMS / text messages. This feature is highly sought after by doctors, attorneys and insurance personnel that are frequently interacting with clients that are on the move. “We’ll just text it to you” is an easy way to deliver a secure message via the recipient’s mobile phone number.

The recipient receives an SMS message with a link to the secure encrypted message.  They will click the link, the default web browser on the phone will go to the secure SSL-encrypted web site to show message contents.

Internationalization

ExchangeDefender encryption portal has adopted Internationalization by designing the portal to be adaptive to various regions without engineering changes.

Audit Log

Every action related to encryption is listed here and reflects what was done even after the messages are gone.


To learn more about ExchangeDefender Corporate Encryption, click here.

How to compose an encrypted message with ExchangeDefender Corporate Encryption.

Our new user-friendly interface makes sending and receiving encrypted messages a breeze. The redesign really focused on the end user, and how the software would be used on a daily basis. We made sure to include flexible options to be able to securely share sensitive information to a Contact, or a group of Contacts all at once.

Option 1: Sending an encrypted message by email

There are a few ways to send an encrypted message with ExchangeDefender. The first being the traditional way – typing in the email dress of your recipient, adding the subject of the message, along with any attachments, and clicking Send.

From your Dashboard, the steps would look like this: Inbox > Compose email button > New Message.

Option 2: Sending an encrypted message by URL

The second option in sending encrypted messages is highly customizable which includes the ability to send secure message by URL, or by text message. As of right now, ExchangeDefender offers the only omnichannel solution for message encryption allowing you to send messages securely to web services as well as mobile devices via SMS.

ExchangeDefender Encryption enables you to send encrypted messages to web sites and services while maintaining top security of your sensitive information.

How does it work?

The system generates a short URL that can be copied and pasted into Slack, Teams, Facebook, social media, or any other web site or service. URL Encrypted Messages are among the most popular features of ExchangeDefender Encryption because it provides a secure authentication layer, automatically deletes the content, and provides advanced tracking.

How do you generate the shareable secure link?

The process is exactly the same as sending a message to an email address, group, or mobile device. First, be sure to select the URL button, then type your subject, message, add an attachment (optional) and click Send.

Once you click the Send button, a pop-up form will appear with the link to your secure message.  You can copy and paste this link to the contacts whom you wish to have access.

Option 3: Sending an encrypted message by SMS Message

“We’ll just text it to you” is an easy way to deliver a secure message while still keeping the contents in your custody in your secure Inbox. ExchangeDefender Encryption enables you to send encrypted messages to mobile devices via SMS / text messages. 

Sending a secure message to the mobile device is same as sending any other encrypted message through ExchangeDefender encryption – with one important difference – you only need to know the recipients mobile phone number.

Simply, tap the Compose Email button, then select SMS tab to create an encrypted message with SMS delivery.

The recipient will receive an SMS message with the link to the secure encrypted message. When they click on it, the default web browser on the phone will go to the secure SSL-encrypted web site and show them the message and contents.

Please note: SMS messages and URL messages only support Basic Security encryption because they are not sent to an email address that could be used as a login. Please make sure that you enforce tight expiration window, and please setup a password to minimize the chance of unauthorized access.


We recently won a very large financial institution contract with our ExchangeDefender Corporate Encryption by solving a not-so-unique problem many businesses have with their encryption solution:

“It’s a disaster. I spend more time resending encrypted messages or walking clients through how to access forms than I do on actual processing.”

This is what we heard over and over – email encryption solutions are ugly, not intuitive, not very user friendly, and half the time they get lost somewhere along the way. If your business has a loan officer doing email support, your email encryption is not working for your business.

“Sometimes we just text them parts of it blurred out so we can move ahead until they come into our branch.”

What if you could text them, but securely?

Mobile phones have become so ubiquitous that they are already being used a secondary security credential (via 2 factor authentication or OTP) – and now ExchangeDefender enables you to rely on them to securely grant access to confidential or sensitive information

ExchangeDefender makes this easy by allowing you to simply send anything you need to handle securely to your clients phone via SMS/text. And to do so while being even more secure than with email. Unlike email, that multiple people (from admin to IT) have access to, only you have access to your phone. Nobody else, with your credentials, can snoop on that. So compose a message, type in a phone number and send them the link to the document and attachments securely.

But ExchangeDefender Corporate Security makes that even better and more safe. First, you can password protect the message and either give them in a call or using other means. You can even make sure that they cannot share it or that it would get compromised later – just set the message to expire after it’s been viewed.

And of course you will be alerted when they actually click on the link and access your message.

You can even track it.

ExchangeDefender Corporate Encryption is truly enabling multi-platform secure sharing of secret, sensitive, and personally identifiable information. With our SMS/text feature, you can now reach people on their mobile devices and get them secure access to the information without an app or without dealing with their email issues. Best of all, your message never leaves you, the clients only get the link – so if you made a mistake, you can revoke and destroy the message immediately.

This level of secure messaging and audit trail is unprecedented – and now you can say “I’ll just text it to you, but securely. Password is encryption and it will auto-destroy after you pick it up.”

ExchangeDefender recently launched our second update for 2020 Corporate Encryption, and the feature that caught the most attention from our partners was the ability to send and control sensitive content via URL (i.e. web):

At ExchangeDefender, we simply call this Certified Delivery. When you absolutely, positively, totally must get the information to the third party securely – know who, where, and when accessed it – and that it will automatically expire/destroy the contents so you don’t have to track it or worry.  

How to securely share info on the web

As a subscriber to ExchangeDefender Corporate Encryption, you have access to our encryption portal at https://encryption.exchangedefender.com. You can even bookmark this shortcut so you can quickly send messages straight from your browser.

 Once there, click on Quick Actions > Compose Mail. Select URL.

Type up your recipient’s name, subject, message, and attach any attachments you may want. After you click on Send you will see the following popup:

That is it. Your secure link is generated and you can paste it anywhere you want. It is as simple and as fast as that.

But suppose you wanted to get some more control over the message and our automated policy enforcement. Click on Advanced Options:

This is where the power of ExchangeDefender really shines as it integrates into the client’s unique business requirements, which may vary depending on the information, recipient, and sensitivity.

For example, I am going to be sharing a secure message with an attachment that is time sensitive. I am setting it to automatically delete itself after 2 days, meaning I don’t have to come back and delete it myself. I also want to make sure that this message gets destroyed as soon as the person I sent it to views it – that way I minimize the likelihood that whoever is snooping on their computer / phone can get the same data. And because I am not actually sending any data to their PC, I have full control – meaning I can revoke/delete this message before they get to it too. I am also adding a secondary password to this message that I will communicate separately. For extra piece of mind, I am also asking Corporate Encryption to send me an email when someone picks up this sensitive message.

But wait, there is more

Sharing sensitive information comes with responsibility to keep the system accountable – you want to know if they got the message, when they got the message, where they accessed it from, and ultimately what they did with it. So ExchangeDefender Corporate Encryption offers you a variety of ways to do this easily. The best option is the Activity tab in the Encryption Portal:

Here you can track down the activity for each message you send, export the data for analysis, or just save it for your records. There is even a weekly email report if you don’t want to get flooded by email notifications when you share info with multiple people that might be accessing it frequently. ExchangeDefender Corporate Encryption brings several additional layers of information control and accountability. It actively works to keep you, and your information, more secure. And we’re thrilled to be able to save our clients time on tasks they do every day – to see more of what our clients asked us to build, take a look at the webinar recording!

ExchangeDefender Email Encryption is a service that helps you control and distribute sensitive information. There is no shortage of solutions that help comply with the alphabet soup of regulatory requirements that help mitigate data leakage – the real challenge is making people that rely on encryption to be more productive.

We spoke to thousands of our users, across industries, to gain understanding for how they use the service and what would make it optimal. Here is their wishlist, delivered:

Encrypted Messages are about more than email

While Email Encryption services were designed to automate encryption of email that contained sensitive information, the practical use for email encryption is simply to securely deliver and track access of those messages. Depending on the urgency, sensitivity and the receiving party, ExchangeDefender’s Advanced Encryption Options make it possible to customize how long the message is available for, if the recipient needs to enroll in the service or simply click to view, who should be notified of message delivery/receipt/read status, and more.

ExchangeDefender is the only Email Encryption solution to feature multi-channel delivery of sensitive content. Simply put, organizations no longer only share data via email. Companies are now texting more than ever, as well as leveraging different portal and chat solutions to which sensitive content can be attached. ExchangeDefender enables you to send encrypted messages – automatically based on content or by your custom preference –  but you can send it as an email, as an SMS/text message to a mobile phone, or as a URL link pasted on Facebook/Slack/Teams or any web or social media property.

Simply put, when you need to know that it got there securely and what they did with it afterwards, ExchangeDefender has the policies, processes, and automation to make it possible and simple.

Encryption isn’t an IT / CCO problem, it’s a business challenge

No software to install. No need to change any DNS records or move your email hosting. No devices or appliances to maintain or support. It takes just a few minutes to sign up for ExchangeDefender Corporate Encryption, add your users, and set the default corporate encryption policy and suggested lexicons/pattern searches to keep everyone secure. In minutes, IT’s job is done.

The real encryption challenge is with the people that rely on encryption to get things done. Staff that sends out hundreds of encrypted medical records each day. Staff that communicates sensitive financial information between multiple organizations. Staff that is more concerned about the message getting to the intended recipient that can easily access it – or they become the front line IT support for every recipient that can’t view the message, didn’t get the message, or worst case scenario, message was sent to the wrong party (you can revoke it at any time).

ExchangeDefender approaches the business challenge by helping the sender customize the environment and save settings to eliminate repetitive work.

Outlook or Outlook Web App

ExchangeDefender Corporate Encryption comes with an Outlook and OWA add-in product that adds buttons to the Outlook/OWA ribbon. Safe delivery of sensitive information is really just a click away: just click on encrypt. This approach removes the need for the web interface entirely, and follows the default encryption policy as defined by your IT and Chief Compliance Officer.

Activity

Most of encrypted email work is related to message delivery: When you want to know that they got the message and what they did with it. With traditional offerings this is a painful process of searching through tons of email notifications – but ExchangeDefender takes that a few steps forward.

ExchangeDefender Corporate Encryption features a powerful Activity tab that enables users to see live activity across all the messages they’ve sent recently. For example, if you’d like to know whether the recipient attempted to print or forward a message you restricted them from printing or forwarding, you’ll find an alert on the Activity page. If you send a ton of mail, our powerful search will help you define the actions you’re looking for, search for a specific time period, or just search by text/subject. From there you can export it to Excel, PDF, CSV, or just print out the report.

If you don’t send a lot of messages or dislike constant email notifications from encryption services, we’ve got you covered as well. ExchangeDefender features a weekly email report that shows you all the messages you sent and the associated activity.

Management Default Policies

ExchangeDefender makes it really simple to define a corporate security policy that automates the encryption of sensitive information. Whether you want to screen for standard personally identifiable information (PII), or use one of the predefined lexicons for a number of industries, or you want to define a default corporate policy to keep all users secure, ExchangeDefender has you covered.

Sender Policies

ExchangeDefender keeps its users productive by eliminating the user interface clutter – a byproduct of a highly flexible and customizable interface. Sending an encrypted message is simple and requires no training by design, the entire process is obvious and intuitive.

To be productive, you will need to rely on some of the more advanced features of ExchangeDefender Encryption that help control notifications, message rights, message age, and additional security requirements. ExchangeDefender allows you to save your policy customizations as a new policy, so that all the settings you configured can be reused and reapplied with just one click, on demand.

The Encryption Opportunity

The purpose of email encryption is to help automate the encryption of sensitive information. ExchangeDefender excels at this requirement with domain policies, lexicons, advanced pattern searches, and custom policies.

There is a lot more to encryption when you consider the people that rely on it to do their job – and ExchangeDefender offers Outlook/OWA addins to make encrypted email as simple as a mouse click. From there we provide powerful Activity reports in the encryption portal that allows you to search for messages, activities, and even filter down to the right time frame. Because encryption isn’t only about sending – it’s about knowing that the message was received securely – you can create custom reports that can be printed, saved, or exported to Excel.

Ultimate opportunity is in realizing that message encryption needs to evolve with how we work. Covid-19, office closures, physical distancing, and reducing touch points has made us all rely on social media, chat platforms, portals, and social media to communicate with our coworkers, partners, and clients. We now share sensitive information via email but also over the web and via text/sms to mobile devices. ExchangeDefender supports them all, secures them all, and enables secure productivity.


It’s easy to see why Corporate Encryption is our most popular product, please submit a ticket for a free trial.

ExchangeDefender Email Encryption: When you need to make sure your message was read, securely.

ExchangeDefender is proud to announce the launch of a new version of ExchangeDefender Email Encryption, our second update to this service in 2020 built entirely from user feedback.

Covid-19 pandemic has permanently changed how we exchange secure documents with people outside of our organization. In 2020, encrypted email has become a standard for secure delivery of confidential information. When you absolutely needed to make sure your documents got delivered and received, you’d turn to a fax machine or certified mail – but in 2020 with remote work and reducing touch or even office – we’re turning to Email Encryption. It’s no surprise that Email Encryption is now our most popular service.

For this new release, we went back to our users with a question: How can we make you more productive?


Encrypted Email is the modern version of a certified letter

When you have sensitive information that you need to make sure stays confidential, email encryption is your go-to solution. In fact, the biggest complaint about email encryption is usually about how clunky and user unfriendly it is. This is because email encryption was not designed with a sender or recipient in mind, but the IT and Corporate Compliance Officer staff that needed to protect ordinary email flow and keep any sensitive information from leaking out.

We wanted to solve this problem so we focused the new version on productivity.

This meant spending more time perfecting the user experience, both for the person in charge of sending sensitive information and making sure that the recipient can easily and safely access the message. With no training, no obstacles, no software installation, and accessibility anywhere, anytime.

Almost all of the corporate effort in email encryption is focused on acronyms and alphabet soup of regulatory requirements that are largely automated. But the real opportunity – and our clients identified obvious pain points – is in the day-to-day use of the email encryption system to send confidential information and make sure it’s received.

Sending Encrypted Messages

Our biggest goal was to make sure everyone could send encrypted messages without a ton of effort – so we’ve made it possible to subscribe to Corporate Encryption without subscribing to ExchangeDefender at all. Yes, it’s available a la carte and you just need to sign up (no MX record changes, no hosting provider changes, just sign in to the encryption portal and click Send).

For our clients that live in Microsoft Outlook or Outlook Web App, we’ve made it even simpler with the ExchangeDefender Encrypted Email addin. Now email encryption is just one click away.

Our biggest challenge was to make encryption easy to use – with so many powerful features and settings, modern email encryption solutions feel like an airplane cockpit to many white collar workers. We started by simplifying the user interface and giving IT/Compliance Officers the ability to create default organization policies – so users only need to worry about the message and where it’s going. All the advanced options are just a click away, enabling users to tweak email encryption to meet any unique business task.

So we’ve made it easier to obtain, easier to get started, and beyond effortless to use!

Controlling & Automating Encryption

We did not forget about our power users and our new release has all the features our clients have requested. Advanced Options no longer clutter the screen, but they are only a click away.

Once you customize the policy for a new message you have the option of saving it as a new policy and simply reusing it later (instead of always going through all the settings). 

Regardless of the industry or the role we spoke to, our clients stressed that one-size-fits-all approach simply doesn’t work. While all appreciate and understand that there is a security policy requiring encryption of sensitive data, the pain point for everyone is the notification system: We all have to comply with the encryption policy, but we’d all like more flexibility with how we’re notified about our encrypted messages. Simply put, it can depend on the content, the urgency, the concern for how the message is shared with 3rd parties, and even on who is being contacted. As one office manager told us:

“When I’m sending a letter to our attorney or CPA, I need to know the moment they got it. But when I send out 300+ lab reports, I really don’t want to get 600 notification emails. I wish I could manage how chatty the service is for each situation”

Now you can – just save the new policy and reuse it as often as needed.

Important thing is, everyone stays secure using the default organizational encryption policy. New users don’t need to be trained or taught every single setting, they can just rely on the corporate policy that assures they don’t make mistakes.

Tracking Encrypted Messages

One of the biggest additions to Corporate Encryption is the Activity Report. As our users consistently put it: “Encryption is half about protecting the content and half about making sure it got to the recipient”

Tracking receipt of messages using encryption solutions is generally about searching through tons of email notifications: finding a specific message and what happened to it is an analytical process. We fixed that, for power users and occasional users alike.

If you’re constantly sending encryption messages, tracking them becomes simple using our encryption portal that is accessible from any PC or mobile device. Simply login at https://encryption.exchangedefender.com (branded URLs coming soon) and click on the Activity tab. Here you can locate a specific message and see every activity related to it.

If you’re after a report, you can also use our powerful filtering to select the right action, date range, and contents – then just export it to PDF, Excel, CSV or just print out the web page and you’re done.

If you are not a power user, but send a lot of encrypted messages, we’re making your life simpler as well. Instead of getting an email every time something happens, you will now get a weekly email report showing you all of the messages you sent and what got delivered, read, printed, forwarded, etc.

Simple. Encrypted. Reported.

ExchangeDefender’s new Corporate Encryption is all about giving organizations better control over their sensitive information. For many business purposes surrounding security and data leakage, ExchangeDefender’s powerful encryption policies, lexicons, pattern recognition, and support for hundreds of regulatory standards will help keep you safe.

ExchangeDefender is about more than just safe, we’re about safety and productivity. Our new UI will make sending confidential information faster and simpler. Our new policies will make custom notification templates and message control effortless. Our ability to make an encryption platform that fits the way you run your business, be it email or a shared URL or even an SMS message — that future is now.

ExchangeDefender Encryption enables organizations to securely send, receive, and manage confidential email, providing an easy, seamless way to implement content protection. ExchangeDefender uses bank-grade Encryption with 256-bit keys, to secure all encrypted emails.

We are proud to announce the brand new interface and full feature functionality and reporting for ExchangeDefender’s Corporate Encryption.

Let’s take a quick tour!

Encryption Dashboard

This is Corporate Encryption’s brand new dashboard view. It is the first page you see after logging in. Your recent messages and recent portal activity is available on your dashboard.

Encryption Inbox
Compose a New Message

You can access your messages by tapping the Inbox tab. You can compose an encrypted message from this page. Encryption offers two levels of encryption, categorized by ENCRYPT and CLEARENCRYPT, and encrypts all email and attachments on every server where they reside.

Message View
Replying to a Message

The new web interface is sleek and modern, we have minimized the number of pages you visit to get things done. Finally, same page, one-click and done. You can select a recipient or a group to send the message to, the level of encryption, and even attach files.

Create a New Group for your Contacts.
Group’s List / Create a New Group
Contacts List / Create a New Contact

Encryption enables you to create groups for contacts list to make it easier and faster for you to communicate with your most popular contacts. You can add as many groups and as many contacts as you like. By clicking your Contacts tab, you can create a new contact, and you can access information on all of your important clients.


To access ExchangeDefender Corporate Encryption, visit encryption.exchangedefender.com or login to your ExchangeDefender Admin portal > Quick Launch > Encryption

Corporate Email Encryption for Business

Sure, there are plenty of reasons to use Encryption to protect your sensitive data – but there are three key factors, that all organizations share in common. The current state of cyber security woes for businesses presents itself as a harsh fact: 88% of companies suffer a data breach due to non-encrypted emails with sensitive information being hacked.

So, what are the key drivers that persuade organizations to take encryption seriously?


1 – To comply with data security regulations and requirements

Organizations must comply, by using the proper security and storage protocols, with U.S and E.U regulations in order to be considered (legally) in good-standing.


2 – To protect intellectual property of the business  

Trade secrets are a real deal, and are highly sought after by hackers for ransom and blackmail which often results in bankruptcy of the company due to lack of money and trust from customers.


3 – To protect customer information

Protecting customers and their personal information is at the forefront of security concerns for business. The rise of data breaches within the U.S shows that implementing stronger security protocols is vital to business continuity.

Our Solution: ExchangeDefender Corporate Encryption

For the modern workplace, all types of business communications are done via email, and now data exposure has turned into a problem of great magnitude. With just a single wrong-click, an employee could unintentionally expose secret company information, financial statements, contracts etc. In order for organizations to thrive on business continuity, they must protect their data by enabling an email encryption solution.

ExchangeDefender Encryption enables organizations to securely send, receive, and manage confidential email, providing an easy, seamless way to implement content protection.

Powered by ExchangeDefender, Corporate Encryption complies with the SOX, HIPAA, SEC and local government requirements for information encryption. It also integrates easily with our email hosting solution, and is compatible with all major email service providers – including Office 365, on-premise Exchange, and G-Suite for Business.

What types of Encryption do we use?

ExchangeDefender Corporate Encryption involves multiple systems to encrypt the message contents and notifications generated by the system.

Channel Encryption

ExchangeDefender uses SSL/TLS encryption of the SMTP communication between the client’s email server and the ExchangeDefender network. All traffic is automatically encrypted using the same level of security that is used with online shopping, banking, etc.

Managed Web Encryption

ExchangeDefender web servers are encrypted using commercial SSL certificates. Client configuration, email review, message retrieval and all services provided through ExchangeDefender websites are automatically encrypted and cannot be accessed through a plain-text process that bypasses encryption.

Data Encryption

ExchangeDefender web servers, email servers, and routing hubs secure all client data through multiple layers of security including:

Complex account and login restrictions

Remote access restricted to ExchangeDefender NOC IP address space

All remote access sessions are recorded and authenticated

Administrators do not have access to client message data or configuration information

Keep business data safe with Encrypton

To protect your organization from data breaches, email encryption should be used as a preventative measure against tomorrow’s hackers. ExchangeDefender’s Email Encryption solution involves encrypting, or disguising email contents in order to protect sensitive company information from being read by unauthorized personnel. Our system is entirely transparent with no software to install, or manage on either end.


Explore full Corporate Encryption features
Protect your business communications for less than $5 a month*