Has it been a while since you last reviewed your email policies? Do you need to make sure that every user in your organization gets the same protection and the same service behavior and reporting?
We’ve taken some of our most popular features and wrapped them in a user-friendly wizard that will allow you to quickly configure ExchangeDefender. These settings establish the bare minimum configuration you need to reliably send and receive email on the Internet and instruct ExchageDefender how to sort your email.
Security Policy Overview
Our goal with the Security Policy wizard is to save time while configuring the major aspects of ExchangeDefender. While you still have access to hundreds of policies and can always configure new custom ones (as business requirements demand) it’s nice to know you can quickly adjust the features and make sure they apply to everyone in the organization.
You’ll be able to teach ExchangeDefender how to categorize mail, how long to keep it, and how to report it. Basic SPAM, malware, phishing, and address enforcement policies can be configured in seconds.
We’ve also added some of the settings that are exclusive to ExchangeDefender (From: policy enforcement) and some that always give IT teams trouble (DNS, DKIM + SPF records). The goal was to present all the required and support-intensive features in a friendly way so you can protect your network without knowing the details of the latest standards and security best practices.
Default Security Policy will automatically display the first time you log in as a Domain Administrator. It will load your current settings into the policy and allow you to review it or apply it to all the users in the domain. All the settings are still in their normal places so you can fine-tune your protection and features (https://www.exchangedefender.com/docs >remember the docs).
We hope this new wizard saves you time and gives you peace of mind that your protection is configured correctly.
One of the most common complaints we get from our clients has to do with allow/whitelist policies and to make the long story short this happens because of the way your service provider configured ExchangeDefender. The long story, technical background, and best practices are outlined at https://www.exchangedefender.com/docs/whitelist. It usually sounds like this:
“I keep whitelisting this email address that sends me my OTP password / password reminder / login code / transaction confirmation / newsletter and they keep on ending up in SPAM!”
This happens for clients that configure ExchangeDefender to block email forgeries and spoofing.
You see, the email address that is showing up in ExchangeDefender and your Outlook/Gmail is not the actual email address that the message was sent from. Large volume emails (OTP, password reminders, notifications) are not sent by humans, they are computer generated and there is a random email address for every notification they sent out (so when/if it bounces they can track it).
These automated email addresses tend to have a long randomly generated identifier in them and generally look like this:
But in your Outlook/Gmail the spoofed/faked email appears to have come from DoNotReply@someotpsite.cz which has the domain you trust and attempt to allow/whitelist. If you pull up the SMTP headers from the quarantined email you can see this email address in the envelope-from field:
Solving this issue requires your ExchangeDefender admin to decide how permissive they want to be of email forgeries and fakes. ExchangeDefender provides two ways to manage this in the ExchangeDefender Domain Admin app at https://admin.exchangedefender.com (see documentation)
Option 1: Allow email from the bulk email network
ExchangeDefender enables you to automatically pass through messages coming from specific bulk/spam mail providers. It’s located at https://admin.exchangedefender.com under Advanced Features > Bulk Mailer Policy:
In our example SMTP header the message came from AmazonSES so if you change the policy from Scan to Allow, ExchangeDefender will simply deliver these messages to your mailbox without quarantining it as a forgery/spoof (which it is).
Option 2: Choose a relaxed From: policy
This is a less secure option that will allow forgeries and effectively lowers your security level to that of M365/Office365 – and we strongly discourage you from doing that. However, if the client requires it you can get it done under Advanced Features > From: Policy:
If you’re seeing notification emails in your SPAM quarantine even though you’ve trusted the sender repeatedly, it’s doing so because the message is being spoofed and your admin has configured ExchangeDefender to block that activity. You can relax the security restrictions by choosing to either allow the bulk mail network or you can build your trust rules on the less-secure From: address.
Our team is always here to help but they aren’t allowed to guess without seeing the SMTP headers first – so if you ever run into an issue that you’d like us to take a look at grab the headers and provide them at https://support.exchangedefender.com and we’ll advise from there.
ExchangeDefender Passwordless Login is a new feature that lets users get into their ExchangeDefender account easier and faster. Instead of logging in and tracking passwords, the user just enters their email address and the OTP code we send there – and they get access to all their ExchangeDefender services.
The Passwordless Login feature will drive down the support costs because that was the major issue our clients found in supporting login and authentication problems. We even joked that you may have answered your last login problem email. We now have more data and feedback indicating that this feature is a hit:
In practical terms, wider adoption of this feature means less support work for login and authentication. The fact that it’s more popular than password reset on launch means the users have already seen this feature elsewhere and trust it as a secure way to get into their account.
We’ve also heard from our technical and compliance audience: “It allowed us to finally take you up on an automated password expiration knowing that it will keep our passwords secure and users wouldn’t notice.“
The value we provide to our clients is in the ability to securely email, send secure encrypted messages, and continue emailing when there are IT issues. By making it easier for our users to get to these features everyone benefits.
Thank you for your business and for trusting us to protect your email.
ExchangeDefender launched Passwordless Logins and we’re happy to report that there have been zero issues and the adoption rate is already through the roof. Unsurprisingly, login/password/security management was identified as the #3 biggest support issue in our town hall meetings with service providers.
As a part of our 2023 initiative to build the best email security platform, we’ve been looking at innovations in the software industry outside of the security space. Launching an authenticated session by sending an OTP code via email and SMS has quickly become a popular authentication method at primary online services. As a technical implementation, this is no different than a password reset link process we’ve used for decades – you click on a link, you’re emailed a secret token that authenticates you, your new session starts and that’s it.
It’s just a lot more user-friendly and allows the user to tap through instead of sifting through applications and tracking credentials. Passwordless login will significantly lower your support costs — today may be the last ticket about a login or password problem!
Of course, we strongly recommend rolling out MFA on every ExchangeDefender account. The other change we’ve made in 2023 is a move to a role-based administration in ExchangeDefender: instead of sharing a domain or sp login you’ll grant users in your org access to domain or sp admin (see www.exchangedefender.com/docs/sp) and they’ll be able to elevate privileges as necessary.
Thank you for embracing all the cool new stuff we build to make your day online safer. Our goal this year is to make secure services convenient and passwordless login is a part of that commitment.
On Thursday, May 18th, the login experience at ExchangeDefender will change. Everything still works the same way as before and the new features will not affect user login: you’ll still go to https://admin.exchangedefender.com and type in your email & password to log in.
Below the main login block, you will see the new Advanced Login block featuring Passwordless and Administrator login features.
Passwordless – Tap this if you forgot your password and don’t want to set a new one. We’ll email you a code (for account verification) and when you type it in you’re good for the next 30 days.
Administrator – Tap this to log in to the management console for ExchangeDefender – Domain Admin and Service Provider. It’s safer & smarter to use user->domain, and service provider escalation and this is a more convenient way for smaller organizations.
Social and app authenticator login buttons are on the bottom and we now support all the TOTP app authenticators and encourage you to lock your accounts down.
ExchangeDefender is pleased to announce the addition of passwordless logins. This convenient authentication method has become an industry standard and we’re implementing it at the request of many of our clients.
The problem: “I don’t know what it is, I don’t know what my password is!” OK. Reset password. Wait for the email. Pick a new password. A more complex password. One that you’ll forget as soon as you log in. We’ve all been there.
In our May update, you will see another login option under the default sign-in, allowing you to sign in with email. It’s as simple as it sounds, type in your email address and we’ll email you a magic link (with an OTP code) that you can use to log in to your account without your password. It’s that simple.
The session will stay logged in for a month so as long as you’re on the same computer/mobile you won’t have to worry about tracking passwords with ExchangeDefender.
PS. This means anyone with access to your mailbox will have access to ExchangeDefender as well – so for those of you that value security over convenience we’ve also added a domain-level policy that can disable this feature.
We should talk…
ExchangeDefender is aggressively adding features and growing the security footprint and we understand that IT staff is already spread thin enough – so if you’re tight on time or security expertise we are able to help by reviewing, applying, and configuring your mail flow so users get fewer interruptions while getting the latest and best-tuned security service for email.
ExchangeDefender is the ultimate cybersecurity wrapper for an organization and we already discussed how Users and Domain Admins can locate messages ExchangeDefender was configured to keep out of the mailbox.
ExchangeDefender users have a beautiful and powerful way to access their quarantined mail and work around email problems, domain admins have flexible settings, policies and access to the logs to keep the organization protected. So what do ExchangeDefender Service Providers have that others don’t?
ExchangeDefender Service Provider access enables you to do deep troubleshooting and emergency “incident response” activities. Service Provider login is the highest level of control in ExchangeDefender so you have access to all the data that ExchangeDefender has.
ExchangeDefender Service Provider access gives you access to the centralized log facility where you can locate any message ExchangeDefender has processed from a central pane of glass.
You can download any search results as a CSV file that can be better visualized and analyzed in a spreadsheet and reporting tool of your choice. This is particularly useful when you don’t know the sender or are searching for an automated sender with a fake tracing email address.
Our partners frequently rely on this facility to troubleshoot for missing messages.
Downloading Raw Logs
ExchangeDefender Service Providers also have access to raw SMTP Mail Logs which give our partners direct access to low level SMTP transactions and error logs. It’s located in the same location as log search.
Service Providers rely on these logs as the ultimate source of truth regarding the traffic for the ExchangeDefender protected domain. This is a fantastic tool if you’re looking for intermittent delivery errors or policy violations or just have a very specific email or server you’re looking for.
Logs will get pulled from all our services and will be available for download within 24 hours. Don’t let the boilerplate distract you, almost all of our clients will get their logs within the hour. From there you can load the logs into your favorite analytics tool and dig for the errors and problems in the mail flow.
To sum it up
ExchangeDefender can help you account for every message going in and out of your organization. While users have a powerful and beautiful way to access their quarantined mail or continue where they left off during an outage or email problem, domain admins and service providers have far more access to the logs so they can troubleshoot around different settings and policies.
Every month we get a ton of new ExchangeDefender users. We work harder than others to keep you safe — and we want to get you up to speed with all the unique security benefits you get with ExchangeDefender and how to best take advantage of them.
The webinar is not overly technical AND it’s a great opportunity to get any questions you may have answered by the very people that manage ExchangeDefender. Here is what we will cover:
– How to spot and manage phishing attacks
– Importance of strong passwords
– Why you need MFA/OTP and how it works
– What to do when messages bounce
– What to do when your email is down
– How to lock down ExchangeDefender
– How to deal with spoofing and identity theft
Attacks on IT are only getting more efficient and sophisticated with each passing day – and ExchangeDefender is here to help you stay secure and adopt the best practices of our most successful partners and clients.
* First webinar in series, we will post recordings in our portal on March 1, 2023 after all the live sessions have been recorded & edited.
Register for the webinar here: https://register.gotowebinar.com/register/457089402282191197
ExchangeDefender has beefed up our MFA (multi-factor authentication aka 2FA / OTP) service with addition of new vendors and a wider reach.
Setting up MFA involves either installing an authenticator app or authorizing us to send you a text message. When you login to our service the system will expect you to provide the 6 digit code that will only* be known to your trusted device. Essentially, it keeps people who only know your username and password out of your account.
While we would prefer a more secure and reliable model in which our clients rely on MFA authenticator apps over the less secure SMS, we understand that is not a practical solution everywhere and absolutely every needs this second layer of authentication when accessing mission critical systems such as email and file sharing.
As you may remember, we had an issue with SMS MFA before Christmas and thanks to some heavy lifting by our team over the holidays the new SMS infrastructure is truly global, scalable – and will be delivered by multiple providers for better redundancy (eliminating the 10DLC compliance issues).
With the retirement of ExchangeDefender Essentials and all the compromises it required, you will be seeing a flurry of new security features in the ExchangeDefender Email Security service. First of many will be the access restrictions and the ability to restrict access to ExchangeDefender services based on location, time, etc. The attacks on email infrastructure are only getting more numerous and more sophisticated by the day and traditional (or cheap) security methods are no longer viable in 2023 and certainly not beyond. We look forward to continuing the best email security money can buy and we thank you all in advance for trusting us with your email.
Most medical offices are prime targets for cybercriminals because they have little, or no security. In fact, in 2020 and 2021, 50 million people were affected by a data breach coming from their doctor’s office or other medical services. Orlando-based Cybersecurity company, 365 Defender wants to help the healthcare industry protect their patient’s data, and safeguard their businesses from online attacks.
“Phishing has become a major threat in every industry. The hardest hit has been healthcare, with about 88% of its workers having opened phishing emails on the job. To be fair, just because they opened it, doesn’t mean they fell prey to the attack. Still, having protection against today’s biggest threats are crucial for survival.” — 365 Defender CEO, Vlad Mazek
Service offerings range from email security for Outlook and Gmail, to email encryption software that can send secure messages to emails, urls, and text messages. The monthly fees are budget friendly with the cheapest service being just $5 per user, per month. There is no yearly contract commitment, giving medical offices complete flexibility to satisfy their ever-changing IT needs.
The need for data security is critical, and protecting patient privacy should be a top priority second only to healing them. To learn more about 365 Defender, and how to get started securing your company, please visit our website www.365defender.com. There is currently a 14-day free trial offer for any 365 Defender service.
365 Defender is owned and powered by cybersecurity leader, ExchangeDefender. ExchangeDefender specializes in providing email and data security to enterprise since 1997. Headquartered in Orlando, Florida – the IT firm has just launched service plans for small business in hopes of keeping companies safe regardless of their size and budget.