Email messaging

mcafee-end-of-life-3Who can security partners and end-users turn to once McAfee products are end-of-lifed? We look at some compelling options.

In one of our recent posts, we highlighted some of the likely disruption caused by Intel’s ongoing end-of-life (EOL) programme for many of its McAfee-branded products.

But EOL must not spell end-of-business, and although we certainly haven’t discovered the secret of eternal life, our research found there are more than enough security vendors and solutions “out there” to fill McAfee’s shoes!

Here’s our shortlist.

Goodbye (and hello) Endpoint Encryption

“People are still the biggest security risks”, proclaims this article in CIO.com.

Yet in June 2017, McAfee is EOL-ing its Endpoint Encryption solution - arguably one of the most effective methods of ensuring that endpoints lost by employees, or stolen from them, cannot surrender their valuable data..

(And its migration path seems murky, involving a product name change and an upgrade.)

Enter its Trend Micro namesake, which enables security partners and end-users to remotely encrypt, lock and wipe any endpoint – including desktop, laptop, mobile, and removable media – so that businesses can still enjoy productivity-boosting mobility, without the associated data breach risk.

Trend Micro Endpoint Encryption also features automated methods of deploying and policing encryption and security policies, plus comprehensive audit and compliance records to satisfy the regulators (a big deal in the light of the approaching GDPR law!)

Fighting evil in the email

The demise of McAfee’s Email Gateway is not due to happen until 2021 – but, at the same time, the evolution of email-borne threats is likely to hasten the search for a replacement, rather than give it breathing space.

Indeed, with the Verizon Data Breach Report recently stating that 77% of malware infections are now due to users receiving a malicious email with a web link or attachment, according to this white paper, security partners and end-users alike need to move fast to secure alternatives.

Vendors’ offerings in this area are diverse, but compelling. Malwarebytes, for example, rolls email protection into an overall layered security approach that does not displace or conflict with existing security solutions – a boon for partners (it offers them an easy additional revenue stream) and end-users (it doesn’t disturb their current security arrangements) alike.

Trend Micro, for its part, offers multiple email security solutions for both SMB and Enterprise clients. Hosted Email Security solution has achieved 99% blocking effectiveness in independent tests, and takes the security maintenance headache off customers’ desks, as updates, patches and hot fixes are delivered 24x 7 by Trend’s own teams.

Smart Protection Complete, for its part, protects not only mail servers and gateways but also the cloud-based collaboration applications like Office 365 on which end-user businesses are increasingly reliant.

Finally, another convincing contender is Bitdefender, whose products have been rated the best tested for corporate security and performance by independent test lab AV-TEST. Its email security solutions within the GravityZone product set also boast the top antispam detection rates and can be installed in minutes!

Mobile security: a moving target

Keeping mobile devices  - official or otherwise - secure in populous, often geographically diverse enterprise environments is always a challenge, but when your chosen security solution ups sticks and disappears into the sunset (as McAfee’s Enterprise Mobility Management will do in January 2017) it’s time to seriously start nailing down alternative options.

Again, Trend Micro plays pretty strongly in this space, with a comprehensive mobile security and management offering (within Smart Protection Complete) that combines protection (DLP, VPN, app control, web filtering, gateway anti-virus etc.) with centralised visibility and control.

The latter means that the entire enterprise’s mobility is easily secured and managed from a single “pane of glass”, taking the pressure off partners and end-user security admins at the same time (a feature also be found, in similar form, in Bitdefender’s GravityZone Security for Mobile Devices).

EOL for McAfee? New beginnings for your security.

This is just a snapshot of the many new opportunities that McAfee’s EOL programme unearths for the security partners who resell solutions or deliver them as MSPs, and the end-users whose business integrity depends on them.

It may be EOL for many McAfee solutions, but that’s AOK when you’ve got a plan to move to something better.

(Psssst! Have you got a plan to move to something better?)

End of Road for McAfee Email Security SolutionsAs many McAfee security products slide into end-of-life, we take a look at how it could affect end-users, MSPs and resellers.

Forgive us for being forward, here, but if you didn’t read our last post on the McAfee security products that have entered, or are entering, end-of-life (EOL), you probably need to.

Just to recap, many McAfee EOL products simply don’t have a like-for-like migration path, according to McAfee’s own EOL support pages. In fact, many of them apparently don’t have a migration path at all, and those that do have a distinctly oblique one, involving renamed products and (presumably more expensive) updates.

So if you’re a McAfee end-user, are you worried? If you’re a McAfee MSP or reseller, should you be worried, too?

Worry is never helpful – so here are the plain facts about the McAfee EOL products and how their withdrawal will ultimately affect end-users, MSPs and resellers alike.

Which McAfee products does this EOL problem affect?

Since Intel’s acquisition of McAfee in 2011, there has been a concerted focus on EOL-ing those products that are not core to Intel’s strategy, and so the complete list is a long one.

But three that we think will grab most end-users’ and partners’ attention are:

  • Email Gateway
  • Enterprise Mobility Management
  • Endpoint Encryption

What will this mean for end-users and partners?

Bluntly, whether you’re an end-user or a security partner, EOL means what it says on the tin, or at least in the McAfee end-of-life policy; support for the software product simply stops (“Support contracts cannot extend beyond the end-of-life date”).

Support, of course, includes patches – a critical weapon in the struggle to keep security software updated against new or emerging threats – and so a security product kept in service beyond its EOL date is likely to rapidly become no kind of security product at all.

Map the McAfee products that are going / have gone EOL to the current risk profile of the cyber threat universe and the picture looks even more alarming.

  • McAfee is EOL-ing Email Gateway, yet… malware analysis in this publication shows email-borne malware hit 705 million quarantined messages from just one security vendor in just one month of 2015 alone!
  • McAfee is EOL-ing Enterprise Mobility Management, a solution that enables IT teams and security providers to keep large-scale official and unofficial mobile use in large businesses secure - yet McAfee also admits that the unique mobile malware samples collected in its own laboratories increased 72% from Q3 to Q4 in 2015!
  • McAfee is EOL-ing Endpoint Encryption, yet… the loss or breach of customer data from a mislaid or stolen device that this kind of technology can prevent is about to become a source of huge financial risk to businesses because of the draconian provisions of the forthcoming GDPR legislation!

In short, McAfee are pulling the plug exactly where the bad guys are starting to focus most attention – and that can only end badly for end-users and partners alike.

 But MSPs and resellers can get custom support, right?

Don’t you bet on it. Although custom support, beyond the EOL date, is theoretically available, it’s on McAfee’s say-so – reseller, MSP, end-user or whoever else you are. As they state in their policy, it is “an exception”, not the rule.

Clearly, it also costs. Not only that, it requires an existing current and continuous support contract to be in place, provides only limited content updates, for a limited time period, and with specific terms and conditions.

(Oh, and it never covers hardware of any kind, even if you bought the original solution on a hardware platform).

Does all this infuse the need to migrate to other solutions with a certain sense of urgency?

What happens next?

But knowing you have to migrate is little use if you don’t have any help as to where you might migrate to.

In the last blog in this series, we’ll be exploring some of the other security vendors’ offerings, and discussing whether they’re a good fit for partners and end-users looking to leave McAfee’s EOL products behind.

Keep watching!

Brian-A-Jackson1

On a weekly basis there are now articles regarding a big brand company which has been hacked, these usually relate to what data has been lost, how they are notifying those affected and what they are going to be doing to prevent this from happening again.

So how do you prevent it from happening in the first place?

From experience I can see that if a hacker wants to get details from somewhere they will take the easiest target, the ‘Low Hanging Fruit’ as they say, in ensuring your company has some basic security principles in place can help mitigate this.

So how do you ensure you are not the ‘Low Hanging Fruit’

Simple measures can be taken within your environment to help secure it. As a basic level you should be meeting the following guide - CyberEssentials Requirements

This sets out some advice regarding Firewalls, User access control, Passwords, Malware protection and Patch management.

Once you have met the standards given within this document you should be looking to increase the security standards within your organisation. The most effective we have found is the use of education, once educated your staff will be able to react to the threats quicker and reduce the risks to your company.

McAfee Security

It’s getting to that time of year when thoughts turn to peace and goodwill, and we look to reward those who have worked hard and the customers who have stayed loyal.

Which is why the big bag of coal that McAfee has dropped in your Christmas stocking this year is an especially nasty surprise. For you and your customers alike.

McAfee – the situation

Here’s the Christmas story, McAfee-style.

Firstly, you buy MX Logic to strengthen your digital security portfolio. Then, you get bought by Intel. Then Intel drops your name. Then Intel says that it’s working on a comprehensive new security package, and promptly puts McAfee’s SaaS email security into end-of-life.

It’s the gift that keeps on giving. Because although the announcement was originally reported at the end of October, we’ve since learnt that many other security offerings (like Nuvotera, Spam Soap, Spambrella, etc.) were white-labelling McAfee’s service, so end-of-life becomes a potentially huge issue for all of them – and the end-users they serve.


“What does this mean for me and for my customers?”

In January 2016, Intel Security will stop selling McAfee SaaS Endpoint and SaaS Email Protection and Archiving, with the majority of subscriptions and support ending in 2017.  As this table shows, some limited support will continue for certain subscriptions until 2021.

Now, Christmas hangovers don’t usually come this early in the month, but rest assured that the decision to discontinue McAfee SaaS products represents one ho-ho-ho-hell of a headache for partners.

They must now identify new solutions and then go through entire deployment and provisioning processes all over again - just so their customers can keep the endpoint and email security that they’ve previously enjoyed.

They have to factor in the time it takes to learn new technology and user interfaces (this includes both internal and customer training), how pricing models will be affected, and what support they need to give and receive.


A frenetic festive season for McAfee users

Needless to say, all this is a massive annoyance to end-user customers, too.

Apart from all the usual pain associated with sudden business and technology platform change, across potentially hundreds or thousands of users, email security often gives rise to complex requirements around archiving - as explained in guides like this one – through which Intel has now successfully driven a sleigh and reindeers.

While customers’ email archiving will continue until their subscriptions’ expiry dates, new emails will no longer be archived after the subscription has expired.

Additionally, customers will only have six months to import their archived emails into their new platform, and any emails that have not been moved at that point will be permanently deleted.


What should partners do next?

If there’s a cheering undertone to this seasonal lament, it’s this: SaaS is an enduringly and increasingly popular delivery model for email, security, and archiving, and is not going away anytime soon.

Add to this the fact that there are other vendors that can provide similar security solutions, and my advice to partners seeking new solutions providers boils down to these basic points:

  • Security pedigree: How long has the solution provider been in business?  Are they security-focused (i.e. how much of their business does security represent? Do they seem distracted by other revenue streams?)
  • Reputation: Who do they partner with (e.g. software distributors) and what level of respect do those partners have in the security space? What do their partners say about them publicly? Will they let you speak with partner references privately? If not, why not?
  • Support: Can you access live customer support whenever needed, provided by employees of that company? If the support expertise is coming from somewhere else, is that support provider trained and qualified? Where’s the proof (certification)?
  • Commitment to the Channel: Does the vendor offer good margins, friendly terms, competitive pricing? Do they have proven relationships with distributors and other partners who can add value through automated management tools, MSP options, dedicated account managers?

Wanting to move quickly to transition your customers to viable alternatives, don’t end up choosing alternative vendors who aren’t truly viable.

(That would be turkeys voting for Christmas.)


“So where do I point my McAfee customers now?”

As a specialist security software distributor who’s been working with some of the world’s biggest security names for over 15 years - and some very agile newer ones, too - I’m ideally placed to consider the choices that your customers can make.

I’m not going to tell you that any one vendor is now the definitive star on the top of the Christmas tree. (Intel has hastily named Proofpoint as a quick fix for McAfee customers, and to me it smacks of expediency, rather than suitability).

But consider this: if a security vendor’s business was born in the cloud, and has been established almost as long as my own, I regard it as being worth a look.

If it offers 24/7 support, is capable of securing much more than just email, and has innovative pricing plans that means savings can be passed on to the end-users, it’s worth a look.

If it protects more than 8.5 million mailboxes for over 47,000 corporate clients worldwide, but is still prepared to give you and your customers a free trial to try it out for yourselves, it’s worth a look.

So do you want to keep the present under wraps until Christmas? Or do you want to be the one to bear early gifts to all those desperate McAfee customers? It’s your call, but ripping off the paper is as easy as this.

And the Three Wise Men? That’ll be the first three partners who click on the link above…

comptia-logo

The managed service best practice offerings template is intended to provide a list of the most common offerings that are currently being deployed by newly formed managed service practices.

The list has been developed based on the experience of IPED consultants, research conduct with numerous channel partners and direct discussions with partners that have successfully built an MSP practice. Although the customer offerings vary from MSP to MSP, most of the solution providers that have built a successful MSP practice have started their practice with one or more of a variety of managed services.  You can read the CompTIA Managed Service Best Practice Offerings study here.

Need more help with finding the right solutions for your MSP business? Call our sales team today on 0118 9898 222.

 

 

AppRiver logo largerversion

Infosecurity Europe will take place on 2nd June 2015 and we’d like you to join us for our short Email Security and Migrations Workshop, on the same day, at Hilton London Olympia, (near Infosecurity – London Olympia) from 11.30am to 3.30 pm. Can’t attend the whole event? That’s ok, you can drop-in to the Workshop at a time suitable for you, where we’ll also provide you with lunch. At the event, you’ll be able to:

  • Have a hands-on demo of email encryption, file sharing, tracking and DLP technology and how it can be applied to solve daily problems for organisations.
  • Try Hosted Exchange and Office 365 migration with BitTitan.
  • See how email archiving works with Global Relay.

You’ll also meet AppRiver product specialists, who will answer any questions about keeping businesses secure and how to provide added value solutions to your customers and increasing their satisfaction levels. The Blue Solutions team will be available to discuss pricing and the contact details of our team. We’re also going to enter all attendees into our prize draw to win an iPad, so we hope you’ll take this opportunity to win the prize! As the event will be by invitation only, please follow this link to register your interest and then we’ll send you an invite at a later stage. We hope to see you at our event.

Yes reserve my space

AppRiver logo largerversion

Article published on the AppRiver Blog

Google continues to phase out Postini services in favor of the Google Apps platform.  Consequently, we continue to receive requests to migrate Postini filtering accounts to SecureTide by AppRiver.  In this post, we will discuss the process through which your Postini mailboxes and settings can be easily migrated to SecureTide.

To export all mailbox senders lists (approved and blocked), as well as the associated settings, you will need to follow some simple steps both to retrieve the data and to prepare it for our  Support team will assist you during the migration to SecureTide.  After the data is in place, we’ll help you change your MX records to redirect your mail through our data centers.  Once the process is complete, your domains, mailboxes, approved senders and blacklists will be available through the Customer Portal and your spam and malware will be captured in our quarantine areas.

To export Postini mailboxes and settings, follow these simple steps:

1.  Export Mailboxes and Aliases

Exporting the complete set of data is a two-step process that produces two separate source files.  The first file to be exported contains mailboxes along with their aliases:

  • In the Postini interface, go to Orgs and Users > Orgs.
  • Click on the domain you wish to export. (For this example, we will use domain.com as shown in Figure 1.

Figure 1.  Select Domain

  • In Organization Management, note the Organization ID number located in the Settings section (see Figure 2).

 

Figure 2.  Note the Organization ID Number

 

  • Select the Batch link at the top of the page, enter the following command into the Manual Input field (see Figure 3), using the Organization ID number noted previously as the value for targetOrg and complete the on-screen instructions:

listusers ALL, targetOrg=1000012345, childorgs=1, fields=PRIMARY_ADD|ADDRESS, aliases=1, sort=primary_add:nd

Figure 3.  Export Aliases from Postini using the Batch Command

  • Select the batch results, copy and paste the data and save as a text file called domain.com_alias.txt.

2.  Export Approved/Blocked Senders Lists

Continue as follows to export all associated Approved/Blocked Senders Lists:

  • Go to Orgs and Users > Users.
  • Choose the top Account-level org from the Choose Org list.
  • Click the Download Users/Settings link as shown in Figure 4.

Figure 4.  Export Approved/Blocked Senders List

  • Select the Batch results, copy and paste the data from the popup window and save the data as a text file called domain.com_Users_Settings.txt.
  • The exported data will contain such information as the # address, user_id, junkmail_filter to set email filtering active, category filtering levels, virus scanning settings, approved_senders, approved_recipients, blocked_senders, as well as other available inbox settings (see Figure 5).

Postini Exported Settings Shown

3.  Provide data to AppRiver for Migration

Now that you have all data exported into two separate files, send both files to support@bluesolutions.co.uk.  Our support team will import your data to our platform and provide a walkthrough on AppRiver’s SecureTide service.

Call our sales team on 0118 9898 222 for more information about AppRiver secure email messaging solutions.

AppRiver logo largerversion

 

 

 

Article contributed by AppRiver

A common question that's often discussed when migrating customers to AppRiver Secure Hosted Exchange or Office 365, is understanding the differences between public folders and shared mailboxes and when to use each one. If that wasn’t creating enough confusion, site mailboxes were recently introduced to combine SharePoint’s resource sharing features with emails and conversations processed by Exchange. So this post will explain in a simple manner the differences between each option and when each can best be used to meet each requirement.

Public Folders
Public folders are designed for shared access and provide an easy and effective way to collect, organize, and share information with other people in your workgroup or organization. Public folders can also be used as an archiving method for distribution groups. When you mail-enable a public folder and add it as a member of the distribution group, email sent to the group is automatically added to the public folder for later reference. Main features are:

  • Public folders are stored in Exchange.
  • Public folders work well for enterprises with older versions of Office still deployed as well as brand new deployment.
  • Documents stored in Exchange don’t have the benefits of SharePoint document libraries (e.g. workflows, version control, metadata, etc.) and aren’t visible within SharePoint.
  • A common option used with public folders is to set an email account that will rout all incoming traffic to a public folder for a shared access.

Note: Office 365 has increased the limit on the number of public folders available to 250,000 folders.

Shared Mailboxes
Shared mailboxes make it easy for a specific group of people to monitor and send email from a common account, like public email addresses, such as sales@appriver.com or info@appriver.com. When a person in the group replies to a message sent to the shared mailbox, the email appears to be from the shared mailbox, not from the individual user. Shared mailboxes are a great way to handle customer email queries because several people in your organization can share the responsibility of monitoring the mailbox and responding to queries. Your customer queries get quicker answers, and related emails are all stored in one mailbox. Main features are:

  • Shared mailboxes provide a generic email address that can be used to send emails to a team.
  • Access to shared mailboxes is set under Exchange permissions.
  • Allows multiple users within an organization to monitor and reply to an email.
  • Reply email address is the shared mailbox address.

Site Mailboxes
A site mailbox can be used from a SharePoint team site to store and organize team email. It can also be used from Outlook 2013 (included with Office 365 ProPlus or Office Professional Plus) for team email, and as a way to quickly store attachments and retrieve documents from the team site. Main features are:

  • Emails are stored in Exchange.
  • Site mailbox is an app that you add to your SharePoint site.
  • It’s important to pick the right naming since once you have created a site mailbox, you can’t change its email address.
  • Invoking the site mailbox is done by cc’ing the email address of the site mailbox.
  • You can add folders from your site mailbox to your outlook favorites so that it is directly visible in Outlook.
  • When viewing a site mailbox from outlook, both email and documents are visible.
  • You can add documents by attaching them to an email message.
  • Security is driven by SharePoint team site permissions.
  • Integrates with Outlook and can be also accessed through the Office 365 web app.

Still have questions about your mailboxes? Contact our sales team on 0118 9898 222 for help with finding a solution to manage your mailboxes securely.

CompTia Banner

We joined industry leaders and professionals at the CompTia EMEA Conference on 5th and 6th November. This event gave our team a good opportunity to meet with our current and new Resellers and other industry professionals.

Throughout the day, our team were busy talking to MSPs and Resellers about the best technology to run their businesses, covering I.T. automation, disaster recovery, anti-spam and malware solutions.

Nicola and Janet CompTiaThe event was also a great opportunity for us to join two of our vendors at their stands - StorageCraft, a data backup and disaster recovery vendor and AppRiver, provider of email messaging and Web security solutions. Our Product Manager, Nicola Boswell is pictured left with Janet O'Sullivan, StorageCraft Marketing Manager. We also met with Western Digital, who will be joining our portfolio to enable us to provide end-to-end solutions for Resellers.

We'll tell you more about that soon...

Our Sales Manager, Emma Wale, who attended the two day event commented “being at CompTia puts us among our industry peers and shows we are committed to providing the best service and leading solutions for MSPs and Resellers”.

If you missed our team at CompTia, you can contact us on 0118 9898 222 and speak to our product specialists or visit our website.

AppRiver logo largerversion

Article by Troy Gill, AppRiver

Over the past several days we have been seeing several malicious email campaigns posing as legitimate communication from Amazon. The first campaign is posing as messages from the amazon.co.uk with the subject line reading: Your Amazon Order Has Dispatched (#3digits-7digits-7digits). These messages purport to be order shipment notifications. These messages began hitting the AppRiver filters on 31/10/14 and have been coming in consistently ever since. So far we have quarantined just over 600,000 of these messages.

Each message contains a Word document (MD5: a75e196e6c0cabc145f4cdc3177e66ec) that contains a malicious macro. In most instances users should at a slightly lower risk with this infection vector, since macros are not enabled by default in more recent versions of Word.  The macro (if allowed to execute)leads to the install of a Trojan dropper. The malware currently creates a process named SUVCKSGZTGK.exe on the victims machine. Eventually this leads to the install of key-logging malware designed to harvest banking login credentials, email credentials and social media credentials. As we commonly see with this these types of campaigns, the payload can be changed out by the malware distributors so this dropper could pull down some other form of malware in the future.

Here is a look at the message:

Malicious Amazon message1

 

In a separate email blast, another group is distributing malicious emails posing as Amazon order confirmation emails. These emails are coming is at a slightly slower clip than the former campaign mentioned but we have quarantined nearly 160,000 of these message over the past few days. They appear from amazon.com with the subject reading: Your order on Amazon.com.

These email have a bit more of a legitimate look as they utilize actual graphics taken from Amazon. Instead of a malicious attachment, these messages utilize links to compromised wordpress sites. Clicking these links will launchthe download of a .scr file  named: invoice1104.pdf[dot]scr. Which should be a huge red flag to most users as the .scr file extension is used almost exclusively for malware infection these days. The .scr file(MD5: 09cb12d7cd0228360cd097baeaaa6552) is in fact a Trojan dropper that will lead to the install of more malware once it has infected the host. Once again, from here, the sky is the limit for the malware distributors since they can now download and install remote files of their choosing.

Here is a look at the message and prompt :

Malicious Amazon message2

 

Malicious Amazon3

 

 

 

 

This is a very popular time of the year for these types of scams with so many people in shopping mode in preparation for the holidays. With many people expecting purchase confirmations and shipping confirmations with much more frequency, it increases the likelihood that people will far for this scam.

Be extra cautious this holiday shopping season and if you are suspicious of unauthorized activity on your Amazon account, never follow any links in an email, go directly to the website and check your account from there.