Posts

Small Business Summer Savings

Small businesses and solopreneurs depend on their technology in ways that differ from larger organizations. Our laptops and desktops are critical to daily operations and access to cloud services, including Microsoft 365 or Google Workspace, is our lifeline. Without IT staff and spare equipment, we rely on our own abilities and outside help to keep things running and to respond to problems. Too often, we face disruptions and unexpected costs. Our Small Business Summer Savings options give you protection and security without busting your budget.

The Need

To ensure the availability and reliability of our IT services, small businesses need to protect their systems and be able to quickly recover should something bad happen. Essential services should:

  • Prevent malware, phishing, ransomware, and other cyber attacks
  • Protect files and data on computers and in the cloud
  • Secure access to systems and services
  • Help you and your team with issues, problems, and questions

As important, when something does go wrong, we need to be able to return to work quickly and efficiently.  We cannot sit idle for the 3 to 7 days it can take to repair or replace and restore a laptop.

The Services

Cumulus Global’s Managed Cloud Services provide the security, protection, and support services you and your business need.  Our Essential and Basic packages tailor to the specific needs of small businesses.

Our PC Continuity solution goes beyond backup/recovery for laptops and PCs.  In addition to backing up your files, we capture images of your entire system. In an emergency, we can spin up the image of your computer in a cloud data center.  Within a few hours, you are up and running from any device with a browser and Internet access.  You business keeps running while your computer is fixed or replaced.

The Offer

Through August 31, 2023, bundle our Essential or Basic Managed Cloud Services with our PC Continuity solution and save:

  • No setup fees
  • Up to 30% on monthly recurring fees for the first year

The Action

To learn more and get a quote, click here to schedule a call with a Cloud Advisor or send us an email.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

Backup Your Google Workspace or Microsoft 365 Cloud: Use Cases Beyond Restore

google workspace and office 365 backup

As we discussed in recent blog posts, Google and Microsoft clouds operate under a shared responsibility model for data protection. Google and Microsoft run internal backup systems to protect you should they have hardware or software issues. You, however, are responsible to backup your cloud, including Google Workspace or Microsoft 365. You need to protect your data from user deletions, user overwrites, malware, hackers, and other risks. This all starts with the proper backup solutions for Google Workspace or Microsoft 365.

A good backup solution for Google Workspace or Microsoft 365 does more than restore.

Microsoft 365 and Google Workspace Backup Solutions

These four use cases provide added value when you backup your Google Workspace or Microsoft 365 cloud.

1 Preserve Data From Past Employees

If you want to preserve data from past employees you have a few options:

  • In both clouds, you can continue paying for licensing for past/suspended users
  • In Google Workspace, you can also pay for Archive User Licenses
  • Subscribe to a third party archiving solution
  • Preserve backups for past employees after you remove their Google or Microsoft accounts.

With the ability to restore data to other accounts, you can use the backup as a long-term archive.  Doing so is less costly than maintaining licenses or moving to archive user licensing, and is comparable in cost to third party account archive solutions.

2 Transfer Data to New Owners

Both Microsoft 365 and Google Workspace provide administrative tools to transfer data and ownership between users.  These transfers, however, lack granularity and are generally available at the service level.  For example, you can transfer all documents to one user and emails to another user.

With a good backup solution, you can selectively restore data to any users.  As such, you can transfer specific files, folders, sites data, emails, etc. to different people as needed. An added benefit, you can also transfer data between employees as they change positions and responsibilities.

3 Archive Documents (and other data)

A third party backup solution can preserve and archive documents, as well as email, calendars, contacts, and sites data in support of your document retention policies or regulations.  Granted, both Google Workspace and Microsoft 365 offer several licensing options that include the compliant archive/e-discovery services for your data.

You may not need the rigor and cost of an upgrade or add-on service. With one or more backups per day, your preserve data as it exists at specific points int time.  Options for unlimited retention allow you to recover information, even after malicious deletions.

4 Escape Hatch

As a “best-practice”, backups should not be stored in immutable systems without altering the format.  Doing so protects your backups from cyber attacks by segregating your backup systems from your operating environment while preserving content.  With data preserved and the ability to export, the right backup solution provides an easier and efficient means of exporting data from Google Workspace and Microsoft Office.

Cumulus Global Can Help You With Google Workspace or Microsoft 365 Backup Services

We offer a range of backup/recovery, and business continuity services that we match to your needs and budget.

Schedule time with one of our Cloud Advisors or contact us to discuss which backup solutions for Google Workspace or Microsoft 365 backup solutions are right for you. The conversation is free, without obligation, and at your convenience.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management. 

 

Service Update: Microsoft 365 Fees Increase on January 1, 2023

Cumulus Global 15 Years of ServiceService Update: Microsoft 365 Fees Increase on January 1, 2023.

As previously announced by Microsoft, Microsoft 365 Fees Increase on January 1, 2023.  In addition to increased fees for specific licenses, Microsoft is changing the structure of annual agreements and adding a 20% surcharge for month-to-month licensing.

Why Now?

Microsoft has been working towards these changes for more than a year. They company pushed back the deadline several times as the change coincided with major changes to Microsoft’s partner program. Microsoft has notified customers and partners that all subscriptions will be on the new pricing as of January 1, 2023.

For our customers, Cumulus Global has delayed the impact and fee increases for as long as possible.  We are communicating with our customers individually to address the final deadline.

New Terms and Conditions

With the pricing changes, Microsoft is also changing some of the terms and conditions for the services.  Historically, Microsoft has not enforced commitments on annual agreements; customer were free to change user counts and even cancel without penalty. Going forward, Microsoft will enforce annual subscriptions and terms as firm commitments. Customers may change or cancel within three (3) days of starting an annual term. Customer commit to the number of licenses for the full year. Microsoft is offering a three year commitment option as well, which secures pricing for that period.

If you need or want the flexibility of increasing and decreasing user counts at any time, you will need to opt for month-to-month licenses.  Monthly licensing lacks the commitment but includes a 20% surcharge over fees for an annual commitment.

License Pricing Changes

The following are the fee changes for annual licensing. All fees are listed as per user per month.

  • Microsoft 365 Business Basic
    • Annual: From $5 to $6
    • Monthly: $7.20
  • Microsoft 365 Business Premium
    • Annual: From $20 to $22
    • Monthly:  $26.40
  • Office 365 E1
    • Annual: From $8 to $10
    • Monthly: $12
  • Office 365 E3
    • Annual: From $20 to $23
    • Monthly: $27.6
  • Office 365 E5
    • Annual: From $35 to $38
    • Monthly: $45.60
  • Microsoft 365 E3
    • Annual: From $32 to $36
    • Monthly: $43.20

All other Microsoft 365 and Office 365 license fees remain this same with an annual commitment; monthly fees will reflect the 20% surcharge.

Next Steps

Our team is contacting each our customers impacted by the pricing to discuss their options and plan their services going forward.

As we are here to assist any small business with their cloud services, feel free to contact us by email, via our website, or by scheduling time directly with one of our Cloud Advisors to discuss your options and path forward.

Service Update: Advanced Threat Protection

Service Update Announcement

Beginning July 1, 2022, Cumulus Global is adding Advanced Threat Protection services to all clients using Microsoft 365 and Google Workspace.

With more than 40% of cyber attacks targeting small businesses and two thirds of attacks using email, Advanced Threat Protection is no longer an option. The stakes are too high. Recovery takes an average of 21 days and 60% of small businesses fail within six months of a successful attack.

To minimize the impact, we are waiving the standard setup fee and discounting the service by 20% for customers with an annual commitment. The fee will be reflected on your annual invoice or monthly invoices, as appropriate.

You may opt out of the Advanced Threat Protection service. To opt-out, please notify us by email prior to May 25, 2022. If you elect to opt-out, please review the terms of our Service Level Agreement as posted on our website.

Please contact us or schedule time with one of our cloud advisors if you have any questions.

Deadline 3/1/22: Microsoft 365 Price Increase

Microsoft 365

On March 1, 2022, the pricing for Microsoft 365 will increase.  Depending on your current subscription and licensing, you will see a Microsoft 365 price increase ranging between 10% and 25%. You can, however, minimize or avoid the increase.

Details

Monthly per user pricing with an annual commitment* will increase as follows:

  • Subscription
  • M365 Business Basic
  • M365 Business Standard
  • M365 Business Premium
  • O365 E1
  • O365 E3
  • M365 E3
  • Current Fee / User / Month
  • $5
  • $12.50
  • $20
  • $8
  • $20
  • $32
  • New Fee / User / Month
  • $6
  • $12.50
  • $22
  • $10
  • $23
  • $36

*Pricing for monthly commitment (no annual commitment) will include a 20% surcharge.

What is the Impact?

Historically, Microsoft 365 and Office 365 subscriptions were sold with an annual commitment.  Within the annual commitment, you could adjust the number of licenses up or down on a monthly basis. Microsoft now classifies these types of subscriptions as “Monthly Subscriptions”.

Going forward, you can choose an “Annual Subscription”. With an “Annual Subscription”, your current license count becomes your minimum purchase commitment for the next 12 months. You may add licenses during the year, but you cannot remove any licenses until your annual renewal.

A “Monthly Subscription” allows you to increase or decrease you licenses monthly.

Annual Subscription pricing will increase as noted in the table, above.  If you are a monthly subscription, you will pay an additional 20% per license.

Minimize the Impact

You can minimize, or completely avoid, the Microsoft 365 Price Increase by assessing your subscription licenses and usage, and:

  • Transition to an Annual Commitment before February 28, 2022.
    • Continue with monthly or annual invoicing
  • Remove past employee accounts by either:
    • Exporting and deleting

Act Now!

Schedule time with one of our Cloud Advisors.  We will assess your current subscription, the impact of your transition, discuss subscription and licensing options, and determine if you qualify for incentive discounts.

 


The Kaseya Attack Effect

Data Protection & SecurityThe Kaseya attack demonstrates how cyber crime is a big, organized business.  How big? You can subscribe to “Ransomware as a Service” and outsource attacks on your intended targets.  How organized? Hacker groups and service providers, such as the REvil Ransomware Group and DarkSide, actively manage their brands and reputations.  The REvil attack on Kaseya shows us that cyber criminals are technically advanced and operationally sophisticated. The nature of the attack, and its scope, should scare you.

By using known vulnerabilities in Kaseya’s VSA Remote Monitoring and Management system, REvil was able to create an automated ransomware distribution network. They used the very systems that Managed Service Providers (MSPs) use to monitor and manage customer servers, computers, and networks.

The Impact

MSPs update their Kaseya VSA servers automatically installed the Ransomware on their customers’ systems, as well as their own. Best estimates are that up to  1,500 small and medium-sized companies are victims. While this number seems small, those 1,500 business face an existential threat. Remember: more than half of businesses victimized by ransomware fail within six months.

Most MSPs shut down their Kaseya VSA services before spreading the ransomware. These firms had no ability to monitor, manage, or remotely support their customers. Customers facing IT issues were met with longer diagnostic and resolution times, resulting in business disruption, lost productivity , and the possibility of data loss.

As a managed cloud service provider, Cumulus Global does not use the Kaseya VSA system.  Our clients were not at risk, via our services, from this attack.

The Lessons

We were on the sidelines for the Kaseya attack. We understand, however, that the way in which may cloud services are managed create connections between vendors, resellers, partners, and customers. While these connections do not generally provide any access to customer data, they do provide access to management functions and information about users.  This information, in turn, could be used to improve the effectiveness of phishing attacks, spoof identities, and gain access to systems.

As a trusted IT advisor and a managed cloud service provider, we are part of a connected supply chain. We take our responsibility to secure our part of that chain seriously. While we follow commercially accepted best practices for security and privacy, the Kaseya attack warns us to step back and re-evaluate our strategy, policies, and procedures.

Our Next Steps

Cumulus Global is conducting an internal review of all of our internal and operational systems, including vendor portals and services we use to order, provision, manage, and support cloud services. As part of this review we are examining our policies and procedures related to:

  • Identity management and protection
  • Access to the systems
  • System level permissions related to function and data
  • Roles and responsibilities with respect to security and privacy
  • Business continuity plans and capabilities

Through this process, we are challenging our assumptions, re-assessing how we operate security and effectively, and raising our expectations for how well we protect ourselves and our customers.

We will also be making recommendations to our clients, and the broader community, on steps they can take to improve their security profile and protections.

Your Next Steps

As a user of cloud services, and technology in general, have responsibilities as well.

We Can Help

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

The State of SMB Cyber Security

Data Protection & SecurityGone are the days when cybercrime was exclusively a big business problem. In the modern workplace, all businesses are at risk, regardless of their size or industry. Today, we recognize that implementing a cyber security program, much like hiring people and growing sales, is an essential part of running our companies.

With 43% of cyberattacks targeted at SMBs, it’s not surprising that many have identified cybersecurity as a priority. And while most of us have deployed protections, it is challenging to know if you have the right balance of protection relative to your risk.

Here are 4 key findings from research conducted by Microsoft:

01 Businesses understand that cybercrime is a problem, but understate the severity of the threat and overestimate their preparedness

The vast majority of businesses (85%) cite cybercrime as a concern, and more than half (56%) believe it is a top priority. Businesses are backing up this belief with action. Most have begun to invest both time and dollars into protecting their company from hackers and other malicious actors.

However, when you look a little deeper, it becomes clear that many have underestimated their risk. 74% of businesses don’t believe they are likely to be attacked at all and that corporations are two times as likely to be attacked.

90% of businesses say they have the right protections in place to prevent an attack, and those with more than 50 employees are even more confident. It is encouraging that businesses are investing in security, but the reality is that they are at greater risk than they think. Nearly half (41%) have been attacked

02 Small and medium-sized businesses are just as likely to be attacked as large corporations

For solutions that do cost money, businesses allocate about 15% of IT budgets go to cybersecurity,  and  21% plan to increase how much they spend protecting the company. Businesses recognize that this investment is worth it because three out of four know that it costs more to recover from an attack than it does to prevent one.

03 Employees can be a business’s biggest protection and also their biggest threat

As a small business owner, you face many of the same threats as larger businesses, but also unique challenges.

Given the number of security events tied to employees, businesses run the risk of underestimating the threat of employees leaking data or  sharing sensitive information, whether maliciously or accidentally.

Insider threats take several forms. Employees or partners may find it more convenient to transfer sensitive data using personal email or an unsecure cloud drive, not realizing the risk to your company. In fact, 30% of security events are attributed to careless or uninformed employees. More alarming is the roughly 36% of attacks where a malicious employee steals sensitive data.

04 Businesses have begun taking steps to protect themselves and there is a set of solutions and practices available to them

Most small and midsize businesses don’t have the same scale of resources to combat security threats and implement cyber security solutions as larger entities.

Fortunately, there are right-sized solutions and strategies designed to overcome the unique vulnerabilities of smaller companies. An effective security strategy doesn’t have to be expensive—or time-consuming. With a few simple, no-cost/low-cost steps, you can make a significant  impact on your company’s overall security profile. The key is to match security to your business needs and your budget.

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Top 3 Types of IT Security Threats and How to Prevent Them

Data Protection & SecuritySecurity Threats: 3 You Know and 1 You Should

Security threats take many forms. Most owners of small and medium-sized businesses (SMBs) are aware of the need to defend against the top three — viruses, ransomware, and phishing attacks — but their organizations are generally not as prepared to deal with the risks related to employees leaking data or sharing sensitive information, whether maliciously or accidentally.

Top 3 Types of IT Security Threats

1. Viruses

According to research conducted by Microsoft, infection by a computer virus is the most commonly cited among security threats facing businesses. Preventing viruses requires an integrated approach to endpoint and identity management.

How to Prevent Viruses:

  • Deploy next-gen antivirus software, with advanced threat protection, installed and updated, on all devices
  • Use web filtering and monitoring services to prevent infection, even from trusted sites
  • Roll out mobile device management to secure work devices (including laptops and desktops), as well as personal devices used for work
  • Enforce the use of multi-factor authentication as part of an integrated identity and access management solution

2. Ransomware IT Security Threats

Ransomware is a type of malware that restricts access, encrypts files, or even stops you from using your systems. Like viruses, ransomware can enter the company through insecure endpoints or unsuspecting users.

While virus protections also protect against ransomware, no protection is perfect. You need to be ready to respond and recover in the event of a successful cyber attack. This includes implementing solutions and services, and ensuring you have the proper protocols in place.

How to Prevent Ransomware Security Threats

  • Backup your data and system images, in the cloud, to ensure your ability to restore and recover
  • Encrypt all data, at rest and in motion
  • Deploy business continuity services to spin-up copies of servers in parallel with remediation
  • Pre-arrange access to forensic, legal, and communications resources to ensure a proper business response
  • Acquire cyber insurance to cover remediation, recovery, and regulatory costs, along with lost revenue
  • Focus on the four pillars of cloud security, and continue to review them on a yearly basis

3. Phishing Attacks

The majority, 67 percent, of cybersecurity professionals surveyed consider phishing attacks to be the greatest security threat facing your business and employees. Take the proper steps today to protect your people, your data, and your business.

How to Prevent Phishing Attacks:

  • Configure advanced threat protection services to identify and block attacks via email using links and/or attachments
  • Monitor inbound and outbound email traffic
  • Provide your team with awareness training to recognize problem emails, and how to respond/act
  • Instruct your team to report suspicious messages, links, and attachments
  • Deploy domain level services to prevent identity-spoofing

1 Additional IT Security Threat You Should Know

!! Internal Leaks & Threats

Insider security threats are often overlooked, and small and midsize businesses are generally unprepared to deal with these IT security threats, accidental or malicious. Surveys indicate that 53% of organizations have experienced insider attacks against their organization.

These risks take several forms. About 37% of internal leaks can be attributed to careless or uninformed employees. In many cases, these employees are using personal, less secure or unsecured services to conduct business.  Whether consumer versions of email or cloud drives for sync and share, these “shadow IT” services pose a significant risk.

While the majority of internal leaks and threats are unintentional, 36% of internal leaks are identified as attacks by a malicious employee.

To prevent data leaks and breaches, you should:

  • Actively manage access and permissions to networks, systems, applications, and data; periodically review permissions for compliance
  • Leverage features within your systems that help you manage and protect confidential and proprietary information
  • Deploy information protection solutions, such as Data Loss Prevention (DLP) and document/message level encryption, to block sensitive data from leaving your control
  • Implement proper cyber insurance and breach response protocols

>> Take Action Against IT Security Threats

All of the suggestions, above, fall within our CPR best-practice model for data protection and cyber security: Communicate & Educate; Prevent & Protect; Respond & Recover.

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Productivity Suite Assessment Helps Small Businesses Choose or Improve their Cloud

May 25, 2021 – Westborough, MA – Cumulus Global is pleased to announce the launch of its new Productivity Suite Assessment, a consulting service that helps small and midsize businesses (SMBs) determine which productivity suite best meets their needs and how to fully utilize the suite to improve productivity and support business goals. Whether considering, or currently using Microsoft 365 or Google Workspace, the productivity suite is the foundation for IT services. The right match is about more than the marketing hype and basic features. The right match integrates with how you work and other systems to support business goals, needs, priorities, and budget.

“For businesses not yet in the cloud, we guide them to the best fit and solution,” stated Allen Falcon, CEO of Cumulus Global. “For those only using some of the Microsoft and Google suite services, we help them fully adopt, utilize, and leverage capabilities.”

The Productivity Suite Assessment gives businesses:

  • A comprehensive review of current technology platforms and how well they are serving the business
  • Expert analysis of challenges, gaps, and opportunities to improve productivity and efficiencies
  • Recommendations: “what” technologies are a best fit and “how” to leverage them for greatest impact and value
  • Savings on implementation of recommendations.

“We help businesses decide if Microsoft 365 or Google Workspace best aligns with their operations and technologies. More impactfully, we identify under-utilized capabilities and guide adoption,” noted Falcon. “Using these recommendations, businesses improve processes, empower employees and teams, reduce costs, and enable growth.”

The Productivity Suite Assessment follows Cumulus Global’s best-practice methods.  The three phase project includes: detailed discovery, thorough analysis; and recommendations with guidance on implementation and adoption.  Cumulus Global partners with both Microsoft and Google, providing objective analysis and recommendations. Founded in 2006, Cumulus Global has 15 years experience delivery cloud solutions to small and midsize businesses.

Using MS Office 2010 or 2013 Puts You at Risk

Office 365 IconsOn October 13, 2020, Office 2010 reached “end of support” (EOS) and Office 2013 lost its connection to the cloud. You may be one of the many small businesses using one of these versions.

It is not uncommon for SMBs to avoid upgrading software. The cause is often a perceived “lack of need” for new features and concerns about cost. Continuing to use software past EOS is risky and will likely stifle productivity.

What This Means

Past EOS, Office 2010 no longer gets security updates and bug fixes. Continuing to use Office 2010 puts you at risk from cyber attacks.

With the loss of cloud connectivity, Office 2013 can no longer access the productivity and collaboration features in Office 365 and Microsoft 365.  More than losing features, your team is missing opportunities to improve the way you work, share, and communicate.

Next Steps

Moving to Office 2019, or to Microsoft 365, upgrades your business to a modern, secure collaboration and productivity suite. Beyond email and file sharing, the suite includes collaboration, conferencing, security, advanced threat protection, and more. Microsoft 365 saves more than 70% over purchasing these solutions separately.

To protect and empower your business, now is the time to act.

 

 

 

library

State of Security for Small and Midsize Businesses

eBook | Source: Microsoft —
This eBook identifies key findings in studies and surveys covering security for small and midsize businesses, and provides set of recommendations to ensure …

Protect Your Business – Top 3 Security Threats

eBook | Source: Microsoft —
This eBook explores how you can safeguard your business against the top three security threats, plus the one threat your business is probably overlooking.

Crash Course in Office 365

eBook | Source: Microsoft —
You already know the productivity power of Office applications like Word, PowerPoint, and Excel. Full adoption empowers you to access your …

Unblocking Workplace Collaboration

eBook | Source: Microsoft —
Poor workplace collaboration is 1 of 5 top reasons people quit their jobs. Break down collaboration blockers so that teams …