New Security Demands & Requirements for Small and Midsize Businesses

Security, Privacy, & Compliance

As the cybersecurity landscape continues to change, we see an evolving trend of new security demands being placed on small and midsize businesses. In this first post in our Security Update Series, which covers the evolving cybersecurity landscape for small and midsize businesses, we take a look at the drivers behind the new security demands on your business.

Three Drivers for Business Security

As is typical, the demands and security requirements are coming from three directions:

  • Regulation
  • Cyber Insurance
  • Supply Chain

Each of these three sources is increasing its expectations for your security practices and systems.

1 Regulation

As of November 2023, 12 states have enacted comprehensive data privacy laws, and 5 states have tailored information privacy laws. Other states have existing laws with similar protections that differ in implementation and enforcement. In 2023, 12 states introduced and are considering new privacy legislation. The vast majority of these laws may be enforced based on the location of the victim of a data breach. If you have customers in multiple states, you face a patchwork of legal requirements and potential liabilities. State rules extend beyond federal regulations, such as HIPAA, Sarbanes/Oxley, and SEC regulations, that may apply to your business.

Most businesses must also comply with industry regulations. If you accept credit cards, for example, you must comply with the Payment Card Industry Data Security Standard (PCI-DSS). These industry regulations often require additional policies and protections beyond federal and state regulations.

2 Cyber Insurance

Insurance carriers and underwriters base their calculations of risk through in-depth analysis of claims history and broader trends. Cyber insurance, being relatively new, does not have the same claims history as other business liabilities. As such, insurers continue to learn and adapt. Part of this learning is that cyber insurance claims are larger than previously predicted, basic security solutions often fail to provide sufficient protection, and a company’s ability to recover may be as important as its protections.

Furthermore, insurers are actively holding customers accountable for the statements made on applications, questionnaires, and audits. In 2022, Travelers Property Casualty Company of America sued International Control Services Inc. (ICS) in the U.S. District Court for the Central District of Illinois (Case No. 22-cv-2145). ICS stated that multi-factor authentication (MFA) was in place. The forensics investigation following a ransomware attack determined that MFA was not in place. Travelers claimed and maintained that the misrepresentation “materially affected the acceptance of the risk and/or the hazard assumed by Travelers.” The parties settled with cancellation of the payout, leaving ICS uncovered for any costs or damages.

While some insurers attempted to mandate specific security solutions or products, most insurers are now looking to verify a much broader range of security infrastructure. Beyond endpoint protection and MFA, insurers are using their growing understanding to set broader expectations. Security activities such as internal and external penetration testing, collection and analysis of security and activity logs, and the availability of business continuity solutions are starting to appear on cyberinsurance applications. Many insurers are also starting to request third-party validation and benchmarking against security frameworks, making streamlining security for SMBs even more important.

3 Supply Chain

If you provide products or services to businesses, you are in their supply chain. Governmental and industry regulations applicable to your customers will create new requirements for your business. The supply chain effect is not new. Organizations bound by HIPAA demand require a Business Associate Agreement (BAA) from suppliers. Sarbanes/Oxley, SEC regulations, and others include requirements that businesses must validate levels of compliance from suppliers and vendors. The same is becoming a reality for cybersecurity. As businesses develop their cybersecurity programs, they want and need to ensure their supply chain is equally secure. Cyberinsurance, industry regulations, and government regulations are starting to require this level of diligence.

As a smaller business, your customers may begin with changes to confidentiality and non-disclosure terms in your contracts related to the use of Artificial Intelligence (AI) tools and services. You may be asked to conform to a specific security framework. You may be asked to confirm and attest to a set of security practices. Businesses that do not comply risk litigation and losing customers.

What to Do:

The first step is to not panic. These changes will surface over time.

Start with making sure your basic security services are in place. Complete our Rapid Security Assessment for a quick review of your current, basic security infrastructure. We will also provide recommendations specific to your business and needs.

Our Security CPR Managed Security services deliver an affordable, effective, security solution that helps you meet current expectations. These services integrate well with our Managed Cloud Services and can be implemented quickly and affordably.

To learn more or to discuss your options in more detail, please contact us or schedule time with one of our Cloud Advisors.

And, continue to follow our blog for Security Update Series posts for more information and ideas.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

Cumulus Global Offers Easier Public Sector Cloud Purchasing

Managed Cloud Services by Cumulus Global

Cumulus Global Offers Easier Public Sector Cloud Purchasing

Participation in multiple, national, cooperative purchase programs to save schools and local governments time and money.

 

Cumulus Global proudly announces that schools and local governments can now purchase Google Workspace, other cloud services, and related professional services via one of four national cooperative purchasing programs. By participating in these programs, Cumulus Global services and solutions are now available with simplified bidding and quoting processes. Local governments and school systems will save time and money.

“This is a big step forward for Cumulus Global and our public sector customers,” stated Cumulus Global CEO Allen Falcon. “If we can quote cloud and professional services without extensive bidding and RFP processes, we save time and money.”

By participating in multiple procurement associations, Cumulus Global is more likely to find a match with schools and governments for managed cloud solutions. They can use any of the four procurement vehicles to which they belong: Equalis Group, National Cooperative Purchasing Alliance (NCPA), OMNIA Partners, or PEPPM Cooperative Purchasing.

“We are meeting governments and school districts where they are,” noted Falcon. “Chances are, we are in a program that your school or local government can use.”

As part of the company’s commitment to added value, the company is transparent with respect to program participation fees. The company will share and pass through these fees as-is, without markups. Local governments and schools interested in learning more can schedule an introductory call with a Cumulus Global Cloud Advisor.

About Cumulus Global

Managed Cloud Services for Small and Midsize Businesses, Governments, and Schools

Cumulus Global (www.cumulusglobal.com) is an industry-leading managed cloud service provider with a mission to deliver solutions with tangible value.

  • What We Do: We translate your business goals and objectives into solutions and services.
  • How We Do It: We start with your business needs and priorities. Planning and migration includes guidance to help your team adopt and utilize new services. Your team benefits from co-managed services, ongoing support, and client success services that help you adapt as your business changes and grows.
  • What We Offer: Managed cloud solutions featuring Google, Microsoft, and more than three dozen providers.

For more information, schedule a no-obligation introductory meeting with a Cloud Advisor.

Ensuring Hybrid Work Actually Works

Hybrid Workplace

For most of us and our businesses, hybrid work from home jobs are here to stay.  In reality, it has almost always been with us.  Salespersons, field technicians, and other out-of-office customer-facing roles have been a part of many businesses for decades.  The mix, however, of who works outside the office has changed.  And while many businesses are still working to figure out how many in-office work days are necessary each week, the underlying assumption is that hybrid work models will remain.

The challenge now is to ensure your model for hybrid work actually works for your business. When remote work was the exception, the solutions could be one-offs, or more complicated, because the impact on users was limited.  The extra effort to connect to the office was acceptable.  Remote work is now part of the norm, whether in a hybrid model or full-time. Connecting is now critical — technically and in terms of communication, collaboration, and culture.

Here are 5 Ways to Help Ensure Hybrid Work Actually Works

 

1 Simplify Access and Accessibility

Ensure your team can connect and work easily.  Each added layer, such as VPNs, adds a layer of complexity and creates another opportunity for something to go wrong. Complexity also impedes performance.

Moving services — applications, files, data — into a central cloud service reduces the need for complex connections from remote users to in-house networks and servers.  Microsoft 365 or Google Workspace, for example, can easily replace traditional file servers.  Using a virtual desktop infrastructure (VDI) service with remote desktops simplifies access and accessibility to servers and line-of-business applications that do not yet run in the cloud.

2 Create a Single User Experience

If the user experience is different in-office and remotely, team members on a hybrid schedule must effectively navigate two different systems to connect and work. The result is often confusion. File locations and access to printers and scanners become confusing. Configuring oneDrive or Google Drive desktop applications is challenging if you want them to work on and off your office network.

Creating a single user experience reduces the confusion and eliminates potential roadblocks to productivity.

One of the easiest ways to create a single user experience is to use (VDI) and remote desktops.  Rather than having users work “locally” in the office and “remotely” elsewhere, the VDI environment provides remote desktops usable to everybody regardless of location.  All users connect to the service and work within a secure network.

As an added benefit, VDI narrows the scope of your security envelope. VDI reduces the need to manage end user devices, particularly if you allow Bring Your Own Devices (BYOD).

3 Enable Collaboration

The flow of information is different when we work remotely versus together. And while many are more productive working remotely, effective collaboration takes effort.

On average small businesses use only 10% to 15% of the features and capabilities of Microsoft 365 and Google Workspace. There is a high cost to low adoption.

To foster collaboration, your team must be comfortable using the tools that enable the sharing, communications, and relationships. On-going education of capabilities helps team members learn and use collaboration features. Reviewing and updating workflows and processes can improve collaboration within day-to-day activities.

4 Manage Your Managers

Managing people and leading teams is a skill. Many “doers” struggle when they become managers, given the complexities of coaching, mentoring, managing expectations, and dispute resolution across diverse groups of individuals. Managing teams with remote members is even more challenging. Team dynamics will differ, perception biases related to visibility will exist, and managing will need to be against results and expectations rather than visible activity.

Team leaders and managers need education, training, guidance, and mentoring to succeed.  And this need is greater with hybrid and remote teams. Peruse the Ask a Manager blog archives if you want real life examples of unskilled, and outright bad, managers who can damage your business.

Spend some time, and yes, money, to develop management and leadership skills for those responsible for supervising others.  Include guidance and support for issues unique to remote staff and hybrid and remote teams.

5 Include People Intentionally

Remote work does allow team members to focus on their tasks and manage their time. Meetings still happen and team members can use their commute time for other things.

In-person work still has benefits. Unstructured interactions build relationships and connections that enable ideas and innovations to take hold. Granted, “water cooler” chats can be gossipy or give naysayers a channel.  These conversations also enable many to float and test ideas outside of formal meetings. There is a perceived formality when you ask somebody to meet via video, even if it is to just bounce and discuss ideas. The acts of requesting, scheduling, and joining create a structure that differs from catching somebody at their desk, in the hall, or walking back from lunch.

The solution is to create opportunities for casual communications and to set the expectation that they should occur. To do so, your team members need opportunities to interact not only on work, but work-tangential topics, as a means to build relationships and trust.

For your remote/hybrid workers, inclusion is key.

  • As you prepare for meetings, let remote participants know in advance that you will be seeking their input on various topics. Set the expectation for participation without an element of surprise.
  • Create the habit of asking, “Who else should we ask?” when having unstructured discussions. Include them in real-time via chat or video, or message them for ideas or a time to chat.
  • Actively include remote workers in company events.  Team pizza lunch on Thursday?  Move it to a conference room, invite remote team members, and send remote participants lunch (or a credit to order their favorite).
  • Plan company events so remote team members can participate. Activities, like providing the ingredients and preparing a fancy meal guided by a chef, allow people to share a common experience in a group setting, even though participants are not physically together.

Next Step: Cumulus Global Can Help Your Business Succeed in a Hybrid Work Environment

Making sure that hybrid work actually works for your business requires intent, planning and action. Even small initiatives and steps to support remote staff and teams, and to foster communication, trust, and collaboration, can have a big impact on your business.

Cumulus Global can help you with plan and deploy technologies and servers that enable and support effective remote workers and teams.  With best-in-class remote desktop/VDI services, expert support for both Microsoft 365 and Google Workspace, and affordable Managed Cloud Services, we will help your business thrive and grow.

Click here to schedule a call with a Cloud Advisor or send us an email. There is no cost and no obligation.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management. 

 

Cumulus Global Awarded 2024 Google Premier Partner Status

Google Premier Partner

Cumulus Global Awarded 2024 Premier Partner Status for Google Workspace

Google recognizes Cumulus Global for expert service delivery and growth.

 

Cumulus Global is proud to share that Google has recognized the company as a Google Premier Partner for Google Workspace.  The award reflects Cumulus Global’s ability to consistently provide high-quality service to its customers and the company’s ongoing commitment to service quality and growth.

 “We are honored to receive Premier Partner status for 2024,” stated Cumulus Global CEO Allen Falcon. “Our team works hard to ensure our customers move smoothly into cloud services and get the best possible value from their Google Workspace and related services.”

Google awards Premier Status to partners that meet and maintain a rigorous set of standards. These standards include maintaining advanced levels of training and certification, reaching business development milestones, and receiving customer recommendations and testimonials.

Serving small and midsize businesses, governments, and schools, Cumulus Global supports hundreds of organizations and over 30,000 end users throughout North America.

“From sole practitioners to organizations with hundreds of people, we do more than provide subscription licensing and migrate data,” noted Falcon. “Our focus is on helping individuals and teams best use the capabilities of Google Workspace and on helping organizations make sure their data is secure and protected.”

Beyond licensing and ‘support,’ Cumulus Global specializes in delivering Managed Cloud Services. With options that scale to meet your organization’s needs and budget, Cumulus Global’s Managed Cloud Services deliver security, data protection, monitoring, management, support, and professional services in service packages that cost less than traditional MSP services.

About Cumulus Global

Managed Cloud Services for Small and Midsize Businesses, Governments, and Schools

Cumulus Global (www.cumulusglobal.com) is an industry-leading managed cloud service provider with a mission to deliver solutions with tangible value.

  • What We Do: We translate your business goals and objectives into solutions and services.
  • How We Do It: We start with your business needs and priorities. Planning and migration includes guidance to help your team adopt and utilize new services. Your team benefits from co-managed services, ongoing support, and client success services that help you adapt as your business changes and grows.
  • What We Offer: Managed cloud solutions featuring Google, Microsoft, and more than three dozen providers.

For more information, schedule a no-obligation introductory meeting with a Cloud Advisor.

Leadership Thoughts: Noteworthy Blog Posts – Jan ’24

As small business owners and leaders, you carry the responsibility for the direction and success of your business.  And while Cumulus Global provide managed cloud services that help you thrive and grow, we understand your responsibilities are broader than just IT. As a way to share some leadership thoughts, here is a curated list of blog posts from trusted experts that we hope will inform and inspire.

Marketing

Sales

Human Resources

Strategy and Leadership

IT Ideas That Still Hold True

A few of our past blog posts that remain true and relevant today.

Help us keep the ideas flowing. If you have any blog posts that are leadership thoughts you want to share, please let us know.

Update: Cumulus Global Grows its Sustainability with Evertreen Reforestation Initiative

Cumulus Global Partners with Evertreen to Offset CO2 with Reforestation Projects 

Reforestation

Updated January 8, 2024 — Cumulus Global is expanding its sustainability efforts and its partnership with Evertreen, increasing monthly plantings to 100 trees.  Planting forests in Honduras, Mozambique, Ethiopia, Madagascar, and the Philippines, will improve both the ecology and economies in areas near the forests.  Each month, trees planted will remove over 72 tons of CO2 from the atmosphere. This is equivalent to the amount of CO2 created by 188 cars driving over 1,000 miles in cars getting the average miles per gallon in the United States.

 

August 10, 2023 – Westborough, MA – Cumulus Global announces a dramatic expansion of our company’s sustainability efforts. Partnering with Evertreen, Cumulus Global is supporting reforestation projects in four countries trees. Joining a reforestation program helps the company offset emissions from commuting, business travel, and other business activities. Each monthly planting will remove over 4.2 tons of CO2 from the atmosphere.  This is equivalent to the amount of CO2 created by driving over 11, 000 miles in a car getting the average miles per gallon in the United States. 

“We are excited about expanding our sustainability efforts in ways that will also benefit local communities around the world,” stated Cumulus Global CEO Allen Falcon. “This is a creative way that we, as a small business, can make a difference.”

Each month, Cumulus Global will plant at least 7 trees across four projects. The projects are located in Ethiopia, Madagascar, South Africa, and the United States. Beyond reducing carbon in the atmosphere, the reforestation projects also address local community needs.  Evertreen designs each project to provide local employment. Tree selections help increase local food supplies, prevent soil erosion, and protect local watersheds.

“We chose Evertreen for their holistic approach to the reforestation projects,” noted Falcon. “Their monitoring program and existing partnerships with IT industry leaders further proves their credibility and integrity.”

Beyond planning and planting forests, Evertreen actively monitors the health and growth of its forests with staff on-the-ground and advanced satellite imagery. View a summary of Cumulus Global’s participation, add trees to Cumulus Global’s forest, and learn more about Evertreen.

This tree planting program further extends the company’s sustainability program, that also includes recycling and the use of renewable energy. Since October 2020, Cumulus Global has relied on 100% renewable energy for all of the electricity needs at its main office. 

About Cumulus Global

Cumulus Global is an industry-leading managed cloud service provider with a mission to deliver solutions with tangible value.

  • What We Do: We translate your business goals and objectives into solutions and services.
  • How We Do It: We start with your business needs and priorities. Planning and migration includes guidance to help your team adopt and utilize new services. Your team benefits from co-managed services, on-going support, and client success services. We help you adapt as your business changes and grows.
  • What We Offer: Managed cloud solutions featuring Google, Microsoft, and more than three dozen providers.

About Evertreen

Evertreen (www.evertreen.com) helps individuals and companies offset CO2 emissions by planting trees around the world. In addition to reducing CO2 in the atmosphere, Evertreen forests contribute to local economies and ecosystems. As of the date of this post, Evertreen has planted more than 707,700 trees in more than a dozen forests spanning 10 countries. 

3 Google Changes Happening Now

Google Premier Partner

As we enter 2024, Google is making changes to further improve the email and Google Workspace user experience.  Google has three initiatives to further prevent spam, reduce cyber attacks, and expand the capabilities of Google Workspace users. Each of these three efforts can impact your subscriptions and, in many cases, the fees you pay.

  1. Google will Enforce Email Best Practices
  2. G Suite to Google Workspace Conversions Continue and Can be Costly
  3. Google is Enforcing Pooled Storage Limits

Please review each of the 3 changes and let us know if you need assistance.

1 Google will Enforce Email Best Practices

Google is leading email providers in a new effort to protect individuals from cyber attacks. While initially targeting bulk email senders, we, along with Google, encourage all email senders to adopt best practices for email validation and security.

Email remains the primary method of cyberattacks.  While phishing and ransomware remain the most common forms of attack,  business email compromise (BEC) cyber attacks are the most costly and damaging. As we noted in this blog post, DKIM and DMARC are the best methods for preventing BEC and email/domain impersonation attacks.  The post includes a link to this eBook with more detailed information. 

The relatively low cost to set up these protections and optionally monitor DMARC reports has saved small businesses like yours tens of thousands of dollars in losses.

2 G Suite to Google Workspace: Conversions Continue and Can Be Costly

As announced in October 2022, the migration from G Suite to Google Workspace will wrap up in 2024.  If you are still on a G Suite subscription, Google will automatically move you to a Google Workspace subscription on your renewal date.

What to Expect:

This migration results in significant fee increases for many organizations, as noted in prior blog posts and direct communications.

  • Accounts with more than 300 users will be moved to a Google Workspace Enterprise version.
    • G Suite Basic and Business customers will see their fees jump from $6 or $12 per user per month to $23 or $30 per user per month.
  • Google Workspace feature alignment differs from G Suite. Google will move your subscription based on the features you use:
    • As appropriate, Google will move you from G Suite Basic or Business, at $6 or $12 per user per month, to Google Workspace Business Standard or Plus, at $12 or $18 per user per month.
    • Google will move some G Suite Basic and Business customers to Google Workspace Enterprise Standard at $23 per user per month.
    • Depending on the features you use in G Suite Enterprise, at $20 per user per month, Google will move you to Google Workspace Enterprise Standard or Plus at $23 or $30 per user per month.

In addition to the initial transition from G Suite to Google Workspace:

  1. Google increased the pricing for Google Workspace Enterprise Standard from $20 to $23 per user per month
  2. Customers without an annual commitment — month to month service — 20% more for each license
  3. With pooled storage for all subscriptions, Google no longer allows you to add additional storage subscriptions

These 3 changes create additional reasons for subscription upgrades and fee increases.

What to Do:

Although Google halted its generous migration incentives and discounts early last year, we can help you avoid or mitigate fee increasesContact us or schedule time with one of our Cloud Advisors Advisors for assistance.

3 Google Will Enforce Pooled Storage Limits

As we blogged in November, Google is now enforcing pooled storage limits across all Google Workspace subscriptions.

While Google Workspace Enterprise subscriptions have unlimited storage, pooled storage limits for Google Workspace Business subscriptions as follows:

  • Starter = 30 GB per user
  • Standard = 2 TB per user
  • Plus = 5 TB per user

If you exceed your pooled storage limit, Google will place your service in “read-only” mode, which impacts your ability to create/add content.

What to Expect:

  • As you approach your pooled storage limit, Google will send you warnings.
  • If you exceed your pooled storage limit and have additional storage licenses, Google will give you up to 60 days before limiting your account. If not, you will only receive up to 14 days notice.

What to Do:

As soon as you receive either of the warnings from Google, you need to plan to either free up storage or add more storageOur blog post discusses your options in more detail. For more information or assistance, please contact us or schedule time with one of our Cloud Advisors.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

7 Steps to Build Your 2024 IT Strategic Plan

2024 IT Action PlanIn our 3T@3 Series event in December, we discussed creating your 2024 IT Action Plan. During the session, we walked through a proven process for building a feasible plan for the coming year.

Here is a breakdown of 7 key steps in the process

1 Define Your Business Drivers

Your first step is to assess your business drivers.  What are the conditions, internally and externally, that you expect to impact your business over the coming year?

External drivers are generally beyond your control or influence: changes in the economy, evolving customer needs and priorities, shifts in business conditions in your target markets, and changes to the competitive landscape.

Internal drivers are within your control. What are your goals and objectives? Which are priorities, needs, or wants?  Do you have defined business plans and targets for investment?

Many of your internal drivers may be responding to external drivers.  Identifying these drivers, and their priority, will guide business and technology solutions over the coming year.

2 Review Your IT Lifecycle

Review your hardware and software inventory, and where each item sits in its lifecycle. Document applications or systems due upgrades; catalog servers, infrastructure, and user devices due for replacement.  Use this assessment to schedule necessary expenditures.

Also, consider if now is the time to upgrade or replace older systems with managed cloud-based solutions or services. Doing so can reduce capital expenditures and may provide more scalable resources and services.

3 Define IT Initiatives

Having planned for scheduled hardware and software refreshes, use your priorities list of business drivers to create a finite set of IT initiatives.

Your business drivers should trigger business decisions, actions, and plans. Analyze these plans for how IT services can enable or support the desired actions and outcomes. This strategy and analysis becomes your IT requirements for the coming year.  The priority of your business goals and objectives will set the priority for your IT initiatives.

Your IT initiatives are defined, manageable projects that meet your IT requirements.

4 Benchmark Your Security CPR

Security CPR is our model for pragmatic protection for your business.

  • Communicate & Educate
  • Protect & Prevent
  • Respond & Recover

Your IT initiatives will, without a doubt, interact with your security services.  Take a step back and review your security protocols and systems.

  • Verify that you remain in compliance with legal and industry regulations
  • Validate that your IT initiatives will do no harm, or will enhance your security profile
  • Adjust your security services to changing risks, priorities, and threats

5 Set Clear Priorities

Your budget has limits.  With security considerations in place, prioritize your IT spending. We recommend prioritizing within three distinct categories:

  • Lifecycle Events – Replace and upgrade aging hardware and software
  • Operating Expenses – Ongoing costs for cloud, services, and resources
  • Investments – Your IT initiatives

6 Build Your Budget

Allocate your target budget to each of the categories.  Fund items in each group from highest priority on down.

One key to building the budget is to facilitate some give and take.  Moving budget between categories can be done, carefully, in ways that benefit each aspect of your IT spending.

For example, moving to Remote Desktops in a virtual desktop infrastructure (VDI) cloud can extend the life of desktops and laptops by 2 to 3 years. Delaying system upgrades can be a safe move if your initiatives are working towards replacement.

7 Create Your Schedule

While it is natural to want to get everything done right away and all at once, thoughtful scheduling increases your likelihood of success for your 2024 IT Action Plan.

Scheduling starts with actions: the what, when, how, and how of your IT initiatives. Smart scheduling will also include consideration of dependencies and resource availability.

Going one step further, review your business cycle limitations. Avoid scheduling projects, particularly critical paths, that conflict with more intense periods within your business cycle. You may have a busy season, or need to be careful not to impact your quarterly close and reporting. Whatever demands your business cycle creates, adjust your planning and schedule around them.

How Cumulus Global Can Help You

We focus on helping clients get the most value from their current IT services and new, cloud forward solutions.  As you build your 2024 IT Action Plan, we can help. With a history of strategic IT consulting services, we can help you build your plan, review plans you have drafted, or simply discuss options.

Click here to schedule a call with a Cloud Advisor or send us an email. There is no cost and no obligation.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management. 

 

Google Upgrade Prevents SPAM and Defines Email Best Practices for 2024

Google email sender guidelines updates coming in 2024: how to prepare

Google constantly works to enhance security and reduce the prevalence of spam in Google Workspace and Gmail inboxes. AI-powered defenses successfully filter out almost 15 billion undesired emails each day. Google stops over 99.9% of spam, phishing, and malware threats. Still, as spamming techniques evolve, threats to user security persist.  Google will deploy new rules for bulk email senders. These Google email sender guidelines and rules prevent SPAM using email best practices that we should all follow.

Improving Security with Google Email Validation

Starting in February 2024, Google will implement new criteria for bulk senders (i.e., accounts that send more than 5,000 messages to Gmail users in a single day). These new email sender guidelines and requirements focus on email validation, and the evaluation of an email address’s legitimacy. 

New Email Requirements for Bulk Senders:

  • Authenticate Email: Bulk senders must strongly authenticate their emails. This protects against the exploitation of loopholes by malicious actors and allows users to trust the source behind the emails they receive.
  • Enable Easy Unsubscribe: Bulk senders will be required to provide recipients with an easy, one-click option to unsubscribe from commercial emails. These unsubscription requests must also be processed within a time period of two days.
  • Send Wanted Emails: Google will set a clear spam rate threshold to protect Gmail users from receiving an abundance of unwanted emails. Notably, this measure is an industry first. 

This Change Impacts You 

If email is part of your marketing program, even if you are not a bulk sender, these rules impact you. While Google is enforcing these rules for bulk senders, following these rules improves your email results. By improving your email reputation, and reducing the risk of impersonation, your emails are more likely to land in the inbox rather than the junk or spam folder. 

Things to Consider to be Ready for The Bulk Sender Changes Happening in February 2024

1 Make sure your Domain Name Service (DNS) email settings and protocols are correct and complete.

2  Preferably, use an email marketing platform instead of your Google Workspace account for large group and bulk marketing emails.

  • Email marketing platforms give you the ability for easy un-subscribe and will provide the necessary features to comply with the anti-spam and data privacy laws and regulations.
  • Google limits the number of recipients per email and the number of emails you can send per day. Google may suspend your account if you exceed these limits.

Your Next Steps to Prepare for New Google Email Sender Guidelines

Contact us or click here to schedule a call with a Cloud Advisor  to review your DNS protocol settings and our Managed DNS Services.

For more details about Google policies that impact emails received by, and sent from, Google Workspace, review Google’s Email Sender Guidelines.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

Manage Storage in Google Workspace and Understand Limits

Google Workspace

Updated January 3, 2003: Clarification on length of grace periods.

With the move to pooled storage across all subscriptions, Google no longer supports legacy options for additional storage for Google Workspace. As such, many individuals and businesses find themselves approaching or exceeding the pooled Google Workspace storage limit for their accounts.

What Happens Next After Reaching The Google Workspace Storage Limit

If you reach or exceed your pooled storage limit, Google gives you a grace period to either reduce the amount of storage used, or to add more pooled storage by changing your subscription.  After the grace period, your account becomes “read-only.” This change impacts your services including being unable to upload files or create new Google Docs, Sheets, Slides, or Forms.

Your grace period is:

  • 14 days if you do not have legacy Additional Storage license(s).
  • 60 days if you have legacy Additional Storage license(s).

You Have Options

You need to either add more Google Workspace storage, or you and your team need to free up storage.

Add More Storage

You have three options for adding more storage.

1 Upgrade.  The easiest way to add storage capacity, and Google’s recommended solution, is to upgrade to the next subscription tier, from Business Starter to Standard; from Business Standard to Plus; from Business Plus to Enterprise Standard.

2 Add Licenses. As an alternative, you can opt to add one or more additional licenses to increase the storage pool.  Both of these solutions will incrementally increase your cost.

3 Add 10 TB of Storage. You can add Additional Storage to Google Workspace subscriptions with pooled storage. The added storage comes in blocks for 10 TB at a cost of $300 per month.  This option is generally too expensive for most small and midsize businesses.

Which option is more cost-effective depends on your current subscription, your number of users, and the amount of storage you want to add.

Free Up Storage

We can recommend several techniques for freeing up storage, each with advantages and disadvantages.

1 Review and remove large or unnecessary files.  Ask each user to go through their “My Drive”. Your Administrator should review your Shared Drives. Be careful not to remove files that may be needed.

2 Review and remove duplicate files. Encourage each user to delete files that have been copied to a Shared Drive, or for which they have multiple copies that are no longer needed.

3 Remove and reduce large emails. Instruct and help users work to through their historical email and delete emails with larger attachments. Verify that the files were saved to My Drive or a Shared Drive. Be careful that the content of the email is no longer needed as well to avoid losing information you might need later on.

4 Move files to other storage. Using Google Cloud you have other storage options. These storage options work well for static needs, such as archiving projects and media (image, audio, video) libraries. Accessing Google Cloud storage requires

5 Move files to local storage. While counter to a Cloud Forward approach, you can move files to local storage. If you  do download the files to local storage before deleting, remember to make sure you protect those files with a backup/recovery solution.

We Can Help with Google Workspace Storage

Our team of small and midsize business cloud experts can and will help you chart your best path forward.  Let us help you assess the effort and cost for your options, and choose the best solution for you and your business. Schedule a call with a Cloud Advisor or send us an email.

About the Author

Chris CaldwellChristopher Caldwell is the COO and a co-founder of Cumulus Global.  Chris is a successful Information Services executive with 40 years experience in information services operations, application development, management, and leadership. His expertise includes corporate information technology and service management; program and project management; strategic and project-specific business requirements analysis; system requirements analysis and specification; system, application, and database design; software engineering and development, data center management, network and systems administration, network and system security, and end-user technical support.