Mandatory Google Workspace Transitions Begin

Google Cloud PartnerIf you have not completed your transition from G Suite to Google Workspace, Google will automatically begin Google Workspace transitions on January 31, 2022.  You will receive at least 30 days notice of your migration.

Please note that this transition includes significant changes to your subscription options, features/functions, AND PRICING.

Google Workspace

KEY POINTS TO KNOW:

  • Disruption: The transition is non-disruptive to end users and administrators, unless you decide to transition to a subscription with different features.
  • Pricing: Depending on your size and current G Suite services, keeping the same features may result in price increases of 50% to more than 300% (see below).
  • Savings: Cumulus Global can manage your transition, help you select the best Google Workspace for your business, and offer discount incentives for making your transition before the end of the year.

YOUR KEY DECISION:

You need to decide if you want to manage your transition or wait for Google to transition your subscription automatically.

If you chose to manage your transition, we can:

  • Save you money with Google-supported incentive discounts, provided we schedule your transition before the end of the year.
  • Help you select the best subscription plan/mix for your business, ensuring your business and security needs are met at the lowest cost.
  • Schedule your transition at a time that works for you and your team.
  • Educate your IT team on any new end-user, admin, and security features.
  • Support your IT team and end users.

YOUR MANAGED TRANSITION

To learn more about Managed Transitions, please contact us by email, or use the following form:


RESOURCES

In addition to more information in the “About” sections, below, we offer the following resources as well:

About: Automatic Transitions

Google will begin automatic transitions on January 31, 2022.

  • For annual subscriptions, the transition will occur at the end of your current annual or fixed term contract.
  • Companies on “Flex Plan”, month-t0-month services, Google will transition your account as quickly as possible
  • Google will determine the Google Workspace subscription based on your current product features, even if this change results in a significant price increase
  • Automatic transitions are not eligible for incentives or other discounts

About: Pricing Changes

The three biggest impacts on your Google Workspace pricing are your number of licenses,  features, and storage.

License Count

Companies with fewer than 300 users can select from three Google Workspace Business subscriptions.  Companies with more than 300 users will need to select from the two Google Workspace Enterprise subscriptions.  While you can mix and match licenses within the Business and Enterprise tiers, you cannot mix and match Business and Enterprise subscriptions.

Impact for companies with more than 300 users:

  • Companies running G Suite Basic, will see their per user license fees increase form $6 per month to at least $20 per month.
  • Companies running G Suite Business, will see their per user license fees increase form $12 per month to at least $20 per month.

Features

The biggest feature impact for most companies will be their use of Vault.  Companies running G Suite Basic and Google Vault, or running G Suite Business (which includes Vault), will need to transition to Google Workspace Business Plus. Because both Google Workspace Enterprise subscriptions include Vault, any company with more than 300 users will have Vault due to the license count-based migration requirements.

Impact for companies using Vault (with 300 or fewer users):

  • Companies running G Suite Basic plus Vault, will see their per user license fees increase form $11 per month to $18 per month.
  • Companies running G Suite Business, will see their per user license fees increase form $12 per month to at least $18 per month.

Storage

Added storage is no longer an option with Google Workspace. Because you can mix and match licenses within the Business and Enterprise tiers, you may need to transition users to different subscriptions based on their storage needs.

The Google Workspace subscriptions offer the following per-user storage:

  • Business Starter = 30GB, no Shared Drives
  • Business Standard = 2 TB, aggregated across the domain, with Shared Drives
  • Business Plus = 5 TB, aggregated across the domain, with Shared Drives
  • Enterprise Standard = Unlimited storage, with Shared Drives
  • Enterprise Plus = Unlimited storage, with Shared Drives

Other Changes: Vault Former Employee Licenses

Vault Former Employee (VFE) licenses are free or discounted Vault licenses for users that no longer have active G Suite accounts.  With the transition to Google Workspace, VFE licenses are no longer available; VFE licenses will transition to Archive User Licenses (AUL).

Archive User Licenses are NOT FREE. The per user per month pricing for AULs is as follows:

  • AUL – Business = $4
  • AUL – Enterprise Standard = $5
  • AUL – Enterprise Plus = $7

Companies with VFE licenses should plan for alternate retention strategies or potentially significant licensing fees.

 

15 Years of Service

Cumulus Global Logo - 15 Years of ServiceOn August 18th, Cumulus Global reached a milestone: 15 Years of Service.  Founded in 2006, we have provided tactical and strategic cloud services and solutions to small and midsize businesses, non-profits, local governments, and K-12 school systems. Thank you! Our journey could not have happened without the trust our clients and partners place in our expertise, insights, and services.

Our need will be the real creator.” – Plato

Cumulus Global — born as Horizon Info Services, LLC — exists because we wanted and needed to solve critical business problems.  Running a strategic IT consultancy at the time, Allen Falcon and Chris Caldwell had clients struggling to manage spam.  With more than 95% of all email being spam, on-site email servers and Internet connections were saturated and overwhelmed processing junk email. Having found a solution, the duo spun off what is now Cumulus Global to provide cloud-based email security and compliance services to their consulting clients and other small businesses. The service, Postini, did the trick and our business grew.

“Just Google It.” – Anonymous

In 2007, Google acquired Postini and Cumulus Global became one of Google’s first partners and resellers.  Our relationship with Google created new opportunities for Cumulus Global and our customers, and enabled a vision and mission of helping smaller businesses take full advantage of the cloud computing evolution.

Cumulus Global helped Google pilot its Google Apps Premier Edition (now evolved into Google Workspace). We were one of the first partners authorized to resell to governments and schools.  We partnered with Google for the launch of Chromebooks for Education.

With all of these first, Cumulus Global stayed true to its focus: strategic and tactical cloud solutions that augment or replace traditional small business IT solutions for better productivity, value, and business results.

“Only those who will risk going too far can possibly find out how far one can go.” – T.S. Eliot

Following the acceptance and rapid growth of “Cloud Computing”, Cumulus Global landed at #349 on the 2014 Inc. 500 list of the fastest growing private companies.  In 2015, we were #914 in the Inc. 5000.

“Every problem is a gift — without problems we would not grow.” – Anthony Robbins

While the growth was exciting, rapid growth creates challenges. The resources required to rapid growth detracts from other areas of the business.  In 2016, we made a conscious decision to focus on “Better, Not Bigger”.  With this shift, we:

  • Became a Microsoft Silver partner, providing a platform agnostic view of cloud solutions
  • Added a broader range of security, privacy, and compliance services to meet evolving market and regulatory demands
  • Expanded from providing “support” to delivering “services”, offering customers unlimited co-management of cloud and IT services
  • Rolled out new managed services, such as Business Continuity/Backup/DR, Identity and Access Management, and Managed Print services, to provide customers with a complete, cohesive, and secure technology environment.

We continue to anticipate and respond to regulatory, industry, and market changes that impact our customers’ businesses and influence decisions.

“Try not to become a person of success, but rather try to become a person of value.” — Albert Einstein

Like most small businesses, we are only as good as the members of our team. We are fortunate to have a team of dedicated professionals that share our vision and passion.  This has been true throughout our history. Cumulus Global continues to be a comfortable workspace in which our team members feel safe to learn and grow — professionally and personally. We are proud of our team and their commitment to our mission and visions, and our customers. We are also proud that Cumulus Global has helped many on our team build new skill sets, expand their horizons, and launch fulfilling careers.

“Commitment is what transforms a promise into a reality.” – Abraham Lincoln

Our commitment remains firm: The outcomes you want – business, operational, technological – drive our passion. We help small and midsize organizations, like yours, get more value from existing IT and new, Cloud Forward, managed cloud services.

We …

  • Start by understanding your business so we can align solutions with your goals and objectives.
  • Design, deploy, and manage secure, cloud forward solutions that empower your team and give you a competitive advantage.
  • Partner with Microsoft, Google, and dozens of other vendors to match you with the right technologies and services.
  • Stay with you for the long haul, managing your services, supporting your team, and keeping your IT services in sync with your changing business needs and priorities.

“Nothing happens unless first we dream.” – Carl Sandburg

Cumulus Global began with a vision and a dream that an emerging technology — cloud computing — could transform how small and midsize organizations would use technology to thrive and grow.  We remain actively involved with industry organizations so we may continue to look forward, identify shifts, and pursue new opportunities for, and with, our customers.

Where are you now? Where do you want to be?

Partner with us. Let us help you dream, set goals, and execute plans.  Please contact us to start, or continue, the conversation.

Recalibrating Your IT Strategy

Back in September 2020, in the heart of the COVID-19 pandemic, Garter published a leadership article on IT Strategy entitle, “Decide Now How Much to Recalibrate IT Strategic Plans.” The article, within the context of the pandemic, discusses how IT leaders might decide the scope of changes to strategic plans.  While intended for enterprise and upper mid-market CIOS, the article brings forward some valid points for the small and midsize businesses we serve.

Understand Changes to Your Business

In the midst of change, particularly when the triggers are beyond our control, assessing the scope and impact is difficult.  By stepping back, we can assess the current, and expected, changes both impacting our businesses and within.

  • Is your business still in response? Or have you moved into recovery and renewal?
  • How have new work models — in-office, at home/remote, and hybrid — altered the way your employees work?
  • What do you expect the mix to be going forward?
  • To what extent have your business’ strategy or tactics changed?
  • Are these near-term, longer-term, or transitional in nature?

Map Business Changes to IT Plans and Services

With an understanding of the impact and on-going changes to the business, you can assess your IT strategy and tactics.

  • How have changes affected the business model, markets, or operations of the business?
  • What changes to  business goals, objectives, or strategies need to be reflected in your IT services, strategy, or tactics?
  • Did you add any new or temporary capabilities/services that you no longer need — or that should be made permanent?
  • How might changes be impacting your costs, risks, or value proposition of your IT services and systems?

Rate Changes and Impacts

With the above in mind, rate the impact of business change on your IT plans and services.

  • Critical
    • Business direction and/or operations warrant a new IT strategy and a re-alignment of most IT services.
  • Major
    • Your IT strategy needs adjustments with significant changes to IT services and priorities.
  • Minor
    • Your IT strategy and services remain valid, but the priorities and timing of your plans need to adapt.
  • None
    • Your existing strategy and services continue to meet your IT and business needs.

Adjust Your Plans Accordingly

Understanding the scope and impact of changes to your IT strategy, plans, and services, you can recalibrate and move forward in a structured, efficient manner.

  • Reprioritize
    • Determine which initiatives to start, stop, pause, or reset.
    • Identify IT services that should be removed or normalized.
  • Communicate
    • Share changes, priorities, and reasons with your team to build ground-level support.
  • Reset Metrics
    • Determine how you want to measure change and results — cost savings, productivity, etc.

Whether your business and IT services going forward need minor adjustments or major rework, Cumulus Global can assist in your planning and execution. Contact us for a complimentary session with one of our Cloud Advisors.

5 Ways to Improve Work from Home

Networks and Connectivity

The Covid-19 pandemic proved that work from home and remote work was viable and productive for more employees than previously believed or acknowledged.  Necessity is a great motivator. Our businesses, employees, and customers responded, adapted, moved forward.  In the process, we have identified new benefits and pitfalls with remote work. Looking forward, our emergence from the COVID-19 pandemic is not a clear as hoped or predicted. The virus is here to stay and the impact on our lives is yet to be fully understood.  Our normal is not necessary “new”, but continues to evolve.

While we cannot predict the full extent of the shift, remote work, hybrid work, and work from home will be the norm. 

Business need to continue to assess, plan, and adapt.  Here are 5 ways we can improve work from home and hybrid remote/in-office work environments.

1 Device-as-a-Service

Device-as-a-Service, particularly remote desktop and virtual desktop infrastructure solutions, have clear benefits for new office norms. You can:

  • Provide a secure access to applications and systems with consistency regardless of where your employees are working
  • Better manage the computing environment, separating your business’ computing from the local device
  • Use existing, older laptops and desktops, thereby reducing hardware upgrade costs driven by operating system and application upgrades
  • Leverage Chromebooks as end user devices, lowering your total cost of ownership

2 Pick a Video Conferencing Service

Picking a standard video conferencing service lets you manage how you communicate internally and with customers. The right choice can also save you hundreds of dollars per year per employee while giving you and your team the features and functions they need to manage meetings and work efficiently.  By selecting a preferred service, you can invest the time and effort to integrate the service with your productivity and collaboration suites. An small investment in teaching employees how to fully use the solution also pays dividends.

3 Improve Employees’ Internet

You would never allow your Internet service to slow down work at the office. You should not allow home Internet speeds to slow down your remote employees. Reimbursing employees for increasing their Internet speeds improves productivity and morale. Providing employees with better WiFi routers and access points ensures their connections are available and reliable. Note: a few states require employers to reimburse home Internet services based on the percentage used for work.

4 Secure Your Remote Workers

Unless you provide the equipment and services, you cannot control your employees’ home networks and systems. At the same time, you want and need to secure your applications, data, and network. To do so:

  • Use multi-factor authentication (MFA) or two-factor authentication (2FA) whenever possible to control network, system, and application access.  MFA and 2FA are the simplest means of preventing hackers from using compromised user identities or credentials.
  • Upgrade home computers with additional, advanced threat protection services.  Many of the next-gen solutions offer greater protection from modern attacks and are designed to work with existing anti-virus solutions that may be installed on the device. Some of these solutions also provide tools for remote support.
  • Consider using physical security keys that provide authentication codes without the need for a smartphone or other device.

5[/av_dropcap1 Protect Your Remote Resources

Whether using a company provided laptop or a personal computer, problems at home are disruptive and take longer to diagnose and repair than in-office problems. While Device-as-a Service solutions separate the risk from the physical device, employees using their local machines are at risk.  At a minimum, ensure that you are backing up and can recover applications and data on remote laptops and desktops. If an employee performs critical or time-sensitive tasks, consider a continuity solution that enable the employee to return to work within minutes rather than hours.

[av_hr class='custom' icon_select='no' icon='ue808' font='entypo-fontello' position='center' shadow='no-shadow' height='50' custom_border='av-border-thin' custom_width='50px' custom_margin_top='30px' custom_margin_bottom='30px' custom_border_color='#7bb0e7' custom_icon_color='' id='' custom_class='' template_class='' av_uid='av-2zlcpx' sc_version='1.0' admin_preview_bg='']

Whether work from home, remote work, or hybrid work will be strategic or tactical for your business, you can improve the security and employee experience with minimal cost.  We are here to help you assess, plan, and update your IT services to best meet your needs — and budget.  Contact us for an initial consultation.

 

need to continue to assess, plan, and adapt.  Here are 5 ways we can improve work from home and hybrid remote/in-office work environments.

[av_dropcap1]1 Device-as-a-Service

Device-as-a-Service, particularly remote desktop and virtual desktop infrastructure solutions, have clear benefits for new office norms. You can:

  • Provide a secure access to applications and systems with consistency regardless of where your employees are working
  • Better manage the computing environment, separating your business’ computing from the local device
  • Use existing, older laptops and desktops, thereby reducing hardware upgrade costs driven by operating system and application upgrades
  • Leverage Chromebooks as end user devices, lowering your total cost of ownership

2 Pick a Video Conferencing Service

Picking a standard video conferencing service lets you manage how you communicate internally and with customers. The right choice can also save you hundreds of dollars per year per employee while giving you and your team the features and functions they need to manage meetings and work efficiently.  By selecting a preferred service, you can invest the time and effort to integrate the service with your productivity and collaboration suites. A small investment in teaching employees how to fully use the solution also pays dividends.

3 Improve Employees’ Internet

You would never allow your Internet service to slow down work at the office. You should not allow home Internet speeds to slow down your remote employees. Reimbursing employees for increasing their Internet speeds improves productivity and morale. Providing employees with better WiFi routers and access points ensures their connections are available and reliable. Note: a few states require employers to reimburse home Internet services based on the percentage used for work.

4 Secure Your Remote Workers

Unless you provide the equipment and services, you cannot control your employees’ home networks and systems. At the same time, you want and need to secure your applications, data, and network. To do so:

  • Use multi-factor authentication (MFA) or two-factor authentication (2FA) whenever possible to control network, system, and application access.  MFA and 2FA are the simplest means of preventing hackers from using compromised user identities or credentials.
  • Upgrade home computers with additional, advanced threat protection services.  Many of the next-gen solutions offer greater protection from modern attacks and are designed to work with existing anti-virus solutions that may be installed on the device. Some of these solutions also provide tools for remote support.
  • Consider using physical security keys that provide authentication codes without the need for a smartphone or other device.

5[/av_dropcap1 Protect Your Remote Resources

Whether using a company laptop or a personal computer, problems at home are disruptive and take longer to diagnose and repair than in-office problems. While Device-as-a Service solutions separate the risk from the physical device, employees using their local machines are at risk.  At a minimum, ensure that you are backing up and can recover applications and data on remote laptops and desktops. If an employee performs critical or time-sensitive tasks, consider a continuity solution that enables the employee to return to work within minutes rather than hours.

Whether work from home, remote work, or hybrid work will be strategic or tactical for your business, you can improve the security and employee experience with minimal cost.  We are here to help you assess, plan, and update your IT services to best meet your needs — and budget.  Contact us for an initial consultation.

 

The Kaseya Attack Effect

Data Protection & SecurityThe Kaseya attack demonstrates how cyber crime is a big, organized business.  How big? You can subscribe to “Ransomware as a Service” and outsource attacks on your intended targets.  How organized? Hacker groups and service providers, such as the REvil Ransomware Group and DarkSide, actively manage their brands and reputations.  The REvil attack on Kaseya shows us that cyber criminals are technically advanced and operationally sophisticated. The nature of the attack, and its scope, should scare you.

By using known vulnerabilities in Kaseya’s VSA Remote Monitoring and Management system, REvil was able to create an automated ransomware distribution network. They used the very systems that Managed Service Providers (MSPs) use to monitor and manage customer servers, computers, and networks.

The Impact

MSPs update their Kaseya VSA servers automatically installed the Ransomware on their customers’ systems, as well as their own. Best estimates are that up to  1,500 small and medium-sized companies are victims. While this number seems small, those 1,500 business face an existential threat. Remember: more than half of businesses victimized by ransomware fail within six months.

Most MSPs shut down their Kaseya VSA services before spreading the ransomware. These firms had no ability to monitor, manage, or remotely support their customers. Customers facing IT issues were met with longer diagnostic and resolution times, resulting in business disruption, lost productivity , and the possibility of data loss.

As a managed cloud service provider, Cumulus Global does not use the Kaseya VSA system.  Our clients were not at risk, via our services, from this attack.

The Lessons

We were on the sidelines for the Kaseya attack. We understand, however, that the way in which may cloud services are managed create connections between vendors, resellers, partners, and customers. While these connections do not generally provide any access to customer data, they do provide access to management functions and information about users.  This information, in turn, could be used to improve the effectiveness of phishing attacks, spoof identities, and gain access to systems.

As a trusted IT advisor and a managed cloud service provider, we are part of a connected supply chain. We take our responsibility to secure our part of that chain seriously. While we follow commercially accepted best practices for security and privacy, the Kaseya attack warns us to step back and re-evaluate our strategy, policies, and procedures.

Our Next Steps

Cumulus Global is conducting an internal review of all of our internal and operational systems, including vendor portals and services we use to order, provision, manage, and support cloud services. As part of this review we are examining our policies and procedures related to:

  • Identity management and protection
  • Access to the systems
  • System level permissions related to function and data
  • Roles and responsibilities with respect to security and privacy
  • Business continuity plans and capabilities

Through this process, we are challenging our assumptions, re-assessing how we operate security and effectively, and raising our expectations for how well we protect ourselves and our customers.

We will also be making recommendations to our clients, and the broader community, on steps they can take to improve their security profile and protections.

Your Next Steps

As a user of cloud services, and technology in general, have responsibilities as well.

We Can Help

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Quick Guide to Your Google Workspace Transition

Google WorkspaceIn October 2020, Google announced the transition of its productivity platform from G Suite to Google Workspace.  More than a simple branding change, the transition includes significant changes to your subscription options, features/functions, and pricing.

Big Picture

  • Google Workspace has two subscription tiers: Business and Enterprise
    • The Google Workspace Business tier offers three subscription options: Business Starter, Business Standard, and Business Plus
      • You may mix and match subscription types within the Business tier based on user and group needs
      • You total user count (licenses) cannot exceed 300
    • The Google Workspace Enterprise tier offers two options: Enterprise Standard and Enterprise Plus
      • You may mix and match subscriptions within the Enterprise tier
      • You have no limited on the number of user licenses

Big Impacts

Vault

As part of the repackaging, Google Vault is no longer available as an add-on.  G Suite Business subscriptions and G Suite Basic subscriptions with Vault as an add-on, will need to move some or all of their users to Google Workspace Business Plus.  At standard pricing, this means a price increase from $11 or $12 per user per month up to $18 per user per month.  For businesses that need Vault for regulatory or industry compliance, this increase in unavoidable.

License Counts

From companies with more than the 300 users, Google is forcing a move to the Google Workspace Enterprise tier.  While Google offered a grace period allowing companies with more than 300 users to transition to Google Workspace Business subscriptions for up to 3 years, the offer has expired and is not expected to return.

The impact is a standard price increase from G Suite Basic and G Suite Business at $6 and $12 per user per month, respectively, to $20 per user per month for Workspace Enterprise Standard.  As noted, below, we can help with transition incentives and discounts to help mitigate the increase.

Storage

Workspace Business Standard and Workspace business Plus have 2TB and 5TB per user, respectively. This storage is pooled and available to all users, reducing the likelihood that specific users will need additional storage space.  While rare, some businesses running G Suite Business with unlimited storage are above those limits.  This will also become an issue over time for some businesses, particularly those that work with large files, such as CAD, images, and video.

Big Incentives

Working with Google, we are able offer incentive and discounts for transitioning from G Suite to Google Workspace.

  • Incentives and discounts are greater if you transition before your annual renewal date
  • Greater discounts exist if you are willing to commit to a 2 or 3 year term, instead of a 1 year term
  • Incentives change quarterly and, generally, become less generous over time, so reach out to us for details and your specific options
  • We will work with Google to address any unique requirements and circumstances

Incentives and smart subscription and license planning will save you money and mitigate any cost increase related to your transition.

Your Next Steps

  1. Check out our Quick Guide – Google Workspace Transition that covers migration paths and the impact on features and costs.
  2. Contact us to discuss and map out your transition from G Suite to Google Workspace, or use schedule a brief call with one of our Cloud Advisors directly.


Google Drive for Desktop Unification

In February 2021, Google announced the unification of the two existing Google Drive sync clients. The Backup and Sync and Drive File Stream agents will merge into a single client called Google Drive for desktop. This unified sync client provides a consistent experience for anyone who uses Drive for business, education or personal purposes.

Starting July 19, 2021, Backup and Sync will support a guided flow to help users transition onto Drive for desktop.

We recommend a managed deployment.  Deploy Drive for desktop to your users currently on Backup and Sync and encouraging them to complete the guided flow onto Drive for desktop before August 18, 2021. Any users still on Backup and Sync after that point will receive in-product notifications prompting them to transition to Drive for desktop.

Impact and Timing

Backup and Sync will remain available through October 2021. Any users still on Backup and Sync after that point will no longer be able to sign in to Backup and Sync. To continue syncing with Drive and/or Google Photos, users will need to transition to Drive for desktop.

To understand what’s changing, please see Google’s support article.

If any end users in your organization are currently using both Backup and Sync and Drive for desktop (not very common), they will be automatically prompted to consolidate their sync client usage onto Drive for desktop in July 2021.

Next Steps

If you require or prefer a controlled deployment, we recommend deploying Drive for desktop to your users currently on Backup and Sync and encouraging them to complete the guided flow onto Drive for desktop before August 18, 2021.

Please contact us if we can help you

  • Determine the number of users running Backup and Sync
  • Communicate with users about the change, or
  • Help manage your users’ transition

Assistance is covered under our Admin Service and Premium Service offerings, and is available as a stand-alone project.

The State of SMB Cyber Security

Data Protection & SecurityGone are the days when cybercrime was exclusively a big business problem. In the modern workplace, all businesses are at risk, regardless of their size or industry. Today, we recognize that implementing a cyber security program, much like hiring people and growing sales, is an essential part of running our companies.

With 43% of cyberattacks targeted at SMBs, it’s not surprising that many have identified cybersecurity as a priority. And while most of us have deployed protections, it is challenging to know if you have the right balance of protection relative to your risk.

Here are 4 key findings from research conducted by Microsoft:

01 Businesses understand that cybercrime is a problem, but understate the severity of the threat and overestimate their preparedness

The vast majority of businesses (85%) cite cybercrime as a concern, and more than half (56%) believe it is a top priority. Businesses are backing up this belief with action. Most have begun to invest both time and dollars into protecting their company from hackers and other malicious actors.

However, when you look a little deeper, it becomes clear that many have underestimated their risk. 74% of businesses don’t believe they are likely to be attacked at all and that corporations are two times as likely to be attacked.

90% of businesses say they have the right protections in place to prevent an attack, and those with more than 50 employees are even more confident. It is encouraging that businesses are investing in security, but the reality is that they are at greater risk than they think. Nearly half (41%) have been attacked

02 Small and medium-sized businesses are just as likely to be attacked as large corporations

For solutions that do cost money, businesses allocate about 15% of IT budgets go to cybersecurity,  and  21% plan to increase how much they spend protecting the company. Businesses recognize that this investment is worth it because three out of four know that it costs more to recover from an attack than it does to prevent one.

03 Employees can be a business’s biggest protection and also their biggest threat

As a small business owner, you face many of the same threats as larger businesses, but also unique challenges.

Given the number of security events tied to employees, businesses run the risk of underestimating the threat of employees leaking data or  sharing sensitive information, whether maliciously or accidentally.

Insider threats take several forms. Employees or partners may find it more convenient to transfer sensitive data using personal email or an unsecure cloud drive, not realizing the risk to your company. In fact, 30% of security events are attributed to careless or uninformed employees. More alarming is the roughly 36% of attacks where a malicious employee steals sensitive data.

04 Businesses have begun taking steps to protect themselves and there is a set of solutions and practices available to them

Most small and midsize businesses don’t have the same scale of resources to combat security threats and implement cyber security solutions as larger entities.

Fortunately, there are right-sized solutions and strategies designed to overcome the unique vulnerabilities of smaller companies. An effective security strategy doesn’t have to be expensive—or time-consuming. With a few simple, no-cost/low-cost steps, you can make a significant  impact on your company’s overall security profile. The key is to match security to your business needs and your budget.

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Security Threats: 3 You Know and 1 You Should

Data Protection & SecuritySecurity threats take many forms. Most owners of small and medium-sized businesses (SMBs) are aware of the need to defend against the top three — viruses, ransomware, and phishing attacks — but their organizations are generally not as prepared to deal with the risks related to employees leaking data or sharing sensitive information, whether maliciously or accidentally.

1 Viruses

According to research conducted by Microsoft, infection by a computer virus is the most commonly cited among security threats facing businesses. Preventing viruses requires an integrated approach to endpoint and identity management, including:

  • Deploy next-gen antivirus software, with advanced threat protection, installed and updated, on all devices
  • Use web filtering and monitoring services to prevent infection, even from trusted sites
  • Roll out mobile device management to secure work devices (including laptops and desktops), as well as personal devices used for work
  • Enforce the use of multi-factor authentication as part of an integrated identity and access management solution

2 Ransomware

Ransomware is a type of malware that restricts access, encrypts files, or even stops you from using your systems. Like viruses, ransomware can enter the company through insecure endpoints or unsuspecting users.

While virus protections also protect against ransomware, no protection is perfect. You need to be ready to respond and recover in the event of a successful cyber attack. Here are some solutions and services you should have in place:

  • Backup your data and system images, in the cloud, to ensure your ability to restore and recover
  • Encrypt all data, at rest and in motion
  • Deploy business continuity services to spin-up copies of servers in parallel with remediation
  • Pre-arrange access to forensic, legal, and communications resources to ensure a proper business response
  • Acquire cyber insurance to cover remediation, recovery, and regulatory costs, along with lost revenue

3 Phishing Attacks

The majority, 67 percent, of cybersecurity professionals surveyed consider phishing to be the greatest security threat facing your business and employees. To protect your people, your data, and your business:

  • Configure advanced threat protection services to identify and block attacks via email using links and/or attachments
  • Monitor inbound and outbound email traffic
  • Provide your team with awareness training to recognize problem emails, and how to respond/act
  • Instruct your team to report suspicious messages, links, and attachments
  • Deploy domain level services to prevent identity-spoofing

!! Internal Leaks & Threats

Insider security threats are often overlooked. Surveys indicate that 53% of organizations have experienced insider attacks against their organization.

These risks take several forms. About 37% of internal leaks can be attributed to careless or uninformed employees. In many cases, these employees are using personal, less secure or unsecured services to conduct business.  Whether consumer versions of email or cloud drives for sync and share, these “shadow IT” services pose a significant risk.

While the majority of internal leaks and threats are unintentional, 36% of internal leaks are identified as attacks by a malicious employee.

To prevent data leaks and breaches, you should:

  • Actively manage access and permissions to networks, systems, applications, and data; periodically review permissions for compliance
  • Leverage features within your systems that help you manage and protect confidential and proprietary information
  • Deploy information protection solutions, such as Data Loss Prevention (DLP) and document/message level encryption, to block sensitive data from leaving your control

>> Take Action

All of the suggestions, above, fall within our CPR best-practice model for cyber security: Communicate & Educate; Prevent & Protect; Respond & Recover.

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Productivity Suite Assessment Helps Small Businesses Choose or Improve their Cloud

May 25, 2021 – Westborough, MA – Cumulus Global is pleased to announce the launch of its new Productivity Suite Assessment, a consulting service that helps small and midsize businesses (SMBs) determine which productivity suite best meets their needs and how to fully utilize the suite to improve productivity and support business goals. Whether considering, or currently using Microsoft 365 or Google Workspace, the productivity suite is the foundation for IT services. The right match is about more than the marketing hype and basic features. The right match integrates with how you work and other systems to support business goals, needs, priorities, and budget.

“For businesses not yet in the cloud, we guide them to the best fit and solution,” stated Allen Falcon, CEO of Cumulus Global. “For those only using some of the Microsoft and Google suite services, we help them fully adopt, utilize, and leverage capabilities.”

The Productivity Suite Assessment gives businesses:

  • A comprehensive review of current technology platforms and how well they are serving the business
  • Expert analysis of challenges, gaps, and opportunities to improve productivity and efficiencies
  • Recommendations: “what” technologies are a best fit and “how” to leverage them for greatest impact and value
  • Savings on implementation of recommendations.

“We help businesses decide if Microsoft 365 or Google Workspace best aligns with their operations and technologies. More impactfully, we identify under-utilized capabilities and guide adoption,” noted Falcon. “Using these recommendations, businesses improve processes, empower employees and teams, reduce costs, and enable growth.”

The Productivity Suite Assessment follows Cumulus Global’s best-practice methods.  The three phase project includes: detailed discovery, thorough analysis; and recommendations with guidance on implementation and adoption.  Cumulus Global partners with both Microsoft and Google, providing objective analysis and recommendations. Founded in 2006, Cumulus Global has 15 years experience delivery cloud solutions to small and midsize businesses.