The Kaseya Attack Effect

Data Protection & SecurityThe Kaseya attack demonstrates how cyber crime is a big, organized business.  How big? You can subscribe to “Ransomware as a Service” and outsource attacks on your intended targets.  How organized? Hacker groups and service providers, such as the REvil Ransomware Group and DarkSide, actively manage their brands and reputations.  The REvil attack on Kaseya shows us that cyber criminals are technically advanced and operationally sophisticated. The nature of the attack, and its scope, should scare you.

By using known vulnerabilities in Kaseya’s VSA Remote Monitoring and Management system, REvil was able to create an automated ransomware distribution network. They used the very systems that Managed Service Providers (MSPs) use to monitor and manage customer servers, computers, and networks.

The Impact

MSPs update their Kaseya VSA servers automatically installed the Ransomware on their customers’ systems, as well as their own. Best estimates are that up to  1,500 small and medium-sized companies are victims. While this number seems small, those 1,500 business face an existential threat. Remember: more than half of businesses victimized by ransomware fail within six months.

Most MSPs shut down their Kaseya VSA services before spreading the ransomware. These firms had no ability to monitor, manage, or remotely support their customers. Customers facing IT issues were met with longer diagnostic and resolution times, resulting in business disruption, lost productivity , and the possibility of data loss.

As a managed cloud service provider, Cumulus Global does not use the Kaseya VSA system.  Our clients were not at risk, via our services, from this attack.

The Lessons

We were on the sidelines for the Kaseya attack. We understand, however, that the way in which may cloud services are managed create connections between vendors, resellers, partners, and customers. While these connections do not generally provide any access to customer data, they do provide access to management functions and information about users.  This information, in turn, could be used to improve the effectiveness of phishing attacks, spoof identities, and gain access to systems.

As a trusted IT advisor and a managed cloud service provider, we are part of a connected supply chain. We take our responsibility to secure our part of that chain seriously. While we follow commercially accepted best practices for security and privacy, the Kaseya attack warns us to step back and re-evaluate our strategy, policies, and procedures.

Our Next Steps

Cumulus Global is conducting an internal review of all of our internal and operational systems, including vendor portals and services we use to order, provision, manage, and support cloud services. As part of this review we are examining our policies and procedures related to:

  • Identity management and protection
  • Access to the systems
  • System level permissions related to function and data
  • Roles and responsibilities with respect to security and privacy
  • Business continuity plans and capabilities

Through this process, we are challenging our assumptions, re-assessing how we operate security and effectively, and raising our expectations for how well we protect ourselves and our customers.

We will also be making recommendations to our clients, and the broader community, on steps they can take to improve their security profile and protections.

Your Next Steps

As a user of cloud services, and technology in general, have responsibilities as well.

We Can Help

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Quick Guide to Your Google Workspace Transition

Google WorkspaceIn October 2020, Google announced the transition of its productivity platform from G Suite to Google Workspace.  More than a simple branding change, the transition includes significant changes to your subscription options, features/functions, and pricing.

Big Picture

  • Google Workspace has two subscription tiers: Business and Enterprise
    • The Google Workspace Business tier offers three subscription options: Business Starter, Business Standard, and Business Plus
      • You may mix and match subscription types within the Business tier based on user and group needs
      • You total user count (licenses) cannot exceed 300
    • The Google Workspace Enterprise tier offers two options: Enterprise Standard and Enterprise Plus
      • You may mix and match subscriptions within the Enterprise tier
      • You have no limited on the number of user licenses

Big Impacts

Vault

As part of the repackaging, Google Vault is no longer available as an add-on.  G Suite Business subscriptions and G Suite Basic subscriptions with Vault as an add-on, will need to move some or all of their users to Google Workspace Business Plus.  At standard pricing, this means a price increase from $11 or $12 per user per month up to $18 per user per month.  For businesses that need Vault for regulatory or industry compliance, this increase in unavoidable.

License Counts

From companies with more than the 300 users, Google is forcing a move to the Google Workspace Enterprise tier.  While Google offered a grace period allowing companies with more than 300 users to transition to Google Workspace Business subscriptions for up to 3 years, the offer has expired and is not expected to return.

The impact is a standard price increase from G Suite Basic and G Suite Business at $6 and $12 per user per month, respectively, to $20 per user per month for Workspace Enterprise Standard.  As noted, below, we can help with transition incentives and discounts to help mitigate the increase.

Storage

Workspace Business Standard and Workspace business Plus have 2TB and 5TB per user, respectively. This storage is pooled and available to all users, reducing the likelihood that specific users will need additional storage space.  While rare, some businesses running G Suite Business with unlimited storage are above those limits.  This will also become an issue over time for some businesses, particularly those that work with large files, such as CAD, images, and video.

Big Incentives

Working with Google, we are able offer incentive and discounts for transitioning from G Suite to Google Workspace.

  • Incentives and discounts are greater if you transition before your annual renewal date
  • Greater discounts exist if you are willing to commit to a 2 or 3 year term, instead of a 1 year term
  • Incentives change quarterly and, generally, become less generous over time, so reach out to us for details and your specific options
  • We will work with Google to address any unique requirements and circumstances

Incentives and smart subscription and license planning will save you money and mitigate any cost increase related to your transition.

Your Next Steps

  1. Check out our Quick Guide – Google Workspace Transition that covers migration paths and the impact on features and costs.
  2. Contact us to discuss and map out your transition from G Suite to Google Workspace, or use schedule a brief call with one of our Cloud Advisors directly.


Google Drive for Desktop Unification

In February 2021, Google announced the unification of the two existing Google Drive sync clients. The Backup and Sync and Drive File Stream agents will merge into a single client called Google Drive for desktop. This unified sync client provides a consistent experience for anyone who uses Drive for business, education or personal purposes.

Starting July 19, 2021, Backup and Sync will support a guided flow to help users transition onto Drive for desktop.

We recommend a managed deployment.  Deploy Drive for desktop to your users currently on Backup and Sync and encouraging them to complete the guided flow onto Drive for desktop before August 18, 2021. Any users still on Backup and Sync after that point will receive in-product notifications prompting them to transition to Drive for desktop.

Impact and Timing

Backup and Sync will remain available through October 2021. Any users still on Backup and Sync after that point will no longer be able to sign in to Backup and Sync. To continue syncing with Drive and/or Google Photos, users will need to transition to Drive for desktop.

To understand what’s changing, please see Google’s support article.

If any end users in your organization are currently using both Backup and Sync and Drive for desktop (not very common), they will be automatically prompted to consolidate their sync client usage onto Drive for desktop in July 2021.

Next Steps

If you require or prefer a controlled deployment, we recommend deploying Drive for desktop to your users currently on Backup and Sync and encouraging them to complete the guided flow onto Drive for desktop before August 18, 2021.

Please contact us if we can help you

  • Determine the number of users running Backup and Sync
  • Communicate with users about the change, or
  • Help manage your users’ transition

Assistance is covered under our Admin Service and Premium Service offerings, and is available as a stand-alone project.

The State of SMB Cyber Security

Data Protection & SecurityGone are the days when cybercrime was exclusively a big business problem. In the modern workplace, all businesses are at risk, regardless of their size or industry. Today, we recognize that implementing a cyber security program, much like hiring people and growing sales, is an essential part of running our companies.

With 43% of cyberattacks targeted at SMBs, it’s not surprising that many have identified cybersecurity as a priority. And while most of us have deployed protections, it is challenging to know if you have the right balance of protection relative to your risk.

Here are 4 key findings from research conducted by Microsoft:

01 Businesses understand that cybercrime is a problem, but understate the severity of the threat and overestimate their preparedness

The vast majority of businesses (85%) cite cybercrime as a concern, and more than half (56%) believe it is a top priority. Businesses are backing up this belief with action. Most have begun to invest both time and dollars into protecting their company from hackers and other malicious actors.

However, when you look a little deeper, it becomes clear that many have underestimated their risk. 74% of businesses don’t believe they are likely to be attacked at all and that corporations are two times as likely to be attacked.

90% of businesses say they have the right protections in place to prevent an attack, and those with more than 50 employees are even more confident. It is encouraging that businesses are investing in security, but the reality is that they are at greater risk than they think. Nearly half (41%) have been attacked

02 Small and medium-sized businesses are just as likely to be attacked as large corporations

For solutions that do cost money, businesses allocate about 15% of IT budgets go to cybersecurity,  and  21% plan to increase how much they spend protecting the company. Businesses recognize that this investment is worth it because three out of four know that it costs more to recover from an attack than it does to prevent one.

03 Employees can be a business’s biggest protection and also their biggest threat

As a small business owner, you face many of the same threats as larger businesses, but also unique challenges.

Given the number of security events tied to employees, businesses run the risk of underestimating the threat of employees leaking data or  sharing sensitive information, whether maliciously or accidentally.

Insider threats take several forms. Employees or partners may find it more convenient to transfer sensitive data using personal email or an unsecure cloud drive, not realizing the risk to your company. In fact, 30% of security events are attributed to careless or uninformed employees. More alarming is the roughly 36% of attacks where a malicious employee steals sensitive data.

04 Businesses have begun taking steps to protect themselves and there is a set of solutions and practices available to them

Most small and midsize businesses don’t have the same scale of resources to combat security threats and implement cyber security solutions as larger entities.

Fortunately, there are right-sized solutions and strategies designed to overcome the unique vulnerabilities of smaller companies. An effective security strategy doesn’t have to be expensive—or time-consuming. With a few simple, no-cost/low-cost steps, you can make a significant  impact on your company’s overall security profile. The key is to match security to your business needs and your budget.

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Security Threats: 3 You Know and 1 You Should

Data Protection & SecuritySecurity threats take many forms. Most owners of small and medium-sized businesses (SMBs) are aware of the need to defend against the top three — viruses, ransomware, and phishing attacks — but their organizations are generally not as prepared to deal with the risks related to employees leaking data or sharing sensitive information, whether maliciously or accidentally.

1 Viruses

According to research conducted by Microsoft, infection by a computer virus is the most commonly cited among security threats facing businesses. Preventing viruses requires an integrated approach to endpoint and identity management, including:

  • Deploy next-gen antivirus software, with advanced threat protection, installed and updated, on all devices
  • Use web filtering and monitoring services to prevent infection, even from trusted sites
  • Roll out mobile device management to secure work devices (including laptops and desktops), as well as personal devices used for work
  • Enforce the use of multi-factor authentication as part of an integrated identity and access management solution

2 Ransomware

Ransomware is a type of malware that restricts access, encrypts files, or even stops you from using your systems. Like viruses, ransomware can enter the company through insecure endpoints or unsuspecting users.

While virus protections also protect against ransomware, no protection is perfect. You need to be ready to respond and recover in the event of a successful cyber attack. Here are some solutions and services you should have in place:

  • Backup your data and system images, in the cloud, to ensure your ability to restore and recover
  • Encrypt all data, at rest and in motion
  • Deploy business continuity services to spin-up copies of servers in parallel with remediation
  • Pre-arrange access to forensic, legal, and communications resources to ensure a proper business response
  • Acquire cyber insurance to cover remediation, recovery, and regulatory costs, along with lost revenue

3 Phishing Attacks

The majority, 67 percent, of cybersecurity professionals surveyed consider phishing to be the greatest security threat facing your business and employees. To protect your people, your data, and your business:

  • Configure advanced threat protection services to identify and block attacks via email using links and/or attachments
  • Monitor inbound and outbound email traffic
  • Provide your team with awareness training to recognize problem emails, and how to respond/act
  • Instruct your team to report suspicious messages, links, and attachments
  • Deploy domain level services to prevent identity-spoofing

!! Internal Leaks & Threats

Insider security threats are often overlooked. Surveys indicate that 53% of organizations have experienced insider attacks against their organization.

These risks take several forms. About 37% of internal leaks can be attributed to careless or uninformed employees. In many cases, these employees are using personal, less secure or unsecured services to conduct business.  Whether consumer versions of email or cloud drives for sync and share, these “shadow IT” services pose a significant risk.

While the majority of internal leaks and threats are unintentional, 36% of internal leaks are identified as attacks by a malicious employee.

To prevent data leaks and breaches, you should:

  • Actively manage access and permissions to networks, systems, applications, and data; periodically review permissions for compliance
  • Leverage features within your systems that help you manage and protect confidential and proprietary information
  • Deploy information protection solutions, such as Data Loss Prevention (DLP) and document/message level encryption, to block sensitive data from leaving your control

>> Take Action

All of the suggestions, above, fall within our CPR best-practice model for cyber security: Communicate & Educate; Prevent & Protect; Respond & Recover.

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Productivity Suite Assessment Helps Small Businesses Choose or Improve their Cloud

May 25, 2021 – Westborough, MA – Cumulus Global is pleased to announce the launch of its new Productivity Suite Assessment, a consulting service that helps small and midsize businesses (SMBs) determine which productivity suite best meets their needs and how to fully utilize the suite to improve productivity and support business goals. Whether considering, or currently using Microsoft 365 or Google Workspace, the productivity suite is the foundation for IT services. The right match is about more than the marketing hype and basic features. The right match integrates with how you work and other systems to support business goals, needs, priorities, and budget.

“For businesses not yet in the cloud, we guide them to the best fit and solution,” stated Allen Falcon, CEO of Cumulus Global. “For those only using some of the Microsoft and Google suite services, we help them fully adopt, utilize, and leverage capabilities.”

The Productivity Suite Assessment gives businesses:

  • A comprehensive review of current technology platforms and how well they are serving the business
  • Expert analysis of challenges, gaps, and opportunities to improve productivity and efficiencies
  • Recommendations: “what” technologies are a best fit and “how” to leverage them for greatest impact and value
  • Savings on implementation of recommendations.

“We help businesses decide if Microsoft 365 or Google Workspace best aligns with their operations and technologies. More impactfully, we identify under-utilized capabilities and guide adoption,” noted Falcon. “Using these recommendations, businesses improve processes, empower employees and teams, reduce costs, and enable growth.”

The Productivity Suite Assessment follows Cumulus Global’s best-practice methods.  The three phase project includes: detailed discovery, thorough analysis; and recommendations with guidance on implementation and adoption.  Cumulus Global partners with both Microsoft and Google, providing objective analysis and recommendations. Founded in 2006, Cumulus Global has 15 years experience delivery cloud solutions to small and midsize businesses.

Data Breaches are Still a Thing

As we speak with small and midsize business executives, we sometimes hear that cyber attacks and the risk of data breaches are no longer seen as a threat serious enough to warrant attention and spending.  We understand this hesitancy. Even with the level of media visibility, the prevalence of security solutions and a weariness of the constant focus on security can lead to the conclusion that we can let our guard down.

The reality, however, is that the rate of cyber attacks jumped about 600% in 2020.  More businesses are getting attacked and more attacks are successful.

A List of Breaches

For perspective, in the last 4 weeks, the cyber security experts at ID Agent have published data on these major breaches. Many are likely to be familiar to you or represent a major government entity.

  • Metropolitan Police Department of the District of Columbia
  • Pennsylvania Department of Health
  • The Resort Municipality of Whistler
  • CNA Financial
  • OfficeDepot
  • Personal Touch Holding Corp
  • Facebook
  • Hobby Lobby
  • Illinois Office of the Attorney General
  • Wyoming Department of Health
  • Eversource Energy
  • California State Controller
  • LinkedIn
  • The New York Foundling
  • University of Maryland Baltimore
  • CareFirst BlueCross BlueShield Community Health Plan District of Columbia (CHPDC)

The Case for Concern

The list, above, is only a sample and only represents larger breaches.  Cyber attacks hit small and midsize businesses on a daily basis. Even so, we often view protection and recovery services as insurance.  We do not want to pay for coverage; we hope we never need to use it; and we do not see the value until we are a victim.

A Model for Success

Cyber security differs from insurance. We can reduce the risk of successful attacks with foresight, planning, and protections. Our CPR Cyber Security Model balances awareness, prevention, and response.

Communicate and Educate

Involve everybody in the solution. Communicate the risks and your commitment to protecting the business and your employees. Educate your team on the risks, how to spot and report attacks, and how their behavior can prevent or help an attack.

Protect and Prevent

Implement multi-layer, multi-vector protections that focuses on your people (identities), data, applications, and systems. Use “next gen” solutions that analyze behaviors and that can learn as risks evolve.

Respond and Recovery

No defense is perfect. Have services in solutions in place that let you recover and return to operations within a time frame that protects the health of your business. More than getting data and systems back on line, we recommend that you put in place the forensics, legal, public relations, and customer service resources you will need in a cyber attack emergency.

Want to learn more?  Want to assess your cyber security protections and risks? We can help.  Email us or complete our contact form to schedule a complimentary meeting with one of our Cloud Advisors.

 

Work From Home – Office Ergonomic Checklist

Even with the pandemic and the shift to work from home (“WFH”), business owners remain responsible for making sure employees’ home work spaces are safe, comfortable, and effective.  For employees working at a computer most of the day, bad ergonomics can lead to musculoskeletal disorders (MSDs) such as tendonitis, carpal tunnel syndrome, and sciatica.  MSDs can be uncomfortable or painful for employees.  Beyond the impact on productivity and job satisfaction, MSDs often require medical treatment and can result in longer term disabilities.

When employees work from home, the are unlikely to have the same chair and workstation options as they do at the office.  Businesses should do what they can to help employees maintain good posture and relieve strain.

This short checklist can help you evaluate work from home environments. Have employees answer these questions to determine if any changes are needed and appropriate. Often, small adjustments to the work space can improve ergonomics and reduce the risk of injury.

General

  • Are items that you frequently use located close by?
  • Are items positioned equally on both sides, i.e., not all on the dominant side of your body?

Chair

  • Are feet resting flat on the floor, with hips slightly higher than knees?
  • Does the chair fit the contour of your back? If you can, adjust the back rest up or down to fit the
    natural curve of your lower back with the curve of the chair.
  • Is there a two-finger gap between the back of your lower legs and the seat of your chair? If
    possible, adjust the seat pan forward or backward to correctly fit it to the length of your legs.
  • Are both chair arms are at the same height to prevent you from leaning one way throughout the
    day?
  • Can you use your keyboard and mouse without twisting or reaching? Note: If you can’t get the
    keyboard or monitor low enough for your body type then raise your chair and use a footrest to
    obtain the ideal height for the chair, keyboard, and monitor.

Keyboard

  • Is the keyboard close to elbow level to help keep the wrists straight? Note: Don’t use high force to
    type on your keyboard as force can put strain on your muscles and ligaments.
  • Is the mouse located right next to the keyboard so it can be operated without reaching?
  • Can you move your mouse cursor from one end of your screen(s) to the other without picking it
    up? (Adjust mouse/pointer settings as needed in your software)

Computer monitor(s)

  • Can you see the display of both monitors without looking downward or to either side?
  • Does the distance from your monitor(s) to your eyes allow you to read the screen without leaning
    your head, neck, or trunk forward or backward?
  • Is the monitor positioned so the top line of the screen is no higher than eye level? Note: If you
    wear bifocals and you feel like you’re always looking down, you should adjust your monitors lower
    than the normal height to use the bifocal part of your glasses.

Varying positions

  • When possible, do you make small adjustments to your chair or backrest to keep from staying in
    the same posture for long periods of time?
  • Do you stretch your fingers, hands, arms, and torso throughout the day?
  • At least hourly, do you stand up and walk around for a few minutes periodically?
  • If possible, do you perform some of your tasks in a standing position? Note: When adjusting height of your
    desk or monitor, ensure it is on a sturdy surface with proper adjustment of your mouse also.

If you cannot answer “Yes” to most, if not all, of these questions, we can help.  Cumulus Global can provide ergonomic aids — from keyboards and wrist supports to monitor arms and sit/stand desks. Email us or complete our contact form for information and solutions.

 

Lessons Learned: Remote Workforce Security

As part of its Global Year in Breach – 2021 report, security firm ID Agent found that remote workforce security is more difficult than generally thought. With many of the changes in how we work expected to continue, as business leaders we need to embrace hybrid work as the way of the future.

Pandemic Triggers Panic

2020 and the onset of the global COVID-19 pandemic presented new challenges. The biggest challenge was cybercrime. The mix of understaffed IT departments, maintenance failures, unpreparedness, record-breaking cybercrime, and employee stress taxed IT teams and services. Cybercriminals took advantage of this golden opportunity, and businesses were hit hard.

Businesses needed to rapidly shift to remote operations. For those with older technology, this shift was especially difficult. Everybody became a remote worker. IT teams needed to become instant experts in remote workforce security. For too many businesses, it was a mad scramble to to get their teams remotely or face shutting down entirely. Many employees lacked training in remote work; many IT teams had never managed remote security at scale. A barrage of unintentional, insider threats assaulted IT teams daily.

Stress Creates Vulnerabilities

Why was the massive shift to Work from Home such a boon to cybercrime?

IT departments were unprepared and understaffed.  Only 39% of IT executives polled felt they have adequate IT expertise on staff to assist with remote work issues. Only 45% of organizations reported having and adequate budget to support remote work.

At the same time, employees were dealing with unexpected stress at home and more likely to make cybersecurity mistakes. Over 50% of respondents admitted they were more error-prone while stressed. 40% said they made more mistakes when tired or distracted. Altogether, 43% of workers surveyed acknowledged mistakes resulting in cybersecurity repercussions for themselves or their company while working remotely.

Cybercrime Complications

Chaos and confusion created opportunities for cybercriminals. Experts estimate that overall cybercrime was up by 80% in 2020. Much of that increase was from phishing attacks. Cybercriminals took advantage distracted, stressed workers, with limited IT support, and immense numbers of email. In 2020, phishing attacks skyrocketed by more than 650%. Attacks hit 75% of companies and accounted for almost 80% of all cybercrime.

Successful ransomware also jumped more than 145%. In 2020, 51% of all businesses and 40% of small and midsize businesses experienced a ransomware attack. 50% of attacks on SMBs used vicious double extortion ransomware. Ransomware will continue to top the list of cybercrime trends in 2021.

Next Steps to Stay Ahead of Remote & Hybrid Workforce Risk

Stopping ransomware and decreasing your company’s risk of a successful cyberattack against remote and hybrid workers starts with stopping phishing and its destructive effects. We have tools that help your IT team support and protect your people and your business, while also protecting your budget.

To learn more about you cyber risks, and solutions to fit your needs and budget, contact us and schedule a complimentary Cloud Advisor Session.

 

Cumulus Global takes AIM with Manufacturers

www.aimnet.orgApril 27 2021 – Westborough, MA – Cumulus Global is pleased to announce its Corporate Membership in the Associated Industries of Massachusetts (AIM). Through its membership, Cumulus Global will better understand the issues and challenges facing manufacturers. As a member, Cumulus Global will help support manufacturing as a key component of a diverse, healthy economy.

“By joining AIM, we gain access to information and ideas,” stated Allen Falcon, CEO. “A better understanding of the business issues — challenges and opportunities — facing manufactures is key. This knowledge improves our ability to design, deploy, and manage technology solutions that deliver tangible business results.”

Manufacturers, like most businesses, are adopting cloud computing as a mainstream component of their technology infrastructure.  CIO magazine reports that over 90% of all businesses use some form of cloud computing.  According to IDG’s 2020 Cloud Computing Survey, investment in cloud computing jumped 59% from 2018 to 2020.

Smart strategies, investments, and management are critical.  Cumulus Global helps small and mid-size manufacturers leverage secure, public cloud services to maximize results and value. Done properly, cloud solutions help manufactures adapt and compete in our rapidly changing economy.

“A diversified, healthy economy depends on a healthy, diverse manufacturing sector,” noted Falcon. “Our AIM membership supports advocacy for public policies that enable manufacturers to adapt and thrive. This as essential for our community and our nation.”

Cumulus Global believes that manufacturing will continue to play a critical role in our local, regional, and national economies. The company shares AIM’s commitment to innovation and sound economic policy.

About Associated Industries of Massachusetts

AIM (www.aimnet.org) is a forward-looking organization of dedicated, focused, and experienced business leaders. The association works to support public policy and provide services that enable jobs creation and economic opportunity. AIM focuses on public policy advocacy, employer services delivery, business community development, and best practice guidance for, and on behalf, of its members.