Your organization’s compliance needs are unique, whether they reflect internal policies and/or industry, federal, or state regulations. We begin with your current Google Apps or CumuluSuite environment and add the solutions and services you need.


We configure policy-based TLS encryption for every deployment we perform, providing serve-to-server encryption of email messages and attachments.  We offer multiple message level encryption services to meet your needs and priorities:

  • Archive/e-Discovery services with
    • Managed retention periods
    • Comprehensive search and analysis tools
    • Investigative and legal holds
    • Saved searches and results for investigative and legal matters
    • Full logging, audit trails, and reports
    • Secure materials delivery
  • Selective message encryption and tracking by individual end users
  • Secure portal delivery for encrypted messages:
    • End user encryption via tagging
    • Automated encryption with heuristics and rule sets
    • Recipient authentication
    • Message expiration
    • Blocked forwarding
    • Allowed replies and attached documents

Encryption of data in transit and at rest within the Google Apps or Office 365 ecosystem is not enough for many organizations. We select and combine solutions to match your needs.

  • Centralized ownership and control of cloud storage and permissions
  • Backup / recovery of all data in Google Apps or Office 365 with Managed Retention
  • Archive/eDiscovery services for Google Drive and for OneDrive and Sharepoint (coming soon)
  • Automated privacy and security scanning of documents
    • Content aware and sensitive
    • Predefined heuristics
    • Custom rule sets
    • Automated notifications
    • Automated remediation/enforcement
  • Selective encryption of documents
    • User-initiated
    • User-controlled passwords
  • Automated scanning of 3rd party apps
    • Identify and track permissions
    • Community-based “trustworthy” ratings
    • Revoke access or block apps and categories of apps
    • Permit / allow access by specific, trusted apps
    • Identifies network, cloud, and mobile apps
    • Automated notification and remediation

We help you prevent data leaks, breaches, and disclosures due to malware, hackers, and other threats.

  • Two Factor Authentication
    • Reasonable physical user verification
    • Validation on every new access device/location
    • Periodic validation per device, or validate every login
  • Web Filtering and Monitoring
    • Block malware-infected and suspicious web sites
    • Detect zero-hour security threats
  • Malware Protection
    • User-centric protection of data across multiple devices
    • Protects Mac, Windows, iOS, and Android endpoints
    • Cloud-based service with instant threat updates
    • Real-time heuristics for zero-hour threats
    • Rollback to safe system state
    • Device/endpoint-specific protection available


Cumulus Global works with your compliance team to ensure that products and services we deploy are configured to match and support the policies and procedures you have in place. Since conflicts between policies and execution can lead to compliance issues and liabilities, we help you ensure that the way systems are installed and used match the policies and procedures you have in place.

As part of this service, we may recommend policy and procedure changes to match system capabilities and features. We will also configure rules and settings within Google Apps and other services.

While Cumulus Global does not certify compliance, we will work with all members of your compliance team to achieve any certifications you require.

Cumulus Global helps you meet your documentation requirements by gathering and cross-referencing compliance documents, statements, and certifications for all systems and services we put in place. We save you the time, effort, and expense of contacting and coordinating multiple vendors and service providers.

Cumulus Global can provide independent access to your data, as is often required by the Securities and Exchange Commission (SEC), FINRA, and other regulators. In this role, we establish specific conditions when we will respond to subpoenas for information on your behalf, as well as if and when we will notify you of our actions.

This service provides target-blind investigative assistance to regulators are allowed or required by law.