Posts

3 Google Changes Happening Now

/in

Google Premier Partner

As we enter 2024, Google is making changes to further improve the email and Google Workspace user experience.  Google has three initiatives to further prevent spam, reduce cyber attacks, and expand the capabilities of Google Workspace users. Each of these three efforts can impact your subscriptions and, in many cases, the fees you pay.

  1. Google will Enforce Email Best Practices
  2. G Suite to Google Workspace Conversions Continue and Can be Costly
  3. Google is Enforcing Pooled Storage Limits

Please review each of the 3 changes and let us know if you need assistance.

1 Google will Enforce Email Best Practices

Google is leading email providers in a new effort to protect individuals from cyber attacks. While initially targeting bulk email senders, we, along with Google, encourage all email senders to adopt best practices for email validation and security.

Email remains the primary method of cyberattacks.  While phishing and ransomware remain the most common forms of attack,  business email compromise (BEC) cyber attacks are the most costly and damaging. As we noted in this blog post, DKIM and DMARC are the best methods for preventing BEC and email/domain impersonation attacks.  The post includes a link to this eBook with more detailed information. 

The relatively low cost to set up these protections and optionally monitor DMARC reports has saved small businesses like yours tens of thousands of dollars in losses.

2 G Suite to Google Workspace: Conversions Continue and Can Be Costly

As announced in October 2022, the migration from G Suite to Google Workspace will wrap up in 2024.  If you are still on a G Suite subscription, Google will automatically move you to a Google Workspace subscription on your renewal date.

What to Expect:

This migration results in significant fee increases for many organizations, as noted in prior blog posts and direct communications.

  • Accounts with more than 300 users will be moved to a Google Workspace Enterprise version.
    • G Suite Basic and Business customers will see their fees jump from $6 or $12 per user per month to $23 or $30 per user per month.
  • Google Workspace feature alignment differs from G Suite. Google will move your subscription based on the features you use:
    • As appropriate, Google will move you from G Suite Basic or Business, at $6 or $12 per user per month, to Google Workspace Business Standard or Plus, at $12 or $18 per user per month.
    • Google will move some G Suite Basic and Business customers to Google Workspace Enterprise Standard at $23 per user per month.
    • Depending on the features you use in G Suite Enterprise, at $20 per user per month, Google will move you to Google Workspace Enterprise Standard or Plus at $23 or $30 per user per month.

In addition to the initial transition from G Suite to Google Workspace:

  1. Google increased the pricing for Google Workspace Enterprise Standard from $20 to $23 per user per month
  2. Customers without an annual commitment — month to month service — 20% more for each license
  3. With pooled storage for all subscriptions, Google no longer allows you to add additional storage subscriptions

These 3 changes create additional reasons for subscription upgrades and fee increases.

What to Do:

Although Google halted its generous migration incentives and discounts early last year, we can help you avoid or mitigate fee increasesContact us or schedule time with one of our Cloud Advisors Advisors for assistance.

3 Google Will Enforce Pooled Storage Limits

As we blogged in November, Google is now enforcing pooled storage limits across all Google Workspace subscriptions.

While Google Workspace Enterprise subscriptions have unlimited storage, pooled storage limits for Google Workspace Business subscriptions as follows:

  • Starter = 30 GB per user
  • Standard = 2 TB per user
  • Plus = 5 TB per user

If you exceed your pooled storage limit, Google will place your service in “read-only” mode, which impacts your ability to create/add content.

What to Expect:

  • As you approach your pooled storage limit, Google will send you warnings.
  • If you exceed your pooled storage limit and have additional storage licenses, Google will give you up to 60 days before limiting your account. If not, you will only receive up to 14 days notice.

What to Do:

As soon as you receive either of the warnings from Google, you need to plan to either free up storage or add more storageOur blog post discusses your options in more detail. For more information or assistance, please contact us or schedule time with one of our Cloud Advisors.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

Google Upgrade Prevents SPAM and Defines Email Best Practices for 2024

/in

Google email sender guidelines updates coming in 2024: how to prepare

Google constantly works to enhance security and reduce the prevalence of spam in Google Workspace and Gmail inboxes. AI-powered defenses successfully filter out almost 15 billion undesired emails each day. Google stops over 99.9% of spam, phishing, and malware threats. Still, as spamming techniques evolve, threats to user security persist.  Google will deploy new rules for bulk email senders. These Google email sender guidelines and rules prevent SPAM using email best practices that we should all follow.

Improving Security with Google Email Validation

Starting in February 2024, Google will implement new criteria for bulk senders (i.e., accounts that send more than 5,000 messages to Gmail users in a single day). These new email sender guidelines and requirements focus on email validation, and the evaluation of an email address’s legitimacy. 

New Email Requirements for Bulk Senders:

  • Authenticate Email: Bulk senders must strongly authenticate their emails. This protects against the exploitation of loopholes by malicious actors and allows users to trust the source behind the emails they receive.
  • Enable Easy Unsubscribe: Bulk senders will be required to provide recipients with an easy, one-click option to unsubscribe from commercial emails. These unsubscription requests must also be processed within a time period of two days.
  • Send Wanted Emails: Google will set a clear spam rate threshold to protect Gmail users from receiving an abundance of unwanted emails. Notably, this measure is an industry first. 

This Change Impacts You 

If email is part of your marketing program, even if you are not a bulk sender, these rules impact you. While Google is enforcing these rules for bulk senders, following these rules improves your email results. By improving your email reputation, and reducing the risk of impersonation, your emails are more likely to land in the inbox rather than the junk or spam folder. 

Things to Consider to be Ready for The Bulk Sender Changes Happening in February 2024

1 Make sure your Domain Name Service (DNS) email settings and protocols are correct and complete.

2  Preferably, use an email marketing platform instead of your Google Workspace account for large group and bulk marketing emails.

  • Email marketing platforms give you the ability for easy un-subscribe and will provide the necessary features to comply with the anti-spam and data privacy laws and regulations.
  • Google limits the number of recipients per email and the number of emails you can send per day. Google may suspend your account if you exceed these limits.

Your Next Steps to Prepare for New Google Email Sender Guidelines

Contact us or click here to schedule a call with a Cloud Advisor  to review your DNS protocol settings and our Managed DNS Services.

For more details about Google policies that impact emails received by, and sent from, Google Workspace, review Google’s Email Sender Guidelines.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

Security Best Practices to Protect Your Admin Accounts

/in ,

Data Protection & SecurityIn any client environment, it is critical for you to protect your admin account with current security best practices. Most cloud services have multiple levels of admin accounts, including a super admin with the ability to access, manage, and change every configuration and security settings.  In many cloud services, “super admin” accounts also have blanket access to your data.  In effect your super admin and admin accounts hold the keys to your kingdom.

Protecting and managing admin accounts is critical for keeping your data and your business secure.

Here are four security best practices for managing and protecting admin accounts.

1 Multi-Factor Authentification

While we recommend multi-factor authentication (‘MFA”, also known as Two Factor Authentication or Two-Step Verification) for all user accounts, the added protection of MFA is critical for super admin and admin accounts.  MFA helps to protect your admin account by preventing somebody from using stolen or compromised credentials to access your cloud services, your data, and your business.

For Super Admin accounts, consider a FIDO-compliant security key.  These keys, or fobs, are physical devices that provide a timed access code required to log in. Keys provide the most secure method for multi-factor authentication, and are our number one recommendation when it comes to security best practices for administrator accounts.

2Secondary Super Admin Access

Even a super admin account can be lost or compromised.  Should this happen, you need a way to perform critical admin tasks while you recover the super admin account.  You have a few options, as follows.

  • Create a second, dedicated, super admin account.  While this comes with a licensing cost, you are not giving additional privileges to other admins or users.
  • Assign super admin rights to an existing admin or user. You avoid any increased fees, but grant privileges which can be accidentally or intentionally misused. These privileges can include access to sensitive data, archives, and the ability to alter security settings.
  • Engage your cloud partner/reseller. If your cloud partner/reseller has the ability to recover super admin accounts and/or reset super admin passwords, make sure you have a service or support agreement in place that covers admin account password reset and account recovery.

3Force Logout Super Admins

Day to day admin services can and should be performed by Admin accounts with permissions to perform specific sets of tasks.  User your Super Admin account for specific administrative and security tasks not permissioned to other Admin accounts.

As a Super Admin: Log in. Perform the specific task. Log out.

If possible, set your system to automatically log out Super Admin accounts if idle for a short period of time.

4Privileged Access Management

Our final best practices to protect your admin account includes Privileged Access Management, or PAM, which limits access to critical security and administrative functions. Permission is granted to specific functions, upon request by another Admin or the system, for a limited amount of time. Using PAM provides additional tracking of who/when/why for critical settings and tasks.

Call To Action

Take a look at your cyber security. Complete our Rapid Security Assessment (free through June 2023) for a review of your basic security measures.

Contact us or schedule time with one of our Cloud Advisors to discuss your cyber security protections and/or your broader security needs, priorities, and solutions.

About the Author

Chris CaldwellChristopher Caldwell is the COO and a co-founder of Cumulus Global.  Chris is a successful Information Services executive with 40 years experience in information services operations, application development, management, and leadership. His expertise includes corporate information technology and service management; program and project management; strategic and project-specific business requirements analysis; system requirements analysis and specification; system, application, and database design; software engineering and development, data center management, network and systems administration, network and system security, and end-user technical support.

5 Strategies for How Technology Can Improve Collaboration in the Workplace

/in

A work environment that doesn’t encourage teamwork and collaboration is one of the top 5 reasons people quit their jobs, according to research by Ernst & Young. Many businesses face growing workplace collaboration needs with aging technologies, making it vital to ask the question, how can technology promote collaboration and teamwork?

We need modern technology for team solutions — secure, reliable, scalable, and cost-effective — that make workplace collaboration efficient, effective, and enjoyable.

Here are 5 Technology Strategies to Help Improve Workplace Collaboration

Workflows can be improved by digital collaboration in the workplace in a variety of ways. Here are five proven strategies how technology can improve collaboration in the workplace.

1. Use a Chat-Based Workspace to Improve Collaboration

Team members often get stuck waiting for the feedback and sign-off they need to drive a project forward. Back-and-forth scheduling for conference calls burns up time and energy. When they finally do get on a call, edit documents, and send out the revised versions, they’re often stuck waiting again for sign-off.

Workplace productivity changes when your team can quickly get coworkers and decision-makers on group or private chat, or in an online meeting with co-authoring. Teams can review, discuss, edit, and approve documents in real time, and workplace collaboration will vastly improve.

2. Improve Online Meetings

Technology mishaps should be a thing of the past, especially struggling to participate in virtual meetings.  Too often, difficulty with connections or the joining process interrupts and delays meetings. These problems discourage people from working together and creates a barrier for our increasingly mobile workforce.

Empower employees to have better meetings with a single meeting application that integrates with the rest of your collaboration and productivity software.

online meetings can improve workplace collaboration

A positive meeting experience produces positive results for you and your organization, which is another benefits of modern workplace technology for team collaboration.

3. Break Down Work Silos and Improve Collaboration

All too often, team members are heads-down in their work and unaware of the knowledge and efforts elsewhere in your business. Lack of information and duplication hurt morale and have a material cost to your business.

Using a social network tool brings conversations online. Your team uses social networking in their personal life; bringing social tool into your business provides a means for your team to share ideas, information, and interests. With remote and hybrid workers, you can encourage and capture the informal conversations that foster collective intelligence, collaboration, and innovation.

4. Simplify File Sharing

Haven’t we had enough of emailing files and waiting for feedback and revisions.  The process of juggling messages and multiple copies with edits is an inefficient relic from the days of typewriters and routing slips.

Take advantage of the collaboration features of cloud-based file services:

  • Access documents anywhere, whether online or offline
  • Collaborate in a single document that’s always up to date
  • Seamlessly share large files
  • Use built-in chat functionality to discuss edits within a document
  • Control permissions of contacts inside and outside the company

5. Move from a Patchwork of Apps to a Productivity Suite

In our new mobile society, we are accustomed to downloading apps at home and in the office. The result: a hodge-podge of applications that all do different things, have different sign-ins, and may not deliver the security and compliance you want and need. By utilizing productivity tools, you will be better prepared for changing work environments and will be able to collaborate more effectively with the assistance of modern technology.

Conclusion on How Technology Can Improve Workplace Collaboration

Moving to, and fully utilizing, a productivity suite gives your team the right digital tools to get their work done, the resources to communicate and collaborate, the integration to eliminate duplicate data and effort, and the security to protect your information, your people, and your business. Do not just deploy technology and hope for better workplace collaboration; help your team understand the apps, tools, and features they can use to be more efficient, productive, and successful.

For more on the topic, check out the eBooks and whitepapers in our Library. Better yet, schedule an introductory call and connect with our team of Cloud Advisors.

4 Approaches to Better Meetings and Effectiveness

/in

Without a doubt, meetings remain an essential part  of running your business. They ensure your teams stay on the same page with the information they need to get things done; they connect you with your customers; they help build stronger relationships. Unfortunately, meetings can also waste time and resources—ultimately costing your business.

Here are 4 Ways How to Make Meetings More Effective

1. Define the need

The first step for how to make meetings more efficient comes down to defining the need. If you’re approaching meetings without a clear agenda they will often be unproductive.  In order to improve workplace meetings, ask yourself these 6 questions to determine whether a meeting is necessary.

  1. What is the action item of the meeting: decisive or informing?
  2. What is the size of the meeting?
  3. Is the meeting simply to inform a handful of people, can a memo or email share the information?
  4. Will the meeting solve a problem?
  5. Is there a better alternative, such as using a tool with real-time chat or team announcement features?
  6. Will canceling a meeting negatively impact your employees’ abilities to complete their work?

Once you’ve determined the answers to the six questions above, you’ll be one step closer to better meetings.

2. Simplify Meetings for Success

A positive meeting experience produces positive results for you and your organization.

  • Follow a clearly planned agenda to minimize distraction from your primary purpose and keep your meeting on track
  • Make your expectations crystal clear, and this includes expectations for meeting participation
  • Keep meetings short to improve how employees do their jobs and help steer tangential discussions back on track
  • Ensure all members understand their role to create accountability and produce better meetings

3. Meet like a pro

Lessons learned help improve success, particularly with growing use of inclusive and modern meeting technologies for collaboration. Below we describe approaches to planning meetings for more effectiveness.

  1. Provide a clear agenda
  2. Keep time in mind: start and end on time
  3. Ease the burden of not-taking by recording or capturing a transcription of the meeting
  4. Provide visuals to help members follow along
  5. Send a post meeting recap: Reiterate key discussions and decisions; thank members for participating
  6. Define clear action items and outcomes

Another strategy that you can use to meet like a pro is educating employees on what the 4 P’s of effective meetings are. Purpose, Product, People, and Process are the four Ps required to run an effective meeting. These serve as an excellent model for making meetings more effective and successful.

4. Manage online meetings

Online meetings are here to stay, and are a key way to improve work from home if you have any remote workers. If managed well with a proper approach, online meetings create new possibilities for involving team members and sharing information through digital collaboration.

  • Ensure everyone has the right technology, invites, and call-in info.  Make sure attendees will be able to see, hear, and speak clearly
  • Keep attendance focused on those that need to be there, avoiding unnecessarily large meetings
  • Welcome members and outline how you plan to manage interactions, who speaks when, and use of the chat window
  • Use the mute features to minimize distractions
  • Keep your meeting secure using passwords and other features
  • Reduce uncertainty by recording the meeting or keeping a transcript for future reference

Conclusion on How to Make Meetings More Effective

Meeting attendees will follow your lead, so make sure it’s a strong one. By continuously honing your meeting strategies and skills, monitoring what does and doesn’t work, and actively pushing to convert decisions into action, your meetings will become more effective over time.

For more on the topic, check out The Ultimate Meeting Guide. To review your meeting tools, conference room setups, and methods, schedule an introductory call and connect with our team of Cloud Advisors.

Phishing Attacks Spike Amid COVID-19 Crisis

/in

Cyber AttackIt should be no surprise to you that we are seeing a surge in phishing and other cyber attacks, as criminals look to take advantage of the COVID-19 crisis. A sample of recent news reports illustrates the scope of the problem.

  • In April, the FBI issued a warning about COVID-19 stimulus package scams (CNET).
  • In mid-April, Google reported the daily volume of malware and phishing attack emails jumped to more than 18 million per day (The Verge).
  • Last week, TechRepublic reported a surge in phishing emails trying to exploit DocuSign and COVID-19.
  • Hackers are impersonating Zoom, Microsoft Teams, and Google Meet for phishing scams (The Verge 5/12/20).

Understand the Risk

The risk to your business, employees, and customers is greater at time when your systems may be less secure.

If your employees are using home computers while following stay-at-home orders and guidance, your risk of falling victim to an attack is significantly greater.  Most home computers do not have commercial-grade, next-generation endpoint protections and many run outdated versions of the consumer-grade products installed.

CPR is Still the Best Practice

Our model remains the best, holistic method of avoiding attacks at the human and tech levels, and for responding should something slip through.

Communicate & Educate

  • Remind your employees to be on the look out for suspicious emails, phone calls, web links.
  • Encourage your team to get help and verification if a message or interaction appears or feels suspicious in any way (better safe than sorry).
  • Consider testing employees with simulated attack messages and identify those that may need additional training and guidance.

Prevent & Protect

  • Deploy multi-factor authentication (MFA) and, optionally, single sign-on (SSO) services to prevent the use of compromised accounts.
  • Install Advanced Threat Protection solutions for inbound and outbound email to catch phishing, ransomware, and other illegitimate message.
  • Deploy “next generation” endpoint protection on computers and mobile devices to detect, prevent, and undo damage from dangerous files and applications.
  • Put Web and DNS protection services in place to prevent downloading attacks from hacked websites and identity impersonation.
  • Monitor the “dark web” for direct and third party breaches that may compromise your employees’ business accounts.
  • Take advantage of data loss prevention features built into G Suite and Microsoft 365, and consider tools to identify and prevent unauthorized access, permission errors, and data loss.
  • Eliminate the use of “shadow IT” services, particularly free or consumer-grade services by providing those capabilities to employees and making sure they know how to use them.

Restore & Recover

  • Ensure that you back up and can recover your data, regardless of location.  Your data is not just on your physical or virtual servers, it resides in your Microsoft 365 or G Suite environment, in SaaS applications like Salesforce, on desktops and laptops, and on mobile devices.
  • Put business continuity systems in place with affordable services that let you spin up and run images of your servers and workstations in a cloud data center while you recover your primary systems.
  • Have a breach response plan and service in place as an increasing number of attacks are stealing information, as effective data breach response involves:
    • Forensic analysis and recovery
    • Legal compliance with reporting requirements
    • Legal strategies to minimize liability
    • Increased customer service demand
    • Communications with customers, stakeholders, and the media
    • A potential need to provide consumer protection services
    • Cyber Insurance claims management

Fortunately for most businesses, putting these protections in place is affordable and can be done with minimal impact on your employees and their productivity.  Understand your needs, assess the value proposition (include the risks and costs of doing nothing), and deploy a solution that is the best fit for your business.

Please contact us for assistance as you evaluate your risks, needs, priorities, and solutions.

 

Customer Notice: Email Advanced Threat Protection

/in ,

Data Protection

(Updated January 20, 2020)

We continue to witness the devastating impact of ransomware, crypto attacks, and other forms of cyber attacks on our customers.  The recovery cost and frequency of attacks are increasing at alarming rates. The average cost for a small or midsize business (SMB) to fully recovery from a cyber attack has increased to between $145,000 and $180,000. This includes loss of direct business, remediation costs, damage to reputation, and employee downtime.  At the same time, the number of ransomware attacks so far in 2019 has doubled when compared with the same period in 2018.

As a managed cloud service provider, you have heard from us that you “should” have more protections in place. Our position is changing: these protections are a “must”.

Multi-factor authentication (MFA) and email Advanced Threat Protection (ATP) are necessary, baseline services for protecting your business. 

Beginning April 1, 2020, we will require and will begin adding Advanced Threat Protection to all of our customers’ email service unless you specifically opt out. If you opt out, the cost of our data recovery efforts will not be covered under our unlimited support plans (See our Support Services SLA). When we add ATP to your service, we will discuss with you when we can add MFA.

We will mitigate the cost.

We are sensitive to your budget.

  • ATP requires a technical setup and typically incurs a setup fee along with the monthly or annual subscription.  We are discounting both the setup and subscription fees for all customers. For customers requesting Priority Opt-In, we will waive the ATP related setup fees completely.
  • MFA implementation is covered by our support plans as an administrative change.  If you do not have on of our support plans, we will provide an affordable, discounted quote for the project.
  • For customers without an unlimited support plan and/or those that choose to Opt-Out, we will discount our hourly fees for recovery work.

For more information on specific discounts and pricing, and to let us know if you want to Opt-In, to have Priority Opt-In, or to Opt-Out, please visit this web page and complete the form.

We realize that this is a significant change for most of our customers.  We also understand the importance of these protections.  Please contact us with questions or concerns

Thank you for being part of our community,
Allen Falcon
CEO & Pragmatic Evangelist

Top File Sync and Share Cloud Services and Best Practices

/in ,

File sync shareFile Sync and Share Cloud Services

One of the most popular cloud applications for small and mid-size enterprises is file sync-and-share. File Sync and Share (FSS) cloud services, also known as cloud storage and file sharing services, are online platforms that allow users to store, synchronize, and share files and data across multiple devices and with other users. These services are designed to provide a seamless and efficient way to access and manage files from anywhere with an internet connection.

It makes sense: people need to share files, and most file sync-and-share services are easy to install and use. If not properly managed, however, file sync-and-sharing can result in data breaches and loss and can place your company in legal jeopardy. To minimize these risks, we recommend all businesses enact a simple set of policies that are easy to communicate, explain, and follow.

8 of the Best File Sync and Share Cloud Services

  1. Dropbox: One of the pioneers in the cloud storage industry, Dropbox allows users to store and share files, collaborate on documents, and synchronize data across devices. It offers various plans for personal and business use.
  2. Google Drive: Provided by Google, Google Drive offers a generous amount of free storage space and integrates seamlessly with other Google services like Google Docs, Sheets, and Slides for real-time collaboration.
  3. Microsoft OneDrive: Integrated with the Microsoft Office suite, OneDrive is designed to work smoothly with Microsoft products, making it an excellent choice for users who heavily rely on Office applications.
  4. Box: Box is primarily focused on business and enterprise users, providing robust security features and collaboration tools tailored for corporate environments.
  5. Apple iCloud Drive: Geared toward Apple users, iCloud Drive enables seamless synchronization of files across macOS, iOS, and Windows devices.
  6. Amazon Drive: Amazon Drive is part of Amazon’s suite of managed cloud services and offers a straightforward cloud storage solution for individuals and businesses.
  7. Sync.com: Known for its strong emphasis on security and privacy, Sync.com provides end-to-end encryption and compliance with various privacy regulations.
  8. pCloud: pCloud is known for its client-side encryption and the ability to extend storage by linking multiple accounts.

These services typically offer a certain amount of free storage space, with the option to purchase additional storage through subscription plans. They often include features like file versioning, selective synchronization, sharing controls, and collaboration tools to enhance productivity.

When choosing a File Sync and Share cloud service, consider factors such as storage capacity, security measures, compatibility with your devices and operating systems, collaboration features, and pricing options. Also, be aware of the terms of service and the provider’s approach to data privacy and security to ensure that it aligns with your needs and requirements.

Best Practices: Policies for Using File Sync-and-Share Services

To make the most of File Sync and Share (FSS) cloud services while maintaining security and efficiency, consider implementing the following best practices:

  • Employees may use file sync-and-share services, provided they have an business need to do so, use only company approved and managed services, and adhere to company policies.
  • Only company approved services should be used for file storage and sharing; employees may not use free, consumer, or public apps or services.
  • Employees must keep their usernames and passwords for file sync-and-share services secure, and must manage these passwords in accordance with company policies.
  • Only relevant business information may be stored are shared using the company’s file sync-and-share services.
  • Unless otherwise instructed, file sync-and-share services are intended for temporary sharing of files. Original versions of files should reside on company file servers or services.
  • Access to files should be removed, particularly by external parties, when no longer necessary.
  • Copyrighted, private, or secure information should only be shared if both the sender and recipient are authorized to view and/or use the information. This information should be encrypted by the file sync-and-share service, or a separate tool, before it is shared.
  • The company’s file sync-and-share services are subject central administration and management, including access controls and permissions.
  • Use of the company’s file sync-and-share services is subject to all relevant company policies regarding professional and personal conduct. The company’s file sync-and-share services are subject to company monitoring in accordance with company policies.

With these policies in place, you can provide employees with vetted file sync-and-share services that both meet employees’ needs to share and collaborate, while protecting your data, your regulatory compliance, and your business.

Why Google Changed the Mobile Search Game

/in

mobilegeddon
Guest Post: Matt Ward
President/CEO of inConcert Web Solutions

In case you are not aware, Google changed the game on April 21st as it pertains to search results on mobile devices.  Having announced the changes in February, mobile search results give preference to sites that are mobile friendly.

To be frank, Google rarely ever tells the public that there will be an update.  They are very secretive about their algorithm, keeping their secret sauce a secret to prevent anybody from “gaming” the algorithm. With these changes, Google clearly wants businesses to use best practices.  Google stated that they made these changes to improve the overall user experience on mobile devices, as mobile is becoming increasingly the method by which users access the internet and search for goods and services.

Fact and Fiction

With all the hype about “mobilegeddon”, let’s separate fact from fiction.

  • Fact:
    • They set the date, and rolled out the new algorithm on April 21st
    • They created a huge buzz
  • Fiction:
    • Your site will be banned from Google
    • This change also affects the desktop search
    • Google will call you to sell you and upgrade

Best Practices

Needing to make sure your site is mobile-friendly, let’s talk about a few best practices:

  • Contact your current web developer and ask questions about your site and any changes that have been, or should be made.
  • Don’t rely on cold calls from strangers to guide you on this change.  There are a lot of self-proclaimed “experts” calling into companies with no knowledge of their websites. These are typically automated robo-calls that imply that Google is calling. Google is not going to call you about updating your web site.
  • Test your website to be sure its mobile-friendly.
    • If it passes, great!
      • Test your site again every quarter.
      • Things change in mobile devices and technology; don’t assume if you test it once, it’s not going to ever change.
    • If not, focus your web efforts on getting your site converted.
      • It may cost less to produce a new, mobile-friendly website than to convert your existing site.
      • There are many paths to a mobile friendly site.  The cheapest path is not always the most cost-effective.
    • Focus your mobile-friendly version on driving calls to action, either clicks or calls.
      • Most site visitors on cell phones want to click and call a business, which is often easier then web surfing on a small screen.
      • Make sure you menu structure is clean and easy to follow.
      • Your most important information and calls to action should show up first

With some testing and updating, you can ensure that not only will your site be found by Google’s mobile search, but that visitors will enjoy visiting your site.

If you want to speak with an expert, please contact Matt and his team at inConcert Web Solutions. Specializing in web design & development, maintenance & marketing plans, and print & promotional services, the team at inConcert will gladly help you choose the best approach for your site and your business. 

 

 

 

Microsoft Acknowledges Security Best Practice Failures

/in


It was an easy post to miss in the run up to the Thanksgiving holiday.  On November 25, we posted the results of an Electronic Frontier Foundation (EFF) survey detailing how Microsoft fails to meet 4 out of 5 security best practices for its cloud service data centers and its customers’ data (Google and Dropbox were the only vendors surveyed that meet all 5 criteria).

This week, Microsoft acknowledged that not all customer data is encrypted in their data centers — at rest, or in transit within and between data centers.  In a ZDNet article dated December 5th, Chris Dunkett reports that Microsoft will not fully protect stored user data until the end 2014.

The article also quotes Brad Smith, Microsoft general counsel and executive vice president, legal and corporate affairs, stating that Microsoft will work “…with other companies across the industry to ensure that data traveling between services — from one email provider to another, for instance — is protected.”  Microsoft is acknowledging that they currently do not run STARTTLS services, and industry security best practice.

While Microsoft is actively positions itself as the “enterprise knowledgeable” competitor to a “consumer-centric” Google, pointing out how Microsoft runs its own large data centers. Once again, however, Microsoft fails to realize that the methods and practices used to run their own data centers do not translate to multi-tenant data centers hosting customer data.