Posts

Security Alert: Protect Your Google Apps Account from Being Hacked

Data Protection
Over the past 4 to 6 weeks, we have seen an alarming increase in the number of Google Apps accounts that have been “hacked” across both our business and education customers.

Google Apps security is NOT the issue.  ALL of the hacked accounts are due to compromised user identities.

In every case we have encountered, the users have used their Google Apps email address and password with another service that has had a breach, or has had malware on their computer that provided username and password keystrokes to the hackers.

In both types of incidents, hackers then log in as the user and cause mayhem.

We strongly recommend the following actions:

1) Educate your users that they are not to use their Google Apps password for any other account not explicitly authorized. Users should also not use their Google Apps email address as the username for personal accounts with other services.

2) Check Your Systems for malware and make sure your endpoint protection is up to the task. If not, we recommend Webroot Endpoint Protection and Web Security Services (the link is to our edu site, but the service is available to business and government customers as well).

3)  Implement Two-Factor Authentication (2FA).  In business environments, users should be using 2FA to secure their accounts.  Implementation can be involved if you have other services linked to Google Apps, as you will need to generate service-specific passwords.

In education environments, 2FA is not practical for all users, as students and many faculty members may not have mobile devices available to access the Authenticator.  For schools, we recommend any user with partial or full administrative privileges have 2FA active.


Activating 2FA is covered by our support agreements.

For customers and others without support agreements, mention this blog post and we will discount our hourly support fee by 10%; W

We will discount Webroot deployment fees by 50%.  

Both offers expire on December 31, 2014.

Please contact our Service Desk for 2FA assistance; contact Sales regarding Webroot.

 

Hangouts and Chromebox for Meetings Grow Up


Based on customer and user feedback, Google announced today a set of major improvements for both Hangouts within Google Apps and Chromebox for Meetings.

Hangout Updates

  • Hangouts is now a core Google Apps for Business product, covered under the full Terms of Service that supports Gmail, Drive, Sites, and other core services.  This means that Hangouts are eligible for Google’s support, 99.9% uptime guarantee, and is ISO 270001, SSAE 16/ISAE 4302, and SOC-2 certified.
  • Google Apps account users can now include up to 15 full participants without creating a Google+ Profile.
  • New partners, like Blue Jeans, enable people on traditional video conferencing systems to join video meetings.

Chromebox for Meetings

  • You can now connect two displays to one Chromebox for Meetings device, so you can see your audience and your projected presentation/screen at the same time.
  • From the Google Apps Admin Console, IT admins can better manage meetings, including: remotely starting meetings, muting, and hanging up meetings.

You can learn more about these features on Google’s Official Enterprise Blog post.

If you want to better understand how Hangouts and Chromebox for Meetings can help your business, please send us a note.

 

 

 

 

Chromebook SSO Eases Access Administration

google-chromebook
Single Sign-On (SSO) enables users to access multiple systems and applications with a single username and password, and a single login screen.  And while many schools and businesses use SSO for Google Apps and related solutions, Chrome devices have always required a separate login.

To easy access administration and simplify user logins, Google has launched SAML-based SSO login for Chrome devices.   Organizations running current versions of Chrome on devices registered via Chrome Management licenses can now extend their Google Apps SSO login to the registered Chrome devices.

Feel free to contact us if you would like more information or assistance with your setup.

 

Drive vs Docs = New Google URLs

google drive
Google Drive and Google Docs are no longer the same thing.  As Google expanded the file service capabilities of Drive, Docs and Drive were separated to better reflect Docs as the office productivity tools and Drive as the secure file service.

Recently, Google made changes to ensure this distinction is evident in the URLs we use to access these services.

  • drive.google.com still points to Google Drive, and drive.google.com/a/<domain> still takes you to your Google Drive page
  • docs.google.com will soon point to a new Google Docs homepage that takes you directly to the Google Doc apps

We recommend updating your bookmarks as well as your custom URL mappings.

If you need a hand with your custom URL mappings, please let us know.

Restore Google Drive Files Offers Some (but not enough?) Protection

google drive
Among the myriad of new features and upgrades announced at Google I/O this week, Google added the ability to restore users’ Drive files that have been deleted from the Trash folder.

While offering some protection, the feature is limited in its scope.

  • You cannot restore individual files; you can only restore all files deleted within a date range you provide.  The minimum date range is 1 day (24 hours).
  • You can only restore files for individual users, one at a time.
  • You can only restore files that were deleted from Trash within 25 days.
  • When restoring files, the permissions are not restored.  Only the user will have access to the files.

With these limitations, we do not expect the ability to restore a user’s Google Drive files will be of great use to most organizations.  With a limited retention period and lack of granularity, the tool provides a big shovel when most users need a spoon.

The solution also depends on users’ ability to recover information from the Trash folder, a process we find difficult at times due to the limited ability to search Trash in Drive.

True backup/recovery solutions give users and administrators that critical features that deliver more usability and effectiveness:

  • Flexible retention:  Allow organizations to implement policies related document and records management, including extended retention and removal of data past retention windows.
  • File-Level / Item-Level Restore: Most data loss and restore needs result from human error or action and impact fewer than 5 files.  Acceptable restore capabilities include the ability to restore individual files (or entire accounts) and should include the ability to select file by version or point in time.
  • Protect Meta Data:  Protect the meta data as well as the files themselves.  File ownership, permissions, etc. should be preserved and recoverable with the file.
  • Data Export:  Provide the ability to export data so that it may be migrated to other accounts and/or other systems.
  • Administrative Control:  Identify and allow backup/restore administrators that are not full domain administrators.

Absent many of these features, the ability within Google Apps to restore a user’s Drive files is a limited feature that will not meet most organizations’ needs for data protection.

Third party backup/restore solutions are still a necessary and appropriate component of a robust Google Apps environment.

Feel free to contact us if you would like to explore backup/recovery options and solutions.

For Tea Living, Inspiration Accelerates after Move to Google Apps

Tea Living INC. (teacollection.com) brings worldwide cultures and modern design to children’s fashion. Twice each year, Tea packs their bags and travels the world to explore and discover. With original, high-quality designs inspired by their adventures abroad, Tea stands for practical luxury with pieces that are easy to care for and feel great to wear. Tea has won awards in innovation from their industry peers (as well as global recognition for their use of social media and technology), which clearly points to a path of continued growth.

With increasingly rapid growth over the past several years, Tea has gone from a single office in San Francisco to three locations, including a second office in San Francisco and a customer service center in Idaho. With remote salespeople and employees regularly traveling the world, Tea’s in-house email and file sharing servers were feeling the strain. Upgrading or expanding the email server would be a costly proposition.

Tea was already exploring options for hosted and cloud email services when the unthinkable happened. “Our Exchange server crashed and the mailstore was corrupted,” states Kenner Rawdon, Network Administrator of Tea Living INC. “Without email, our ability to effectively communicate–to service our customers–was at a standstill.”

Working with Boston-based Cumulus Global, a Google Apps Premier SMB Partner, Tea was up and running with Google Apps for Business in under a day. “In less time and effort than it would take to recover our Exchange server,” notes Rawdon, “we had global access to all of our email, calendars and contacts. Even with our emergency situation, the process was remarkably smooth.”

While Tea’s initial motivation was email, the company saw many other benefits from their move to Google Apps. With continuous world travel and an endless stream of photographs and images, Tea employees use Drive to upload and share pictures and files. Without the need for a VPN connection, employees no longer struggle with multiple login steps and performance issues. Telecommuters, mobile and remote staff use Drive and Docs to collaborate in real time and across time zones. Teams share information and ideas as they arise, without the limitations of email and voicemail. Using priority inbox and filters, employees report that they are able to stay organized and remain focused.

Innovation and creativity flow more easily without all the clutter.

“The impact of Google Apps is evolutionary,” concludes Rawdon. “We continue to find ways to work more effectively and be more productive as we continue to use more features of Google Apps’ features.” As an example, Rawdon sees growing use of Hangouts as a tool for meetings and calls. “Being able to see each other, along with the designs and images we share, will help us collaborate and make decisions more effectively. This personal interaction also fits well with our philosophy and culture.”

Tea Living INC. was co-founded by Emily Meyer and Leigh Rawdon, two moms who bonded over a love of travel. The company gives back to the community through its partnership with The Global Fund for Children, Tea’s School Days program, and the company’s Inspiring Mom Awards.

New Google Sheets are Here

Google Sheets
Over the next few weeks, Google is rolling out the new version of Sheets to all users. Sheets include a many new features beyond offline access, speed, and no more limits on formula complexity and sheet size.

Spell check is not yet part of the new Sheets, but is coming soon.

You can click here to learn more about the new Google Sheets, and you can see Google’s announcement here.

For those that want to help users get the most from Google Docs, contact us about self-paced, integrated Google Apps training and other professional development options.

 

Moving from SBS? 6 Questions to Ask

NoWindows
Back in 2012, Microsoft announced the end of life for the Small Business Server (SBS) product line (see SBS End of Life: Microsoft Punishes Small Businesses).  As with any retiring technologies, some organizations will wait to move until there is a current need.  If something works, why fix it?

With Windows XP and Windows Server 2003 reach end of life as well, many are taking a new look at whether now is the time to move.

Here are 6 questions to ask before you make the move.

1) Does cloud-based email work for your business?

While many focus on why you should NOT move to cloud-based email, services like Google Apps for Business provide the security and privacy controls — and support encryption and other services — needed to meet pretty much any data protection requirement.

Focus on the value cloud-based email can provide to your business.

  • Secure access to email, from any device, at any time
  • Built in spam/virus protection
  • No monthly updates
  • No local queue errors
  • No VPN or additional web server needed
  • Affordable options for archiving, encryption, and backup/restore

2) What is the total cost of ownership?

When upgrading from SBS, organizations will need to purchase new 64-bit server hardware with additional disk space, new versions of Windows Server, new Windows CALs, Exchange Server Licenses, new Exchange CALs.  They will also need to purchase or upgrade their spam/virus protection solution and backup/recovery system.

Beyond the purchase, Microsoft still requires administrators to update software monthly — often multiple times each month — in order to maintain security patches and updates.

Moving to the cloud, organizations skip the large capital expenditure.  Cloud-based email solutions are operating expenses.  Costs are tied to the number of users, not to the amount of capacity you may use in the future.

When moving organizations to Google Apps for Business, we see customers saving 30% to as much as 70% over 3 year and 5 year TCO cycles.

3) How much disruption will end users experience?

Yes, some users are afraid to move away from MS Outlook and your existing web access for email.  When surveying users, however, we find that in most organizations, 60% to 80% already use cloud-based email services, like Gmail, personally.  The change in user experience is likely less than initial perceptions.

But, moving is a change and can have an impact.

As we move organizations to Google Apps, we include communications about the changes and opportunities for users to learn how to best use the new tools.  We make self-help learning systems — video and interactive — available to users.  We also offer customized workshops and “web office hours”.  In short, many methods exist to help users make the transition and understand how they can do more with their new email service.

4) Is the replacement system you’re considering easy to administer?

If planning to stay in-house, the answer will be “No!”.  New versions of MS Exchange include features and complexity designed to serve the needs of larger enterprises.  For small and mid-size enterprises, they live with the additional administrative burden.

Moving to cloud-based email dramatically reduces administrative requirements.  Without hardware, operating systems, and Exchange software, management of Google Apps for Business focuses on user settings and support.

5) Is the vendor committed to small and mid-sized businesses?

By deeds more than words, Microsoft is focused on large enterprises.  Recent licensing changes have removed the most affordable Windows and Exchange options for small and mid-size enterprises, increasing minimum costs by as much as 100%.

Cumulus Global, as a Google Apps Premier SMB Partner, is focuses exclusively on businesses and nonprofits with 1 to 500 employees.  We also serve K-12 education, smaller higher education, and local/regional governments.  We tailor our services to the needs of small and mid-size enterprises, understanding needs, priorities, and budgets.

6) Is the change a better value?

When moving from any in-house MS Exchange solution to Google Apps for Business, you are gaining more than a secure, reliable email service.  Google Apps is a small business productivity platform, with:

  • Integrated personal and shared calendars
  • Secure Instant Messaging
  • Voice / Video conferencing
  • Hangouts — video meetings with shared documents and desktops
  • Google Docs productivity tools — word processing, spreadsheets, and more
  • Drive for storage of Google-based and legacy files of any type
  • Local Drive sync and share, providing integration for MS Office users
  • Secure web Sites, for your intranet, projects, and customer portals
  • Integration with hundreds of business applications and services.

With more than email to offer, solutions like Google Apps for Business deliver greater value, even if additional features are not used immediately.

Gmail: Save Attachments to Drive (it’s about time!)

Drive-Attachment
Finally!  OMG!  Booyah!  Oh, Vey!

You can now save attachments directly to Drive from within Gmail messages.

Rolling out to Google Apps for Business, Government, and Education over the next week or so, you no longer need to download to your desktop or “Downloads” folder and then sync or upload files in Drive.

From inside the message, you can preview or save files directly into drive, with the ability to browse and select folders.

Click here for more info and usage examples.

Be More Social with Secure Google+ Communities

google-plusBusinesses often hesitate to use social media tools internally, fearing that information may be shared too broadly or outside the company in error.  Google has taken a major step to alleviate these concerns with the recent announcement of Secure Google+ Communities for organizations running Google Apps for Business, Education, and Government.

Going forward, all Google+ communities are only visible to people within your domain.

You can still create and share communities with external parties — customers, vendors, business partners — utilizing a new suite of management settings.

Why use Google+ Communities?

  • Encourage employees to share more information about themselves in their profiles, such as skills and interests, making it easier to find peer resources and discuss new ideas
  • Sharing files from Drive is easy, as is sharing videos
  • Threaded discussions and comments facilitate communication and teamwork, even across functional areas
  • Manage events, meetings, and hangouts
  • Better engage your Gen X and Y team members

You can learn more about the power of social tools, and other ways of getting more from Google Apps, by viewing the recording of our recent event in New York.  The event was co-hosted by Google with The Manhattan Chamber of Commerce, The 4th Bin, and Google Gooru as supporting sponsors.