Posts

Cumulus Global Recognized as a 2025 Inc. Power Partner Award Winner

/in ,

The annual list recognizes the leading B2B companies that have proven track records of supporting entrepreneurs and helping companies grow.

2025 Inc. Power PartnerWestborough, MA, November 5, 2025 – Cumulus Global proudly announces its recognition on the Inc. Power Partner Awards 2025. The prestigious list honors business-to-business (B2B) organizations that have proven track records supporting entrepreneurs and helping startups grow across a range of evaluation criteria. Inc.’s recognition of Cumulus Global spans three categories: Small & Mighty, Technology & Development, and General Excellence.

“We are incredibly proud of our team for earning national recognition for our work with small businesses,” noted Cumulus Global CEO, Allen Falcon. “As a small business ourselves, we appreciate receiving recognition for the value we bring to our small business clients and for the quality of our managed cloud services and solutions.”

Companies on the Inc. Power Partner list received top marks from clients for being instrumental in helping leadership navigate the dynamic world of startups. These B2B partners support entrepreneurs across various facets of the business, including hiring, compliance, infrastructure development, cloud migration, fundraising, and more, allowing founders to focus on their core missions. 

“The entrepreneurial journey and community are core to Inc.’s mission, and it’s a true honor to celebrate this year’s Inc. Power Partners — the companies dedicated to helping small businesses and entrepreneurs,” says Bonny Ghosh, editorial director at Inc. “Whether they’re coordinating complex marketing campaigns or reliably supporting the day-to-day infrastructure of growing companies, these honorees aren’t simply B2B providers — they are true partners in helping businesses grow and succeed.” 

 

While most IT service firms prefer to work exclusively with larger clients, Cumulus Global offers solutions and services that scale for any small or midsize business – including sole practitioners and solopreneurs. The company’s Managed Cloud Services and Security CPRⓇ managed security model and services provide secure and affordable solutions that improve productivity and empower teams to excel.

For more information or to view the complete list of honorees, visit https://www.inc.com/power-partner-awards

About Cumulus Global

Nationally recognized as a leader in managed cloud services and security, Cumulus Global delivers productive, secure, and affordable managed cloud services to small and midsize businesses, governments, and K-12 schools. Translating business objectives into technology needs and priorities, we design, deploy, manage, and support services that help our clients thrive and grow.

About Inc.  

Inc. is the leading media brand and playbook for the entrepreneurs and business leaders shaping our future. Through its journalism, Inc. aims to inform, educate, and elevate the profile of its community: the risk-takers, the innovators, and the ultra-driven go-getters who are creating the future of business. Inc. is published by Mansueto Ventures, along with fellow leading business publication Fast Company. For more information, visit www.inc.com. 

About Cumulus Global

Nationally recognized as a leader, Cumulus Global delivers productive, secure, and affordable managed cloud services to small and midsize businesses, governments, and K-12 schools. Translating business objectives into technology needs and priorities, we design, deploy, manage, and support services that help our clients thrive and grow.

Cumulus Global Awarded Cybersecurity Trademark: Security CPR®

/in , ,

The Security CPR® Model and Services Focus on Cybersecurity Needs of Small and Midsize Businesses

Westborough, MA, October 20, 2025 – Cumulus Global proudly shares that the our Security CPR® model and services received a Trademark (Registration Number 7,966,747) from the United States Patent and Trademark Office. The trademark recognizes our unique expertise and leadership. Security CPR® includes our cybersecurity risk management technical consulting; training and education; and services covering threat analysis, prevention and deterrence, remediation, and governance.

“We are excited and proud that our Security CPR® model and services received this recognition,” stated Cumulus Global CEO Allen Falcon. “Security CPR® defines and delivers cybersecurity solutions that small businesses can rely upon, understand, and afford.”

Most small businesses struggle to meet current cybersecurity demands. Without expertise or the resources of larger organizations, small businesses still need to follow state and federal laws, industry regulations and standards, and contractual obligations. Security CPR® encompasses three core components of an effective cybersecurity program.

  • Communication and Education
  • Prevention and Protection
  • Recovery and Response

“As a model and a set of services, Security CPR® adapts to your specific business needs,” notes Falcon. “We tune your cybersecurity services to match your requirements, risks, business operations, and budget.”

As part of our commitment to helping small businesses protect themselves from cybersecurity threats, we recently launched our Cybersecurity Landing Zone. The zone collates blog posts, web events, eBooks, and other resources to help small business owners navigate the ever-changing cybersecurity landscape.

To assess, plan, and improve your cybersecurity, book a free, no obligation meeting with one of our Cloud Advisors.

About Cumulus Global

Nationally recognized as a leader, Cumulus Global delivers productive, secure, and affordable managed cloud services to small and midsize businesses, governments, and K-12 schools. Translating business objectives into technology needs and priorities, we design, deploy, manage, and support services that help our clients thrive and grow.

A 5-Step Strategy for Responsible AI

/in , ,

5-Step Strategy for Responsible AI

AI is changing how our businesses operate and compete. As we rely more on AI, having strong governance is essential to ensure our AI tools are used securely, ethically, and responsibly. Our use of AI should align with your company’s values and regulatory standards.

By setting clear policies and accountability, you can reduce risks like data breaches, ethical issues, and noncompliance. Strong governance also prevents unauthorized AI use, making sure that every AI activity supports your business goals.

1 Create Comprehensive AI Use Policies

Unauthorized AI use, or Shadow AI, creates serious risks for your business. To manage Shadow AI and other risks, you need visibility, control, and guidance for your team. A well-crafted AI Usage Policy reduces the chance of mistakes or misuse and helps you responsibly manage AI usage.

Your AI usage policies should:

  • Define allowed and unallowed use of AI as a tool/resource
  • Outline principles for ethical and appropriate use
  • Specify security guidelines to ensure data protection and compliance with regulations, industry standards, and contractual obligations

Your policies should also clearly state:

  • How your team should handle your company data
  • How your team should handle and protect third party data
  • Which AI tools are approved
  • When and how team members may use external AI resources

2 Implement and Monitor Controls

Implementing access controls and monitoring systems helps you identify when AI tools are being used outside approved channels.

Create processes for:

  • Your team to request access to AI tools and services
  • Evaluating requested tools for applicable use cases, usability, security, and cost
  • Deploying new AI tools and services, including education and training

Periodically audit your environment to spot unauthorized applications before they create problems. 

Work with your team to move to authorized AI tools that provide the same capabilities or review and select a solution you can secure and support.

3 Ensure Legal and Regulatory Compliance

Compliance is a key aspect of responsible AI use. Your AI practices need to follow data privacy laws, industry regulations, and contractual obligations. 

Begin by identifying and reviewing relevant laws, industry standards, and contractual obligations related to data privacy. Identify any specific conditions or requirements related to the use of AI services.

You want to be able to demonstrate and document your compliance. Review the security compliance certifications and practices of your AI services and tools. Collect the necessary information, including how your AI tools collect, store, and use data. 

Regular audits will help catch potential issues, particularly with Shadow AI. 

Stay current with evolving legislation to ensure that your AI practices remain compliant over time.

4 Prioritize Ethical AI Practices

Ethical AI builds trust and protects your reputation. When you prioritize ethics, you show that your business values integrity and fairness, strengthening relationships with clients and stakeholders.

  • Regularly review your AI models and the data they use to remove bias and ensure transparency in decision-making. In addition to bias detection and mitigation, AI training should include diverse data sources and that results are not skewed by inherent biases.
  • Make sure your AI is fair, explainable, and accountable, so your team and clients can trust its outcomes. AI tools should articulate results and decisions in human-understandable terms. People need to be able to understand the rationale behind the AI results.
  • Ensure you have human judgement and intervention at every stage of your AI journey. Clear lines of responsibility provide accountability. Human review prevents over-use of AI, particularly in decision-making. Encourage feedback from employees, clients, and other stakeholders.

5 Train and Support Your Team

Your AI strategy will only succeed if your team knows how to use AI safely and effectively. When your team is confident in using AI, you maximize its benefits while minimizing risks.

Provide training and support that covers technical skills, applicability to relevant use cases, and ethical considerations. 

Support strategies include:

  • Offering training sessions and user guides.
  • Providing a dedicated support team for questions.
  • Offering ongoing learning opportunities as AI evolves.

How We Help

Using AI securely and ethically requires careful planning and ongoing effort. Our Cloud Advisors can help you identify use cases, select tools and services, endure data security and government, and help your team get the most from your AI investments.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

{URGENT}: Windows 10 Support ENDS on Oct. 14th. Extended Security Updates Available

/in ,

Windows 11

ACT NOW!  Support for Windows 10 officially ends on October 14, 2025. After this date, Microsoft will no longer provide software updates and technical assistance. If you are not upgrading to Windows 11, you must purchase Windows 10 Extended Security Updates to continue receiving critical and important security updates.

Without these extended security updates, continuing to use Windows 10 dramatically increases your exposure to significant risks. Your systems become prime targets for cyberattacks, ransomware, and data breaches. You risk costly downtime, loss of sensitive information, and severe compliance issues. 

Proactive planning and action are not just recommended, they are critical for your business continuity and security.

Know Your Windows 10 Options

We agree with Microsoft’s recommendation to upgrade all eligible systems to Windows 11. We also understand you may have budget constraints or compatibility issues with older software.

You can check if your PCs will run Windows 11 using Microsoft’s PC Health Check app. If your PC will not run Windows 11, you have options other than buying new devices.

Windows 10 Extended Security Updates (ESU): 

Microsoft has release pricing for ESU licenses.  The license are available as a one-time purchase for each year. You do not need to commit to multiple years up-front, you can purchase the licenses annually if needed.  The pricing is as follows:

  • Year 1 – from October 2025 to October 2026 – $61 each
  • Year 2 – from October 2026 to October 2027 – $122 each
  • Year 3 – from October 2027 to October 2028 – $244 each

Important Notes:

  • Not all systems are eligible to install the updates. To be eligible to install updates from the ESU program, devices must be running Windows 10, version 22H2. For more information on prerequisites and enabling ESU in commercial environments, see Enable Extended Security Updates (ESU).
  • ESU Program updates do NOT include: New features; Customer-requested non-security updates; Design change requests; or General support.
  • The Windows 10 ESU only includes support for the license activation, installation, and possible regressions of the ESU itself for organizations with a support plan in place.

Keep in mind, the Windows 10 Extended Security Update program serves as a temporary bridge and does not address underlying hardware or software compatibility issues related to upgrading to Windows 11.

Virtual Desktop Services: 
  • Using virtual desktop services, such as Azure Virtual Desktop, allow you to use your existing PCs to access a robust and secure Windows 11 environment. Virtual desktops work well for hybrid team members and to mitigate the cost of upgrading multiple devices.
  • Connect with one of our Cloud Advisors to explore this option.

Windows 11 Upgrade HelpPlan for Your Windows 11 Transition

Regardless of the strategy you choose, proactive planning is crucial for a smooth and secure transition. Follow these steps to ensure you’re ready:

Assess Your Current IT Environment
  • Use Microsoft’s PC Health Check app to determine which devices can run Windows 11, which can be upgraded, and which require replacement. If you use Windows 10 in embedded systems, check with your vendor.
  • Confirm which of your business-critical applications and tools are compatible with Windows 11. Identify necessary software upgrades or migrations.
Prepare Your Budget
  • Accurately map the cost of upgrading and/or replacing devices. Keep in mind that older systems, even if upgraded now, may soon require replacement.
  • Identify any software upgrade costs.
  • Keep in mind any fees for tech support or professional services. You may need or want help transferring applications and data to new devices or setting up virtual desktops.
Develop Your Transition Plan & Data Strategy
  • Plan your timing and procedures for upgrades, purchases, and migrations. Focus on preventing data loss during migration and consider staging your rollout in phases to minimize disruption.
  • Crucially, ensure all critical data is securely backed up before upgrading or migrating systems. 
  • Remember to allow time to test critical software on Windows 11 before upgrading.
Train Your Team
  • Provide resources and help your team become familiar with the Windows 11 interface and new features.
  • If you are upgrading your business software for compatibility, you may want to provide additional training on new functionalities and capabilities.
  • Stay Informed: Monitor Microsoft’s official updates and announcements. Keep current with regarding Windows 10 end of life and Windows 11 developments.

Cumulus Global Will Help

Plan and Act Now.  As with any major upgrade, we expect demand for PCs, laptops, and technical services will increase as the deadline nears. Waiting may result in delays and missed deadlines. Losing Windows 10 support can result in costly business disruptions.

For assistance, schedule a brief, free call with one of our Cloud Advisors to discuss your assessment, plan, and upgrade needs, priorities, and budget.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America.

Avoid MFA Pitfalls and Lockouts

/in

MFA PitfallsMaybe you have seen the meme about spending 6 hours per day entering multi-factor authentication (MFA) codes. While inconvenience is one pitfall of MFA, improper configuration and management of MFA can lead to more damaging pitfalls and lockouts. Your ability to work can take days to recover.

The MFA Pitfalls 

Most of us are not using a separate security key; we authenticate using our smartphones. Whether by Authenticator app, SMS text, one-time passwords/codes, or local app login, we need our smartphone to access our apps and services.

Imagine this scenario:

  • Your iPhone is lost, stolen, or damaged.
  • On your laptop, you need to login to check email and the authentication goes to the Authenticator app on your phone.
  • You could opt to have a one-time password emailed to you, but you cannot access your email.
  • You could send it to your recovery email, which you rarely use, is logged out and the MFA also goes to your phone.

You get the picture. You are stuck, but you still have other means of access. Depending on your configuration, restoring access may be complex and take too much time.

And while this scenario may seem unlikely to happen, we see online forums where over 80% of help requests relate to account lockout and recovery. Almost all of the problems were avoidable with proper configuration and management.

Tips to Avoid MFA Pitfalls

To help you avoid MFA pitfalls and lockouts, we created a list of things to consider when configuring management of your MFA services.

  • Use a Sustainable Phone Number for MFA and for Recovery: MFA texts and messages should only go to a phone number that can remain in use if you switch phones or phone systems. Whether to a physical phone or a VoIP service, make sure that you will not lose your number if things change in the future.
  • Have a Separate Recovery Phone Number: If your phone is not available for MFA calls or texts, it is not going to work for recovery codes, calls, or texts. If at all possible, use different phone numbers for MFA and recovery. If your MFA phone number is your smartphone, your recovery phone number could be your business’ VoIP phone number, or the number of a trusted coworker or spouse.
  • Use a Separate Recovery Email: If the email account that receives MFA messages is inaccessible, you will not be able to use it for recovery. Use an alternate email address. This could be a personal (@gmail.com) account or a one belonging to somebody you trust. When setting up your recovery email account, make sure that account is not reliant on the same methods and devices.
  • Stop Before You Drop: Before you give up, abandon, or change a phone number or email address, review the MFA setup across all of your apps and systems. Make sure you move them to your new number and/or email address before you give up the old ones.
  • Backup Your Authenticator Apps: Both Microsoft Authenticator and Google Authenticator let you backup your Authenticator App data. This lets you reinstall and recover your Authenticator settings and accounts on a new or different device. Make sure, however, that the backup location does not require the Authenticator App for access.
  • Create, Print, and Save Recovery Codes: Many systems, apps, and security tools let you create emergency recovery codes. If available, create the codes, print them, and keep them in a safe location (“Put it with your Passport”). Having these codes can reduce account recovery time by hours or days.
  • Use a Password Manager: Password managers provide a single, secure login to allow access to complex passwords and validation for the connected apps. Using a password manager reduces the risk of account lockout.
  • Do Not Buy Direct: Buy your cloud apps and services through authorized partners. For most SaaS and cloud solutions, your partner has administrative access to your account. They can reset passwords and recover accounts. If needed to expedite access or recovery, your partner can change MFA configuration and/or temporarily remove MFA from an account.

These steps require some planning. As MFA settings and preference can often be set individually, you will need to communicate and coordinate with your employees. 

We Will Help

Our Cloud Advisors are here to assist. We can:

  • Review your current MFA services and configurations
  • Identify risks and recommend changes
  • Assist your team members with settings and recovery codes
  • Provide your with Password Manager services
  • Provide license and account co-management for your cloud services

Schedule time with one of our Cloud Advisors now to discuss your next steps.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America.

Don’t Fall for the Call

/in ,

Don't Fall for the Call

IT support scams are back and on the rise. Over the past few weeks, the reports of vendor phone calls and emails claiming to contact people about suspicious activity in their accounts have skyrocketed.  

Do Not Fall for the Scam

Google, and Microsoft, will NEVER call your or email you to start a service or support call.  Let me repeat that, but this time in bold. Google, and Microsoft, will NEVER call your or email you to start a service or support call.

Some of these calls and emails attempt to get you to enter your username and password into a fake web page. 

Many of these attacks request the multi-factor authentication (MFA) code. The attackers initiate a password reset. If given the MFA code, they access the account and can change credentials, access other services, and exfiltrate information.

It is more difficult to spot fake landing and sign in pages

While historically easy to spot, attackers use generative AI to create sophisticated fake login pages. 

Attackers are also using legitimate landing page, marketing, or document tools. The link in the email may open a validly hosted page or document with instructions and another link that, in turn, takes you to the fake login page. 

As the hackers take you through a legitimate service, as a pass-through, you may be less likely to notice that the page asking for your credentials is fake. This method is also more difficult to combat since the pass-through may require valid credentials for access.

Steps You Can Take

You can take a few simple steps to prevent these types of attacks from successfully damaging your business.

  • Education – Inform and educate your team about current and emerging cyber attack methods, what to look for, and how to handle suspicious activity.  Cyber Awareness Training, if well managed, is an affordable means to keep security top of mind.
  • Advanced Email Threat Protection – Email threat protection focused on sender domains, links, and attachments is not enough. Attackers use masking, images, and QR codes beyond the capabilities of many email protection services. Upgrading to a more robust service will provide better protections. Solutions that provide banners and “one-click response” better empower users to flag and manage suspect messages.

We Will Help

Our Cloud Advisors are here to assist. We will:

  • Assess your current security profile and protections
  • Prioritize options and recommendations for security improvements
  • Help you plan and budget for any changes
  • Deploy and co-manage your security solutions to keep you protected.

Schedule time with one of our Cloud Advisors now to begin your security review and improvements.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

Sustainability: Our Next Milestone

/in

ReforestationIn January 2025, Cumulus Global expanded its sustainability program to help offset the carbon footprint of our offices and operations.  In partnership with Evertreen, we fund the planting of 100 trees per month.

Over 1,500 Tonnes of CO2 Offset

With over 2,300 trees in 7 countries on 3 continents, our current forest offsets the electrical use of more than 975 households.

In addition to the climate benefits, our forest is producing food, reducing soil erosion, protecting watersheds, and providing local jobs.

As an IT firm, planting trees to offset our carbon footprint is part of an overall commitment to sustainability that includes using 100% renewable energy, reuse, and recycling.

We Can Help You Do More

One of the best ways to improve sustainability is to recycle electronic waste (e-waste). E-waste recycling has challenges, including but not limited to, finding reputable recyclers and cost.

Our Basic and Business Managed Cloud Services include lifecycle management for your computer with unlimited, no-cost, e-waste recycling. We provide a prepaid label. Just box up the items and drop them off at your local post office. As an added bonus, our IT asset disposal partners partner with Veritree to plant trees with every recycling order.

Call to Action:

For more information about our Managed Cloud Services, please contact us or schedule time with one of our Cloud Advisors

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

5 Cyber Threat Trends You Should Know

/in , ,

5 Security Cyber Threats You Should Know

Earlier this week, we shared CrowdStrike’s 2025 Global Threat Report which identified five (5) cyber threat trends that you should know. While cyber-fatigue is real, understanding the threat landscape helps you assess your risks and security posture and make informed decisions on how to prioritize security-related spending and investment.

5 Cyber Threat Trends

Here are the 5 cyber threat trends you should know.

1 China on the Rise

Cyber attacks originating in China – both nation-state and organized crime – jumped 130% over the prior 12 months. At the enterprise-level, China-nexus attackers focus on telecommunication systems. For most businesses, the increase in attacks on unmanaged devices should be of concern. 

Unmanaged devices lack detection and response capabilities that allow attackers to lurk, monitor, and capture credentials for greater access to your systems, applications, and data.

2 Hands-On-Keyboard Attacks are Making a Comeback

The best way for cyber attackers to avoid modern malware protection, such next-gen endpoint protection and managed detection and response (MDR) services, is for the attacker or a surrogate to use the keyboard. These manual, interactive attacks are up 27% over the prior year.

We may imagine hands–on-keyboard attacks as movie-like scenarios of corporate spies posing as custodians sneaking onto computers while avoiding the security guards making their rounds. In reality, the hands-on-attack may be your employee responding to somebody they think is IT support or a vendor helping them solve a problem.

3 Rapid Ransomware Reach

The speed at which cyber attackers can launch ransomware attacks after an initial breach is accelerating. From breach to spread, attacks are up to 32% faster than previously known.

This speed gives cybersecurity systems less time to identify behaviors and patterns that identify the cyber attack, weakening the effectiveness of the protections.

4 AI for Evil

With the help of AI, certain types of cyber attacks have jumped 220% over the prior year. Cyber attackers are using generative artificial intelligence (Gen AI) technologies to power more-effective attacks.  

Using GenAI, attackers create more realistic fakes – emails, documents, phone calls, and videos – to trigger responses and reactions that enable and facilitate access and breaches.

At the same time, cyber attackers are using security vulnerabilities in the platforms and tools businesses use to build AI agents, just as they use vulnerabilities in web, application, and office productivity platforms.

5 Cloud Attacks Gain Altitude

Cloud intrusions – successful cyber attacks on cloud systems and services – jumped 136% during the first half of 2025 compared to all of 2024. These attacks vector through compromised identities, improper security configurations, API vulnerabilities, lax security and permissions governance.

Steps You Can Take

To ensure your security footprint protects your business appropriately:

  • Conduct IT and Security Assessments that benchmark your security posture.
  • Prioritize your risks based on the nature and size of your business, industry standards and expectations, and regulatory requirements.
  • Level our Security CPR® model and managed services to plan, prioritize, and implement appropriate security and business resilience solutions that:
    • Address your prioritized risks as your budget allows
    • Protect from the most common and the most damaging/costly types of attacks.

We Will Help

Plan Now; Act Soon. Our Cloud Advisors are here to assist. We will:

  • Review your current systems and services and prioritize your risks. 
  • Help you prioritize, plan, and budget for security changes and improvements that may be necessary or preferred
  • Deploy and co-manage your security solutions to keep you protected.

Schedule time with one of our Cloud Advisors now to begin your security review and improvements.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America.

Major Google for Education Licensing and Price Changes

/in , ,

Google for Education Logo

As you are hopefully aware, Google announced major changes to both licensing and pricing for paid Google for Education editions

These changes will impact most schools after February 1, 2026, and will affect some schools as soon as October 1, 2025.  Depending on your annual renewal date, your district may experience a significant increase in Fiscal 2026 over current budgeted amounts.

The following are the licensing changes, pricing changes, and timing for the changes. We are also sharing our general recommendations based on your current subscription and plan.

Licensing Changes

  • Google is eliminating licensing that differentiates between students (full and part time) and faculty/staff. 
    • All users will require the same license(s)
    • You will no longer receive a staff license at no cost for every four (4) student licenses.
    • Every active user must be assigned an Education Fundamentals license
  • Education Standard and Education Plus subscriptions are designed and intended to cover all active users, not just a subset. 
    • Partial domain licensing is no longer possible, with few exceptions.
  • If you subscribe to either Standard or Plus, you must:
    • Purchase enough paid licenses to cover every user with an Education Fundamentals license
    • Ensure that all users with an Education Fundamentals license have an assigned paid license
  • Google is enforcing a minimum purchase requirement for paid licenses of 50 seats.
    • If your school has fewer than 50 faculty/staff and students, you must purchase 50 Education Standard or Education Plus licenses.

Pricing Changes

Google is increasing Google for Education pricing as follows. Note that subscriptions that were licensed and paid per-student will now be per-user, inclusive of students and faculty/staff.

Education Standard

  • Price remains at $3 per user per year.

Education Plus

  • Price increases from $5 to $6 per user per year
  • If subscription cost increases more than 10%, you may be eligible for a 1-year 10% discount on your license fees
  • Discounts are available with multi-year contracts

Teaching and Learning add-on

  • Price increases from $48 to $60 per user per year for Annual/Fixed Term Plan Subscriptions
  • Flexible Plan subscriptions increase from $4.80 to $6 per month

Timing of Changes

License and pricing changes start as early as October 1, 2025, for new all subscriptions and existing Flexible Plan subscriptions.  The changes take effect beginning February 1, 2026, for all existing Annual/Fixed Term Plan subscriptions.

New Purchases

  • For new Education Standard and Plus purchases, the new pricing takes effect as of October 1, 2025. The new pricing is for both Flexible (monthly) Plans and Annual/Fixed Term Plans (1+ year commitment with annual or monthly payments).

All Flexible Plan Subscriptions

  • If you are on Flexible Plan (monthly) subscription, the new pricing begins as of October 1, 2025.

Annual Plan Subscription Renewals

  • If you are on an Annual Plan Subscription, the price increase takes effect with your next annual renewal, on our after February 1, 2026.  As such:
    • If your renewal is before February 1, 2026, you may renew with the current licensing and pricing for one (1) year only.  Any renewal for multiple years will use the new licensing structure and pricing.
    • If your renewal is on or after February 1, 2026, your subscription will move to the new licensing and pricing structure upon renewal.
  • Please note that 
    • If your renewal is after February 1, 2026 and within your current fiscal year, your new cost may not be fully budgeted if your budget was finalized before considering the new licensing and pricing structure.
    • If you are renewing Education Plus and see a cost increase of more than 10%, Google will authorize a 10% discount for the first year of your renewal.

Annual Plan Subscription Upgrades

  • If you are using Education Standard, you can upgrade to Education Plus using the current licensing structure and pricing until January 31, 2026.  This includes mid-term upgrades that change your renewal date.
  • As of February 1, 2026, upgrading from Education Standard to Plus will move you to the new licensing structure and pricing even if the upgrade is prior to your renewal date.

Downgrades

  • If you choose to downgrade from Education Plus to the Teaching and Learning add-on, the new licensing and pricing takes effect October 1, 2025.

Our Recommendations

Depending on your current Google for Education subscription and plan, we recommend you consider the following:

New Education Standard and Education Plus Subscriptions

  • Schools planning to add Education Standard or Education Plus should do so with an Annual Plan commitment before September 30, 2025. 
  • This will provide first year savings over the new licensing and pricing structure and provide you with the ability to properly budget for FY2027.

Current Education Plus Subscriptions

  • Consider a multi-year commitment with possible discounts.
  • Evaluate your usage and determine if downgrading to Education Fundamentals and using the Teaching and Learning add-on is appropriate.

Upgrading from Education Standard to Education Plus

  • Schools planning this upgrade should do so with an Annual Plan commitment before September 30, 2025.
  • This will postpone the price increase and will provide a year savings over the new licensing and pricing structure and provide you with the ability to properly budget for FY2027.

Flexible Plans

  • Assess the stability of your user counts and, if feasible, move from your monthly plan to an Annual Plan prior to September 30, 2025. 
  • This will lock in current licensing and pricing for the first year and give you the opportunity to budget for increasing costs in the future.

We Will Help

Plan Now; Act Soon.  As with any major change, we expect you will have questions and that you may need to reassess your budget.  With the first deadline approaching October 1st, you have limited time to make decisions.  

Our Cloud Advisors are here to assist. We can review your current subscription, discuss your options, and help secure the initial year and multi-year discounts.

Please schedule time with one of our Cloud Advisors for assistance.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

AI in Google Workspace – AI Ultra for Business

/in ,

Google AI Ultra for BusinessGoogle Workspace is a comprehensive and secure platform that empowers organizations to be more productive, collaborative, and creative. This series explores the power of AI built within Google Workspace across each of the workspace apps. In this post, we cover the Google AI Ultra add-on for Google Workspace.

Google AI Ultra for Business

Google AI Ultra for Business is an add-on for existing Google Workspace Business and Enterprise subscribers, offering enhanced capabilities.  Beyond the highest access to the Gemini app, Google AI Ultra for Business delivers advanced tools for deep reasoning, images, and videos.

Here are 4 reasons to consider Google Ultra for Business:

1 Gemini App
  • Dive deep with the most capable models, including Gemini 2.5 Pro and Deep Research.
  • Deep Think, with the ability to explore multiple scenarios and answers before responding, is coming soon.
2 Video Generation
  • AI Ultra for Business includes advanced filmmaking tools:
    • Veo 3 — Professional video production tool
    • Flow — Create cinematic scenes using Veo 3
    • Whisk — Image and text to 8-second videos, using Veo 2

3 Project Mariner

  • Research prototype for streamlined human-agent interaction
  • Allows AI agents to handle multiple tasks concurrently
  • Coming soon, initially to the US only

4 Individual YouTube Premium

  • Upgrade your video game with an individual YouTube Premium plan.

And More …

Google AI Ultra for Business also includes higher access and usage limits for:

  • Gemini App
  • Image Generation
  • NotebookLM
  • AI Credits (12,500 credits per month)
  • Storage (30 TB across Photos, Drive, and Gmail

We Will Help

At Cumulus Global, our priority is ensuring that you have productive, secure, and affordable managed cloud services. We work to ensure that you get the most value from the IT and cloud services you need and want, without overspending, to best support your business objectives.

Unsure of where to start? Check out our IT Assessment or schedule a meeting with a Cloud AdvisorWe will help you adapt while keeping your IT services secure and cost-effective.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America.

Webcasts

Managed Cloud Services Update

/in ,

(03/18/25) – Cumulus Global is updating our Managed Cloud Services to expand protections against cyber attacks. Cybersecurity Enhancements Add Value to your Managed Cloud Services. Changes to our traditional Service Plans give you even more options.

Read more

Data Loss Prevention (DLP) for SMBs

/in ,

(02/18/25) – If your business must comply with government or industry regulations covering disclosure of protected information, Data Loss Prevention (DLP) can be complex and expensive. This session coves affordable, effective DLP solutions for small and midsize businesses, like yours.

Read more

Your 2025 IT Checklist

/in

(01/21/25) – 2025 will be a year of change.  Expect new economic, political, business, and technology opportunities and challenges. Smart IT spending requires upfront planning. A 2025 IT Checklist for creates a roadmap for cost-effective IT decisions that yield better results.

Read more

A Techy Look at 2025

/in

(12/17/24) – Technology, the economy, and governmental policies will each impact our businesses in separate and intertwining ways. Consider these 5 technology related Issues as you make your 2025 plans

Read more

IT Safety for Sole Practitioners, Startups, and Smaller Businesses

/in ,

(11/19/24) – Your computer, and your IT services, are your business lifeline. Manage, protect, and secure them to protect your business. Here are affordable solutions to protect you and your business.

Read more

Google Gemini Quick Start

/in ,

(10/15/24) – The value of Google Gemini depends on how well you are able to use it. This Gemini Quick Start gives you an overview of your options, shares more than 11 ways you can use Gemini, and covers Gemini’s limitations.

Read more

Cybersecurity: Enough is Enough

/in ,

(9/24/24) – Beyond industry and regulatory requirements, your cybersecurity should match your business’s risks, needs, and budget .. and nothing more. This event focuses on affordably scaling your cybersecurity.

Read more

Check Your IT Blind Spots

/in

(7/23/24) – Blind Spots evolve when we fail to reassess decisions as technology, business, and other factors change over time. Checking your IT Blind Spots will identify opportunities for savings, security, and improvements.

Read more

Small Business Compliance Primer

/in ,

(6/18/24) – For many of us, ensuring we have the right security and compliance program in place remains a challenge. A basic understanding of security and compliance will inform and guide your security priorities, plans, investment, and results.

Read more

Gen AI Prompts and Privacy

/in ,

(05/21/24) – Gen AI tools can boost your productivity or waste your time. The better your Gen AI prompts, the more effective and efficient Gen AI will be for you. The session provides and demonstrates a model for effective prompt-building.

Read more

library

Verizon 2024 Data Breach Investigations Report

/in

Whitepaper | Source: Verizon — The Verizon 2024 Data Breach Investigations Report, the 17th annual edition, highlights evolving threat scenarios world-wide. From year to year, we see new and innovative attacks as well as variations on tried and-true attacks. The past year has been a busy one for cybercrime.

Read more

Microsoft Digital Defense Report 2024

/in ,

Whitepaper | Source: Microsoft — In the last year, the cyber threat landscape continued to become more dangerous and complex. Improved defenses will not be enough. However, improved defense will not be enough. The data, insights, and events in this report represent July 2023 through June 2024 (Microsoft fiscal year 2024), unless otherwise noted.

Read more

Google Workspace Security Feature Matrix

/in ,

eBook | Source: Cumulus Global — This eBook provides a summary of the security features across Google Workspace subscriptions. Using the included matrices, you can select the subscription that best meets your needs and compare the detailed capabilities of security features against third party options.

Read more

Pen Test Primer: Security for Small Businesses

/in ,

eBook | Source: Cumulus Global — This eBook presents an introduction to Penetration Testing and discusses how small and midsize businesses can use Pen Testing effectively and affordably as part of a robust cybersecurity program.

Read more

Improve Your Email Deliverability and Security in Five Steps

/in ,

eBook | Source: Cumulus Global — Email services are stepping up protections. Here are 5 best practices that help ensure your emails get delivered and that you are protected from identity and business email compromise cyber attacks.

Read more

Email Security: Good, Better, Best

/in ,

eBook | Source: Cumulus Global —
Cyber attacks by email have skyrocketed over the last decade. Email and domain impersonation attacks, fueled by successful phishing attacks, bypass account-centric security. This eBook discusses how to protect your business and domain from Business Email Compromises and impersonation attacks.

Read more

IT Services for Solopreneurs and VSBs

/in

eBook | Source: Cumulus Global —
IT Services pose unique challenges for Solo entrepreneurs, aka “solopreneurs”, and very small businesses (VSBs). More than having IT services that are “good enough”, solopreneurs and VSBs need technology to save them time, effort, and money.

Read more