Posts

Passwords – 3 Fails and 3 Wins

December 29, 2020/in General

Bad passwords are the cause for over 80% of cyber security incidents.

Bad passwords are bad for business. ID Agent, a leading provider of Dark Web ID monitoring and protection services, recently surveyed over 2 billion passwords to find the worst problems and mistakes. The research boiled down the least secure passwords into three groups.

Team Pride: Using your favorite team or team slogan is risky. This information about you is often easily found on social media.
Rock and Roll: Your music preferences are also likely visible to the world on social media and in streaming services. As these services may or may not be secure, band names, song titles, and artists are high risk passwords.
Heroes: Heroes are weak and vulnerable when they are part of your password. Our favorite hero — fictional or not — is easily discoverable and exploitable.

Bad password habits can lead to Dark Web exposure. Here are 3 ways to protect yourself.

Communicate and Educate: Consistently communicate with your team about cyber risks and the need for good password habits. Educate and guide your team to reinforce behaviors.

Discourage reuse, sequential, iterated, recycled, or simple passwords.
Encourage use of secure, company-approved, password vaults.
Solve access problems to prevent the need for sharing passwords for convenience.
Increase phishing training to avoid password compromises.

Prevent & Protect: One of the best ways to prevent breaches due to compromised passwords is to add multi-factor authentication (MFA) for every user.

Weak user-made passwords are stronger with a second identifier.
Stolen/compromised passwords are much harder to use with MFA in place.
MFA is a compliance tool with HIPAA, PCD-DSS, SJIC, and other industry and legal regulations.
Identifiers and tokens can be delivered via phone, app, or fob.

Other prevention and protection strategies include: advanced threat protection, encryption of data at rest and in motion, permissions management, and dark web monitoring. Dark Web monitoring lets you know when personal or company data is circulating, even if you have not had a breach. Third-party partner and service breaches put your systems and data at risk. As such, you should:

Monitor the Dark Web for lists of you company’s potentially compromised passwords and available personally identifiable information (PII).
Spot compromised passwords that employees may be reusing on our systems.
Find password and credential threats quickly, to mitigate them faster.

Respond and Recover: Even with protections in place, cyber attacks can succeed. Whether a data breach, denial of service attack, or ransomware, be prepared to respond and recover. You want and need to get your business up and running as quickly as possible.

Backup all company data, on premise and in the cloud, so that you can recover corrupted files quickly.
Have business continuity solutions in place for critical systems and applications, so that you can be up and running in minutes or hours, rather than days or weeks.

Your Next Step

CPR With “CPR” in mind, learn how Cumulus Global can help you minimize your risks and maximize your recovery to ensure your business continues to run smoothly.

Schedule a complimentary cloud advisor appointment to learn more.

Work Life Post COVID-19 Will be Different

August 26, 2020/in General

As reported by the Boston Business Journal, a recent survey conducted by the Massachusetts Competitive Partnership, with help form several regional business groups, found that businesses are projecting that 47% of employees will continue to work completely or partially from home post-Covid. If this is the case, the number of remote workers will jump 2 1/2 times from the pre-Covid rate of 18%.

While this survey’s focus was looking at the potential impact on the commercial real estate market in the metro Boston area, we can expect these results to be somewhat similar for metropolitan areas across the country.

A significant, permanent shift in the percentage of remote workers will impact how businesses operate.

To adapt, you will want to eliminate issues that are “inconveniences” when temporary, but should not be allowed to hurt productivity or efficiency in the long term. Some of the changes we have seen and helped businesses deploy include:

Changing your infrastructure (and using cloud services) to provide users with secure, direct access to applications and files, eliminating the need for remote desktop or VPN connections to on-premise networks and systems
Expanding your use of social communication tools, like Google Chat and Microsoft Teams, to enable the casual and incidental conversations that occur in office
Incrementally automating common tasks and work flows to simplify and monitor processes
Giving your staff the ability to manage inbound and outbound calls through the company’s voice service, ensuring
- Call flows, through ACD and IVR menus, work properly
- Team members can transfer calls to others
- Staff do not need to use personal phone numbers and voicemail
Ensuring your calling groups, like those for help desks, function well regardless of a person’s location
Updating threat protections for users, data, and applications outside your physical offices.
Selecting video conferencing services that are secure and that provide your team with useful features and controls, such as:
- Controlled and secure access
- Ability to share desktops, windows, and browser tabs
- Privacy tools, such as alternate backgrounds
- Captioning and transcription capture

As many of these improvements can be accomplished with the tools and systems you already have in place, the cost to ensure productivity is manageable.

Complete this form for a free, no-obligation assessment, or contact us to schedule an introductory call with one of our Cloud Advisors.

The Opening Dilemma

June 29, 2020/in General

Without a consistent national strategy and leadership, decisions on how to open are economy are left to state and local leaders. While very few states have me the limited criteria published by the CDC, states are proceeding and are in various phases of re-opening. At the same time, we have failed to contain COVID-19 at the national level. We are not facing a second wave, as the first wave is not over. We see progress in former hot spots, while other areas are seeing record-setting spikes in cases and hospitalizations.

The challenge we face as business owners is how to adapt.

It is one thing to be closed or limited in operations and then re-open. It is a whole different scenario if we continue to see slow downs, halts, and backtracking. None of the CARES Act or other relief packages account for businesses need to scale back or close a second time (or third time, or more). Recalling employees only to furlough them again is a damaging cycle. It is hard to plan if you are unsure how you will be able to operate next month or next quarter.

When will this end?

COVID-19 will be behind us when we have a vaccine that is proven to be safe and effective. We will not know this until months after large percentages of the population have been vaccinated, possibly 12 to 24 months from now. Until then, expect the need for remote work, extra safety precautions, changes to business conditions, and starts/stops with re-opening.

Near Term Flexibility / Long Term Plan

The best advice we have heard, and shared, is to be flexible in the short term while planning for your long term. In the short term:

Understand the phases, guidance, and rules at the local and state level for your business. These may differ for each of your business locations.
Understand the phases, guidance, and rules facing your customers. This is harder to track and manage, but possible if you ask your customers for this information when you engage with them. Doing so will identify issues and help you overcome obstacles.
Do not rely solely on local guidance and rules. Unfortunately, re-opening guidance and restrictions have become politicized. While relying on local rules may provide legal cover, doing so may harm your business if employees or customers get sick.
Expect the uncertainty to continue. We scrambled to adjust to closing and continue to scramble as reopening rules come into play and change. Many of the adjustments we made were fine as stop-gap measures. Now is the time to step back and formalize the changes. Make sure that your policies and procedures are accurate and up to date. Make sure users are working on company systems and not “shadow IT” services. Make sure your data is on company systems and properly protected.
Consider making temporary changes permanent, at least in part. Many of us realize that more jobs can be done remotely, and done well, than previously thought. You can take advantage of this long-term in several ways, including reducing the size of your physical offices, recruiting outside of your immediate geographic locations, and offering staff more flexibility. Doing so can strategically lower costs and improve productivity.

If you want to discuss your near-term or long-term plans, please contact us. We are offering free and discounted services to help you ensure your next steps carry you forward.

5 Ideas for Successful Remote Shopping and Customer Pickup Services

May 7, 2020/in General

As more areas of the country move into Phase 1 of re-opening the economy, you may be able to offer remote shopping and curbside (no contact) pickup. While you may already have a way to hold items for pickup by customers, moving completely to the “take out” model of business requires you to make changes and scale your processes. Here are 5 ideas to improve your customer experience:

1. Accept Online and Advance Payments

Customers paying online or by phone before coming for their pickup dramatically reduces the in-person interaction needed to complete the sale. This is safe for your employees and your customers.

Adding a shopping cart experience to your website is not a simple process; check with your web developer and verify they have the experience to create a secure, easy to use flow for your customers.
If adding a shopping cart experience to your website is not feasible in the short term, you have alternatives:
- Check with your current card processing service; many offer payment portals that can work well in this situation.
- Spin up a separate online store using a turnkey solution, like Shopify, to which you can upload inventory and product information
- Create an online payment account via services like PayPal or Venmo (make sure you have or create a company-specific account)
Remember that you must still comply with PCI regulations. Make sure employees know that when taking credit card information, they should not write down or otherwise record the information expect to put it into the POS or card processing systems.

2. Offer Video Shopping Appointments

Allow customers to schedule video shopping appointments, during with a member of your staff can walk the store and help your customers pick out items.

Use a secure video meeting tool. If you use Microsoft Office 365 or G Suite, you already have access to video meetings via Microsoft Teams and Google Meet, respectively. Employees should NOT be using personal accounts, email addresses, or phone numbers to setup or run these sessions.
Roll out a scheduling tool that lets customers pick from preset, available times. Bookings is a free tool included with MS Office 365. Tools like Calendly integrate with both G Suite and Office 365 services.
Get a few tripods with phone/tablet holders. This will allow a single employee to manage the camera while displaying merchandise. It also makes for a “steady” shot and better shopping experience.

3. Live Chat with Customers

Give your customers an easy way to get in touch with you once they are on your website.

Live chat is an inexpensive way for customers to communicate with your team.
Most live chat solutions allow your staff to answer questions and transfer the conversation. Staff working from home can cover the live chat service and answer most customer questions. The chat can be transferred to in-store staff as needed.

4. Create a “Service Desk” for Customer Questions

Going beyond live chat, let your customers interact with you however they want, when they want. At the same time, you can enable staff working from home to support the team working in-store.

Setup a cloud-based service desk phone system that allows multiple team members to answer calls, text messages, and voice messages.
- Employees sign in as ‘agents’ and can indicate when they are available / not available to answer calls.
- The system will route calls to an available ‘agent’ in a round robin basis or other priority that you configure.
- Using a “soft phone” application, your employees access the system via computer or mobile device; their personal phone numbers and information remain private.
Setup a shared inbox to allow your staff to respond to, and manage, email communications.
- More than a distribution list, a managed shared inbox lets your team assign emails and discussion threads to employees and track their work and progress.
- Using the shared inbox, employees’ personal information and individual work emails remain private.
- Employees can connect/disconnect to the service as needed to cover shifts

5. Measure Customer Satisfaction

Follow up every sale with a thank you email and solicit customer feedback.

Cloud-based customer satisfaction (CSAT) tools let you embed one-click feedback questions into your email templates. These often use familiar green, yellow, and red icons to indicate satisfaction levels.
CSAT tools can also solicit comments. These comments can be used to identify and resolve customer issues, as well as generate testimonials for your web site and marketing efforts.
More advanced CSAT tools can also ask a “Net Promoter Score” question, so you can measure how many of your customers would recommend your business to others.

A Final Note: As you implement these (or other) ideas, procedures, and technologies, remember to take care of your “back office” and employees. Initiating or improving your customer pickup services means new and changed processes. You may also decide to change roles. For example, some stores dedicate one team member per shift to process online payments as a way of managing access to the tools and information. Take the time to train your staff and make sure they are comfortable with the changes. Also, solicit their feedback and ideas. They probably have suggestions that will help you impress your customers.

Please contact us for a free Response and Recovery Assessment. We are happy to discuss ideas and solutions, and to assist with getting the technologies and training in place.

Ensure Your Team is Working from Home Safely

April 22, 2020/in General

(Published 4/21/20)

The rush to get your employees setup and working from home is over; now is the time to take a step back and make sure your team is working effectively and that you are protecting your data and that of your customers.

Here is a simple checklist:

Give Employees Business Software

If you have MS Office licensed through an Office 365 subscription, you have the ability to install each user’s license on multiple computers and devices. Use this licensing to make sure your team does not run into version compatibility issues. If you have an Office 365 subscription, you can also ensure employees are logged into your domain/tenant and files are automatically backed up to OneDrive or SharePoint file systems.

Give Employees Endpoint Protection

If employees are using home computers for work, the non-work activity on that machine poses a malware and ransomware risk to your business. Even if your employee has a consumer antivirus tool in place, you should layer next-gen, advanced threat protection. Solutions like Webroot are designed to coexist with local protections. The solution also gives you control over the security footprint of machines accessing your systems and data.

Give Employees Web Filtering / DNS Protection

Between 20% and 35% of malware attacks originate from infected websites and DNS attacks. Adding web filtering/DNS protection allows your employees and their families to safely surf without putting your business at risk.

Properly Configure Desktop File Sync Utilities

Whether using Office 365 or G Suite, enabling a desktop sync tool gives your employees seamless access to your cloud-based files. Rather than syncing, configure the agent to serve as a mapping tool. Files cache locally while in use for performance; data remains securely in your cloud; users have easy and familiar access.

Put a Policy in Place

Make sure you have an appropriate policy in place, to protect your employees and your business. We are sharing a simple draft policy you can use and adapt to your needs.

Protect Yourself from Personal Devices

April 12, 2020/in General

(Published 4/12/20 – Get our Sample Policy)

For many businesses, employees are working from home for the first time. Given the rush to change how our businesses operate, many of those employees will be using home computers or personal devices. While enabling companies to continue operating, doing so can place your business, data, customers, and employees at risk.

If you do not already have a policy in place, we have published a sample policy covering employee use of personal computers and devices. The policy, intended to augment your existing company policies (such as appropriate use), covers Company and Employee responsibilities. Since you may need to install software and utilities on the device to ensure compatibility, secure access to your systems, and compliance with your data privacy and protection requirements, the policy strives to create a balance that ensure employees will not lose personal data or use of the device for personal reasons.

You can access the Sample Policy here, free of charge. Please review the policy with your HR and IT resources and modify it as necessary for your business.

As noted in the policy, you should expect to provision current versions of software and the necessary data protection tools. For example:

Most Office 365 licenses allow you to install the desktop software on up to 5 computers and 5 tablets/smartphones for each user. These rights mean that you can provide employees with the same software on their home computers as they use in the office. Doing so improves productivity.
Employees may have antivirus protection software installed, which may or may not be current or sufficient for your needs. You may want, or need to layer on advanced threat endpoint protection software that will not interfere with existing tools, such as Webroot.
Employees likely do not have dns/web protection services installed. As the computer is used for personal activities, adding web protections can prevent web-based malware from impacting your data and business.

Please contact us for a complimentary Cloud Advisor session. Without obligation, we can discuss your needs, discuss how to best protect your data/business, and recommend affordable solutions to consider.

Zoom Privacy Policy is a Risk

April 5, 2020/in General

Updated 4/05/20

Updates:

4/05/20: Zoom posted an updated Privacy Policy, back dated to 3/29/2020. This policy clarifies Zoom’s actions and intents and changes some terms and conditions, indicating that Zoom is now doing the right thing with your personal data. Zoom has also expanded users’ ability to use passwords and waiting rooms to control meeting access. We still recommend reviewing the policy and using the “do not sell” process. We also recommend using conferencing systems within your productivity suite, Office 365 or G Suite, as these are secure and integrate with your email, calendar, and file services.
4/01/20: MIT Tech Review summarizes the security issues with Zoom, including information about a Class Action Lawsuit.
3/31/20: Vice.com reports that Zoom is leaking personal emails and photos to strangers.
3/31/20: The Intercept reports that Zoom is not using End to End Encryption as claimed in their marketing materials and user interface.
3/31/20: New York Times reports that Zoom, the videoconferencing app whose traffic has surged, is under scrutiny by the New York attorney general’s office for its data privacy and security practices.
3/30/20: FBI Warns of Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic

On March 18, 2020, the Zoom.us posted changes to its privacy policy that impact all users, even those without accounts attending meetings as guests. This change follows a dramatic increase in Zoom users (and stock price), as Zoom has been offering its services for free to many businesses and schools.

Under this version of the Zoom’s privacy policy, Zoom is collecting more information, in our assessment, than is necessary to provide users with the service. Zoom also acknowledges providing this information to third parties. The information Zoom is collecting includes, but is not limited to:

Name, physical address, and other similar personally identifying information
Information about your job, such as your title and employer
Your Facebook profile information (when you use Facebook to log-in to Zoom or to create a Zoom)
General information about your product and service preferences (including software installed and/or in use on your computer)
Information about your device

Per Zoom’s policy, downloading and using the Zoom app provides Zoom with consent to share any personal information they collect with third parties.

In reference to the use of third party services, the policy states

“We use these tools to help us improve your advertising experience (such as serving advertisements on our behalf across the Internet, serving personalized ads on our website, and providing analytics services).”

In other words, Zoom may use the personal information of any person using their services to market to that person across their use of the Internet.

Additionally, we do not see any effort by Zoom to determine the age of individuals using the service, so they are likely collecting and using the personal information of children.

Vice.com is reporting that Zoom’s iOS app sends data to Facebook even if you do not have a Facebook account.

Impact

Our current assessment of the impact is as follows:

Data collection is based on the way each meeting participant enters the meeting. Even if the organizer is on a paid and secure business or education edition, meeting attendees using the free client or entering as a guest are subject to dating mining and sharing.
For businesses and schools, some of the data Zoom collects and shares is prohibited under the Children’s Online Privacy Protection Act (COPPA).
For schools and libraries, not using the K12 version of Zoom for faculty and students may result in violations of the Children’s Internet Protection Act (CIPA)
Zoom does provide a means for users to instruct Zoom to “Do not Sell” their personal information. This help with California Consumer Privacy Act (“CCPA”) and EU’s General Data Protection Regulation (“GDPR”) compliance. It may not be practical to advise all meeting attendees of this option.

In short, Zoom’s privacy policy may conflict with your business’ privacy policy and how you manage and respect your customers and their data. The policy may also create regulatory and legal issues.

Recommendations

If you organization uses G Suite or Microsoft Office 365, you already have the ability to securely conduct audio and video conferencing with services that do not mine and share attendee data.

G Suite
- Hangouts Meet (the new service) is secure and HIPAA compliant. Individuals outside your organization can join via shared URL, without providing personal information. Through June 2020, Google has enabled all G Suite users to conduct meetings with up to 250 participants and provided organizers with the ability to record meetings. Participants can mute their own audio/video and can present to the meeting. Meeting include dial-in numbers and pins to allow access from phones.
- Participants can join via web browser or use the free iOS and Adroid Apps.
- Traditional Hangouts and Chat, while not HIPAA compliant, are still secure and work within organizations and with guests.
Office 365
- Teams (and formerly Skype for Business) is a secure video/audio conferencing service with screen sharing, waiting rooms, and other helpful features. As with all of Office 365, Teams can be deployed to meet HIPAA compliance. Teams does not collect and share personal information.
- Teams, by default is device-to-device conferencing. You can add the ability for individuals to connect by phone for a small monthly fee for each meeting organizer that needs this function.
- Participants can join via web browser, or use the free apps for Windows, Mac, iOS, and Android.

Before adding another service or tool for audio/video conferencing, take full advantage of the services you have. Contact us if you need help with user training and support.

If you are not using G Suite or Office 365, several communications and conferencing services are offering secure, free access for up to 90 days. These include, but are not limited to, Dialpad, UberConference, Ring Central, and Cisco WebEx. Please contact us for help selecting and deploying the right service for you and your teams.

Customer Notice Update: Email Advanced Threat Protection

January 24, 2020/in Education, General, News

Given the demand and need to improve your protection from the devastating impact of ransomware, crypto attacks, and other forms of cyber attacks we are extending the Advanced Threat Protection Priority Opt-in discount period through March, 2020. We understand that adding a service, even a critical service, impacts your budget and costs. Our Priority Opt-In discounts, and other measures (see below), intend to minimize the impact.

Email Advanced Threat Protection (ATP) and Multi-factor authentication (MFA) are necessary, baseline services for protecting your business.

Beginning April 1, 2020, we require Advanced Threat Protection for all of our customers’ email service, unless you specifically opt out. Opting out is appropriate if you already have an advanced threat protection service in place.

If you opt out, the cost of our data recovery efforts will not be covered under our unlimited support plans (See our Support Services SLA). When we add ATP to your service, we will discuss with you when we can add MFA.

We will mitigate the cost.

We are sensitive to your budget.

ATP requires a technical setup and typically incurs a setup fee along with the monthly or annual subscription.
We are discounting both the setup and subscription fees for all customers. For customers requesting Priority Opt-In, we will waive the ATP related setup fees completely.
MFA implementation is covered by our support plans as an administrative change. If you do not have on of our support plans, we will provide an affordable, discounted quote for the project.
For customers without an unlimited support plan and/or those that choose to Opt-Out, we will discount our hourly fees for recovery work.

For more information on specific discounts and pricing, and to let us know if you want to Opt-In, to have Priority Opt-In, or to Opt-Out, please visit this web page and complete the form.

We realize that this is a significant change for most of our customers. We also understand the importance of these protections. Please contact us with questions or concerns

Thank you for being part of our community,
Allen Falcon
CEO & Pragmatic Evangelist

Customer Notice: Email Advanced Threat Protection

November 13, 2019/in General, News

(Updated January 20, 2020)

We continue to witness the devastating impact of ransomware, crypto attacks, and other forms of cyber attacks on our customers. The recovery cost and frequency of attacks are increasing at alarming rates. The average cost for a small or midsize business (SMB) to fully recovery from a cyber attack has increased to between $145,000 and $180,000. This includes loss of direct business, remediation costs, damage to reputation, and employee downtime. At the same time, the number of ransomware attacks so far in 2019 has doubled when compared with the same period in 2018.

As a managed cloud service provider, you have heard from us that you “should” have more protections in place. Our position is changing: these protections are a “must”.

Multi-factor authentication (MFA) and email Advanced Threat Protection (ATP) are necessary, baseline services for protecting your business.

Beginning April 1, 2020, we will require and will begin adding Advanced Threat Protection to all of our customers’ email service unless you specifically opt out. If you opt out, the cost of our data recovery efforts will not be covered under our unlimited support plans (See our Support Services SLA). When we add ATP to your service, we will discuss with you when we can add MFA.

We will mitigate the cost.

We are sensitive to your budget.

ATP requires a technical setup and typically incurs a setup fee along with the monthly or annual subscription. We are discounting both the setup and subscription fees for all customers. For customers requesting Priority Opt-In, we will waive the ATP related setup fees completely.
MFA implementation is covered by our support plans as an administrative change. If you do not have on of our support plans, we will provide an affordable, discounted quote for the project.
For customers without an unlimited support plan and/or those that choose to Opt-Out, we will discount our hourly fees for recovery work.

For more information on specific discounts and pricing, and to let us know if you want to Opt-In, to have Priority Opt-In, or to Opt-Out, please visit this web page and complete the form.

We realize that this is a significant change for most of our customers. We also understand the importance of these protections. Please contact us with questions or concerns

Thank you for being part of our community,
Allen Falcon
CEO & Pragmatic Evangelist

Managed Cloud Security: 7 Ways to Keep Your Cloud Environment Safe

November 7, 2019/in General

In a recently published report, one of Forrester Research’s five key cloud predictions is that cloud management providers will tackle cloud security. With the Capital One breach, the first major breach in a public cloud, the industry has a new focus on security and public cloud services. Small and midsize businesses (SMBs) are more likely to use public cloud managed services over specialty providers and private clouds. As such, SMBs need to focus on cloud management.

What is managed cloud security?

Managed cloud security refers to the practice of outsourcing the security management and monitoring of a business’s cloud infrastructure to a third-party service provider. This includes the implementation of security measures such as firewalls, access controls, and intrusion detection systems, as well as 24/7 monitoring and incident response. With managed cloud security, businesses can ensure the security and integrity of their data and applications in the cloud, while freeing up internal resources to focus on core business operations.

Managing cloud security risks involves a multi-layered approach to ensure the security of a business’s cloud infrastructure. Effective cloud management can prevent holes in your security protections and save you money.

Cloud management, as a practice, formalizes access, licensing, usage, security, and spending for your cloud services. Instead of focusing on each cloud application or service independently, Cloud Management as a practice oversees and manages the big picture.

Seven key components of Cloud Management are:

Document which cloud services are needed and used based on each person’s role within the organization
Based on need, determine the level of access for each person/group based on their roles and responsibilities
Understand and document subscription and licensing rules for each service, to ensure you can optimize subscriptions and spend
Create standardized on-boarding work flows to ensure new employees and those changing roles are
- Provided access to only the cloud platform services they need
- Are assigned appropriate access to features, functionality, and data within each system
- Access to data is consistent across cloud services
Create standardized off-boarding work flows to ensure:
- All cloud services accounts are deactivated, preventing orphan accounts from being left open
- Data within each cloud service is archived or transferred to other user(s), preventing data loss
- Cloud subscriptions/licenses are modified to prevent unnecessary costs
Track licensing and subscriptions to:
- Adjust your subscriptions to match your need, as allowed by each cloud service
- Identify and remove unused licenses
- Understand and manage your spending
Actively search for, identify, and manage use of unauthorized cloud services to:
- Minimize or eliminate “Shadow IT” risks with respect to security, data loss, and compliance
- Identify and move users from duplicate services to authorized services
- Provide training on authorized apps and services, preventing the need to use other services
- Identify cloud services needed or wanted by staff, but not yet available through and authorized app or service

By applying the basic tenants of cloud management you can reduce your security risks, optimize your services and licensing, and better manage your spend.

FAQs

What are the three key areas for cloud security?

Data Security: This involves protecting the confidentiality, integrity, and availability of data stored in the cloud. It includes measures such as encryption, access controls, and data backups.
Network Security: This involves securing the network infrastructure used by cloud services, including firewalls, intrusion detection/prevention systems, and virtual private networks (VPNs).
Application Security: This involves securing the software applications running on the cloud infrastructure, including secure coding practices, vulnerability management, and web application firewalls.

By focusing on these three key areas of cloud security, businesses can effectively address the most critical security risks associated with the use of cloud services.

Cumulus Global offers Cloud Management tools and services. Contact us for a free, no obligation Cloud Advisor session to learn more.