Posts

How Can SMBs Streamline IT Security?

Data Protection & Security

Cumulus Global CEO, Allen Falcon, answers this question in Inc. Magazine.

Small businesses face new demands to improve and maintain their IT Security.  Customer, vendors, regulators, and insurance carriers are defining criteria and pushing SMBs to implement procedures and technologies. If not managed well, SMBs end up with duplicate services and increased operating costs. How can SMBs streamline their IT security to manage costs without losing capabilities?

To learn more about cyber security for SMBS, visit these blog posts:

Additional resources to help you Streamline IT Security:

Need guidance? Schedule a call with one of our Cloud Advisors.

Action1 2022 SMB IT Security Needs Study Highlights & Contradictions

Security firm Action 1 recently published the results of its 2022 SMB IT Security study after surveying 750 small and midsize businesses.Data Protection & Security

Key Findings and Contradictions of the Action1 SMB Report

It is no secret that perceptions about our security risks differ from reality.  Not surprisingly, some of the 2022 SMB IT security needs survey results contradict one another.

52% vs 65% vs 37%

52% of respondents acknowledge that they lack sufficient skills and technology to effectively protect against cyber attacks. But 65% believe the cost of protection is too high and 37% complain that security controls hurt productivity. Businesses clearly struggle to balance the security they need with the cost and the user experience. Often SMBs are presented with security solutions designed – and priced – for larger organizations. As employees use added security steps for everyday transactions (online banking, etc.), the overhead of security protocols is less intrusive.

63% vs 81% vs 40%

While 63% believe that their SMB faces a lower cyber risk compared to larger companies, 81% of respondents had at least one security incident within the past 12 months. 40% of SMBs had 2 or more incidents. Too many SMBs continue to have a false sense of security. Cyber criminals understand that is easier to hack 10, or even 100, small businesses than it is to successfully attack 1 large enterprise. And with current tools, cyber attacks are inexpensive to launch and manage.

Where the Security Risks Exist

40% vs 39% vs 34%

The most common forms of successful cyber attacks are password attacks (40%), ransomware or other malware (39%), and phishing (34%). Note that these forms of attack are not mutually exclusive.  One form of attack, malware for example, can be used to gather the information needed for a successful password breach.

63% vs 43%

Looking at root causes, 63% of SMB IT Security study respondents noted that attacks began with phishing.  Unpatched systems were the starting point for 43% of attacks. These numbers make sense as these attack vectors provide access to information that supports further attacks.

Who is Helping

96% vs 23%

The vast majority of SMBs rely on outside experts for help with their security needs.  93% of respondents use an IT firm for at least some of their IT security needs.  That said, 23% of small businesses are looking to replace their IT service providers in the coming year. While security is not the only trigger for changing providers, it is one consideration.

48% vs 33% vs 29%

SMBs responded that poor system performance (48%), system outages (33%), and long problem resolution times (29%) are the three primary reasons for switching service providers. Each of these issues relate to business interruptions.

2022 SMB Security Study Conclusions

Examining the SMB IT Needs Security Study results, we see three clear conclusions.

  1. Failing to recognize the risks leads business owners to under value security technology and services.  The cost to respond and recover to a single incident dwarfs the cost of reasonable protections.  For SMBs, the average successful cyber attack can disrupt business operations for 18 to 21 days at a total cost to recover exceeding $200,000.
  2. With 50% of employees working remotely, at least part time, individuals and systems are more exposed to attack. Physical security is no longer sufficient. SMBs need a security services designed to protect against the most common and the most costly types of cyber attacks.
  3. As an IT service provider, we must ensure that our services, first and foremost, do no harm.  While security protocols can introduce some inconveniences, our services cannot interfere with performance, availability, or reliability.

Next Steps to Improve Your IT Security

Step back and take a look at your security services and footprint.  Our Rapid Security Assessment is a quick and simple starting point to identify security gaps. You can also schedule a call with one of our Cloud Advisors to review your security and IT services.

 

Security Trends Will Impact Small Businesses

Security, Privacy, & ComplianceSpeaking at a recent CRN-hosted security summit for midsize enterprises, Paul Furtado, Gartner’s Vice President of Midsize Enterprise Security stated, “The only thing harder than defending yourself against a cyberattack is telling your executives and your partners why you didn’t do enough to protect yourself.”  His comments reflect current security trends from our historic “Trust but Verify” security model to one that is “Never Trust; Always Verify” — also known as Zero Trust.

Expectations are changing and our tolerance for breaches is dropping.  More than 56% of successful attacks exploit known vulnerabilities with patches available for more than 90 days.  Frankly, many of us are failing at the fundamentals of IT security and this needs to change.

While smaller in size, SMBs remain prime targets of cyber attacks.  With “Ransomware as a Service” readily available, finding and attacking vulnerable small businesses is inexpensive and effective.  SMBs are more likely to have fewer security protections; SMBs are less likely to be able to recover from an attack and more likely to pay ransoms.

Here are 7 security trends that warrant our attention and action:

1 Zero Day Exploits

As the name implies, Zero-Day  Exploits take advantage of newly discovered security holes before our tools and systems can be updated to prevent an attack.

Next Gen solutions are needed to protect from attacks on devices, in the flow of email, and in web traffic.

2 Insider Threats

Insider risk refers to every account that has access into an organization’s environment such as service accounts, custom integrations, and API accounts. Insider threats, meanwhile, are the small percentage of insiders actually doing something that will cause a security incident, intentionally or not.  For example, the increased use of QR codes allows attackers to create malicious QR codes that install keyloggers and screen grabbers to steal identities and multi-factor authentication tokens.

We need Security Awareness Training to help individuals understand the risks and build safe habits.

3 Regulatory Changes

As noted, security expectations are changing.  State and federal laws are changing. Passed by the Senate this year, the Strengthening American Cybersecurity Act will require businesses to report significant cyber events within 72 hours and ransomware payments within 24 hours. These requirements lay on top of other federal regulations, multiple states’ privacy laws (CCPA, MA PII, etc.), and industry regulations (PCI-DSS, etc.).

With cyber insurance and cyber response services in place, small businesses are more likely to avoid fines, losses, and legal actions.

4 IoT

Internet of Things devices, and similar automation technologies are popular and often lack basic security features.

As IoT-based solutions move into smaller businesses, we need to secure and monitor devices and the networks on which they run.

5 Supply Chain

Bad actors know that attacks on supply chains can be more effective than attacking an intended target.

If your smaller business is in the supply chain of a larger company, expect security to become an issue.  They are likely to request — or demand – additional security measures as a condition of your business relationship.  And, be ready to demonstrate (prove) that you actually do what you claim on the security checklist.

6 Data Mining

Data mining enables attackers to not only go after your business, but your vendors and customers as well.  Imagine attackers telling your customers their private data will be released if you do not pay the ransom.  Even more common, imagine your customers receiving emails “from” (impersonating) you instructing them to send money.

We need to start protecting unregulated data in the same ways we protect regulated data.  Encryption, for example, does not prevent a breach but ensures the data cannot be used.

7 Ransomware

It would be nice to think we are past the ransomware pandemic, but we are not.  Over 80% of ransomware attacks are on small and mid-size businesses. Because attacks have moved beyond encryption to data exfiltration, attackers are likely to understand your business and set ransoms that are steep, but payable (often 1% to 1.5% of annual revenue).  Businesses hit by ransomware average more than 20 days of significant business disruption. On average, they permanently lose more than 35% of their data.

A response and recovery plan that includes business continuity ensures that you can keep your business running while you recover from and respond to an attack.

Your Next Step

Please contact us to evaluate your security footprint and needs, and discuss possible next steps, or schedule a no-obligation introductory call with one of our Cloud Advisors.

XChange of Ideas – Trends with Benefits

XChange Events

This XChange of Ideas shares trends that can boost your business’ productivity.

We recently spent three packed days at the XChange 2022 Conference. While we attend to improve our service offerings and business, many of the insights will benefit your business as well.

1 Industry Consolidation Awareness 

As with most maturing, dynamic industries, consolidation of vendors is not unusual in technology. Bringing together complimentary technologies and solutions can create synergy and economies of scale.  Currently, we are seeing something a bit different.  Companies that provide the systems we use to run our business are acquiring products and services that we offer to our customers.  By offering solutions we sell, and the solutions we use, our vendors are hoping to provide us with better integration and efficiencies.

The risk, however, is that service providers will focus, or limit, their options to match the “single vendor” efficiency. While you, as the customer, may benefit from the efficiency, these benefits will be fleeting if the solutions do not meet your needs.

We, at Cumulus Global, will continue to offer multiple solutions for nearly all of the services we offer. We commit to this strategy because efficient mediocrity serves nobody well.

2 VDI is Better than O.K.

Acceptance and use of virtual desktop infrastructure (VDI) and remote desktop services is on the rise. Beyond an interim solution, VDI services prove to offer many businesses long term value. We see several reasons for considering a move to VDI, including:

  • Support for hybrid work environments. With employees working in office and remote, a VDI environment provides a single computing environment for your entire business.  Accessing files and applications is the same, regardless of location and end user device.
  • Strategic Savings. VDI services extend the useful life of your existing laptops and desktops.  Since VDI clients are not processing data locally, the demand on processors, memory, and disk space are minimal.  Aging equipment can remain in service without impacting performance.
  • Improved Security.  VDI services run in secure, professionally run data centers. We use Microsoft Azure and Google Cloud Platform for VDI services. VDI provides private, secure networks, with multiple access options to meet your business needs.
  • Business Continuity and Resiliency. The faster you can recover from a disaster or technology failure, the better your business will survive and grow. VDI services remove most of the risks from local disasters and system failures.  As you can access your services from anywhere you are Internet-connected, and from most any end user device, teams can easily relocate and work around localized disruptions.

As disruption of technology supply chains continues, VDI allows you to upgrade your environment without investing in new desktop and laptop devices. You can move forward with your business without worrying about system availability.

To explore if VDI services can help your business, contact us about our security assessments, or schedule an intro call with one of our Cloud Advisors.

XChange of Ideas – Security

XChange EventsLooking at what we learned during three packed days at the XChange 2022 Conference, we have much to share.  The XChange conferences help IT service providers, like Cumulus Global, explore emerging trends, challenges, products, and solutions.  While we attend to improve our service offerings and business, many of the insights will benefit your business as well. This XChange of Ideas shares three emerging security trends.

1 Security is Not a Technology

Most small and midsize businesses see themselves as having security because they have some security technologies and systems in place.  Security, however, is not a technology; security is an ecosystem that spans people, processes, and systems, as well as a lifecycle of prevention, response, and recovery. As important, we need to understand that managing our security

Most businesses still lack the basic set of security protections that span the security lifecycle. A solid security foundation should include advanced threat protection, next-gen endpoint protection, DNS security, web protection, multi-factor authentication, and encryption. A solid backup/recovery is also necessary; having a business continuity solution is preferred.

With the dynamic nature of threats and cyber attacks,  many businesses are at higher risk and should be deploying advanced security services. Advanced security services may include managed security incident detection and response (MDR) services, internal application whitelisting, segmentation, and other protections that can detect, halt, and stop the spread of an attack.

2 Cyber Insurance is Not Assurance

Cyber Insurance is more than a good idea, it is a necessity for almost every business.  But cyber insurance is not assurance that you can quickly recover from a cyber attack.

  • Cyber insurance underwriters have you complete a questionnaire or audit about your cyber protections, policies, and procedures. When you submit a claim, most cyber insurers will ask you to demonstrate that the protections were in place, how they were functioning, and that you follow the policies and procedures noted in your application.  If you cannot show that you do what you promise, expect your claim to be denied.
  • Your cyber insurance underwriters may prevent you from starting your systems and data recovery. Recovery typically destroys evidence of the attack, it’s cause, and it’s method of propagation. You may be unable to restore your systems and data for days — or even weeks — while your insurer completes a forensics investigation.

Having the right protections in place, and being able to demonstrate compliance, is a clear expectation to resolve cyber insurance claims.  Having a continuity solution in place that allows you to return to operation in parallel with a forensics investigation should be considered.

3 HIPAA is Not Just For Doctors

HIPAA is the regulatory cornerstone for protecting personal health information (PHI). These regulations control how we store, transmit, and share — procedurally and technically — PHI. Compliance, however, is not just required of healthcare providers, insurers, and others direct access to patient records. Businesses serving healthcare providers — those that sign a Business Associates Agreement — face compliance requirements as well.

HIPAA enforcement is expanding beyond Covered Entities to Business Associates, as is notable on the US Department of Health and Human Services Office of Civil Rights HIPAA “Wall of Shame

If you are not sure that your security services are up to par, contact us about our security assessments, or schedule an intro call with one of our Cloud Advisors.

Resources for Small Businesses and Solopreneurs

Email Security – Good, Better, and Best

When launched Cumulus Global 15 years ago to provide small and midsize businesses (SMBs) with email security and security solutions. As early adopters, we saw how cloud solutions made enterprise grade solutions affordable and effective for small businesses.  While much as changed over the past decade and a half, we still face email-based threats.

Email Attacks are Easy

According to Verizon’s 2021 Data Breach Report, email remains one of the most common vectors for attacks. And, phishing attacks are at the top of the list. Email phishing attacks remain prevalent because they are relatively easy. Cyber attackers are able to say one step ahead of our defenses, in large part to the rise in social engineering. With more of our personal information available through social media, attackers can use psychological tactics and personalized messaging to target specific individuals (spear phishing) and business leaders (whaling). In doing so, they garner sensitive information and gain access to systems and data.

Business Email Compromise

Business Email Compromise (BEC) attacks impersonate your email domains or emails for specific users. In most instances, BEC attacks look and feel like legitimate emails from your business. Combined with social engineering tactics and personalize information, they are hard to spot and often successful.  Attacks can be “internal” that target your employees, or “external” that use your business to defraud your customers and associates.

Email and Domain Impersonation

Preventing email and domain impersonation attacks bypass account level security, including multi-factor authentication. To prevent these attacks, recipients should only accept email that can be authenticated as coming from your domain.

Protection: Good, Better, Best

Currently, you have three levels of email domain security that can protect your business and your identity: Good, Better, and Best.

Good: SPF Sender Policy Framework

SPF verifies emails sent from valid IP addresses, either from your domain or authorized senders. While most small businesses have an SPF record configured, errors cause individual emails, or emails from marketing and CRM systems, to be flagged as spam by the recipient. Cyber attackers can spoof email addresses to give the appearance of a validated sender.

Better: DKIM DomainKeys Identified Mail

DKIM verifies that have been digitally signed by the sending domain, or by services sending email on behalf of the domain. Proper configuration is technical and involves cryptographic key management; errors can lead to fake messages with valid DKIM signatures. Cyber attackers can remove the DKIM signature using sophisticated relay attacks.

Best: DMARC Domain-based Message Authentication, Reporting,
and Conformance

DMARC authenticates email origin by aligning identifiers from SPF and DKIM, and instructs recipients to deliver, quarantine, or reject failed emails by policy. DKIM helps improve email deliverability. Is the best protection against email and domain impersonation attacks, whether they target your employees, vendors, or customers. Reporting enables you to see email sources and manage your policies.

Call to Action

While you set up SPF and DKIM with DNS record entries, DMARC is best implemented as a service. Doing so provides you access to settings, reports, and analysis tools. For most small and midsize businesses, the level of protection DMARC provides is worth the minimal cost.

You can learn more with our eBook: Email Security: Good, Better, Best.

To discuss your email security configuration, make an appointment with one of our Cloud Advisors, send us an email, or fill out our contact form.

Mandatory Google Workspace Transitions Begin

Google Cloud PartnerIf you have not completed your transition from G Suite to Google Workspace, Google will automatically begin Google Workspace transitions on January 31, 2022.  You will receive at least 30 days notice of your migration.

Please note that this transition includes significant changes to your subscription options, features/functions, AND PRICING.

Google Workspace

KEY POINTS TO KNOW:

  • Disruption: The transition is non-disruptive to end users and administrators, unless you decide to transition to a subscription with different features.
  • Pricing: Depending on your size and current G Suite services, keeping the same features may result in price increases of 50% to more than 300% (see below).
  • Savings: Cumulus Global can manage your transition, help you select the best Google Workspace for your business, and offer discount incentives for making your transition before the end of the year.

YOUR KEY DECISION:

You need to decide if you want to manage your transition or wait for Google to transition your subscription automatically.

If you chose to manage your transition, we can:

  • Save you money with Google-supported incentive discounts, provided we schedule your transition before the end of the year.
  • Help you select the best subscription plan/mix for your business, ensuring your business and security needs are met at the lowest cost.
  • Schedule your transition at a time that works for you and your team.
  • Educate your IT team on any new end-user, admin, and security features.
  • Support your IT team and end users.

YOUR MANAGED TRANSITION

To learn more about Managed Transitions, please contact us by email, or use the following form:


RESOURCES

In addition to more information in the “About” sections, below, we offer the following resources as well:

About: Automatic Transitions

Google will begin automatic transitions on January 31, 2022.

  • For annual subscriptions, the transition will occur at the end of your current annual or fixed term contract.
  • Companies on “Flex Plan”, month-t0-month services, Google will transition your account as quickly as possible
  • Google will determine the Google Workspace subscription based on your current product features, even if this change results in a significant price increase
  • Automatic transitions are not eligible for incentives or other discounts

About: Pricing Changes

The three biggest impacts on your Google Workspace pricing are your number of licenses,  features, and storage.

License Count

Companies with fewer than 300 users can select from three Google Workspace Business subscriptions.  Companies with more than 300 users will need to select from the two Google Workspace Enterprise subscriptions.  While you can mix and match licenses within the Business and Enterprise tiers, you cannot mix and match Business and Enterprise subscriptions.

Impact for companies with more than 300 users:

  • Companies running G Suite Basic, will see their per user license fees increase form $6 per month to at least $20 per month.
  • Companies running G Suite Business, will see their per user license fees increase form $12 per month to at least $20 per month.

Features

The biggest feature impact for most companies will be their use of Vault.  Companies running G Suite Basic and Google Vault, or running G Suite Business (which includes Vault), will need to transition to Google Workspace Business Plus. Because both Google Workspace Enterprise subscriptions include Vault, any company with more than 300 users will have Vault due to the license count-based migration requirements.

Impact for companies using Vault (with 300 or fewer users):

  • Companies running G Suite Basic plus Vault, will see their per user license fees increase form $11 per month to $18 per month.
  • Companies running G Suite Business, will see their per user license fees increase form $12 per month to at least $18 per month.

Storage

Added storage is no longer an option with Google Workspace. Because you can mix and match licenses within the Business and Enterprise tiers, you may need to transition users to different subscriptions based on their storage needs.

The Google Workspace subscriptions offer the following per-user storage:

  • Business Starter = 30GB, no Shared Drives
  • Business Standard = 2 TB, aggregated across the domain, with Shared Drives
  • Business Plus = 5 TB, aggregated across the domain, with Shared Drives
  • Enterprise Standard = Unlimited storage, with Shared Drives
  • Enterprise Plus = Unlimited storage, with Shared Drives

Other Changes: Vault Former Employee Licenses

Vault Former Employee (VFE) licenses are free or discounted Vault licenses for users that no longer have active G Suite accounts.  With the transition to Google Workspace, VFE licenses are no longer available; VFE licenses will transition to Archive User Licenses (AUL).

Archive User Licenses are NOT FREE. The per user per month pricing for AULs is as follows:

  • AUL – Business = $4
  • AUL – Enterprise Standard = $5
  • AUL – Enterprise Plus = $7

Companies with VFE licenses should plan for alternate retention strategies or potentially significant licensing fees.

 

The Kaseya Attack Effect

Data Protection & SecurityThe Kaseya attack demonstrates how cyber crime is a big, organized business.  How big? You can subscribe to “Ransomware as a Service” and outsource attacks on your intended targets.  How organized? Hacker groups and service providers, such as the REvil Ransomware Group and DarkSide, actively manage their brands and reputations.  The REvil attack on Kaseya shows us that cyber criminals are technically advanced and operationally sophisticated. The nature of the attack, and its scope, should scare you.

By using known vulnerabilities in Kaseya’s VSA Remote Monitoring and Management system, REvil was able to create an automated ransomware distribution network. They used the very systems that Managed Service Providers (MSPs) use to monitor and manage customer servers, computers, and networks.

The Impact

MSPs update their Kaseya VSA servers automatically installed the Ransomware on their customers’ systems, as well as their own. Best estimates are that up to  1,500 small and medium-sized companies are victims. While this number seems small, those 1,500 business face an existential threat. Remember: more than half of businesses victimized by ransomware fail within six months.

Most MSPs shut down their Kaseya VSA services before spreading the ransomware. These firms had no ability to monitor, manage, or remotely support their customers. Customers facing IT issues were met with longer diagnostic and resolution times, resulting in business disruption, lost productivity , and the possibility of data loss.

As a managed cloud service provider, Cumulus Global does not use the Kaseya VSA system.  Our clients were not at risk, via our services, from this attack.

The Lessons

We were on the sidelines for the Kaseya attack. We understand, however, that the way in which may cloud services are managed create connections between vendors, resellers, partners, and customers. While these connections do not generally provide any access to customer data, they do provide access to management functions and information about users.  This information, in turn, could be used to improve the effectiveness of phishing attacks, spoof identities, and gain access to systems.

As a trusted IT advisor and a managed cloud service provider, we are part of a connected supply chain. We take our responsibility to secure our part of that chain seriously. While we follow commercially accepted best practices for security and privacy, the Kaseya attack warns us to step back and re-evaluate our strategy, policies, and procedures.

Our Next Steps

Cumulus Global is conducting an internal review of all of our internal and operational systems, including vendor portals and services we use to order, provision, manage, and support cloud services. As part of this review we are examining our policies and procedures related to:

  • Identity management and protection
  • Access to the systems
  • System level permissions related to function and data
  • Roles and responsibilities with respect to security and privacy
  • Business continuity plans and capabilities

Through this process, we are challenging our assumptions, re-assessing how we operate security and effectively, and raising our expectations for how well we protect ourselves and our customers.

We will also be making recommendations to our clients, and the broader community, on steps they can take to improve their security profile and protections.

Your Next Steps

As a user of cloud services, and technology in general, have responsibilities as well.

We Can Help

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Quick Guide to Your Google Workspace Transition

Google WorkspaceIn October 2020, Google announced the transition of its productivity platform from G Suite to Google Workspace.  More than a simple branding change, the transition includes significant changes to your subscription options, features/functions, and pricing.

Big Picture

  • Google Workspace has two subscription tiers: Business and Enterprise
    • The Google Workspace Business tier offers three subscription options: Business Starter, Business Standard, and Business Plus
      • You may mix and match subscription types within the Business tier based on user and group needs
      • You total user count (licenses) cannot exceed 300
    • The Google Workspace Enterprise tier offers two options: Enterprise Standard and Enterprise Plus
      • You may mix and match subscriptions within the Enterprise tier
      • You have no limited on the number of user licenses

Big Impacts

Vault

As part of the repackaging, Google Vault is no longer available as an add-on.  G Suite Business subscriptions and G Suite Basic subscriptions with Vault as an add-on, will need to move some or all of their users to Google Workspace Business Plus.  At standard pricing, this means a price increase from $11 or $12 per user per month up to $18 per user per month.  For businesses that need Vault for regulatory or industry compliance, this increase in unavoidable.

License Counts

From companies with more than the 300 users, Google is forcing a move to the Google Workspace Enterprise tier.  While Google offered a grace period allowing companies with more than 300 users to transition to Google Workspace Business subscriptions for up to 3 years, the offer has expired and is not expected to return.

The impact is a standard price increase from G Suite Basic and G Suite Business at $6 and $12 per user per month, respectively, to $20 per user per month for Workspace Enterprise Standard.  As noted, below, we can help with transition incentives and discounts to help mitigate the increase.

Storage

Workspace Business Standard and Workspace business Plus have 2TB and 5TB per user, respectively. This storage is pooled and available to all users, reducing the likelihood that specific users will need additional storage space.  While rare, some businesses running G Suite Business with unlimited storage are above those limits.  This will also become an issue over time for some businesses, particularly those that work with large files, such as CAD, images, and video.

Big Incentives

Working with Google, we are able offer incentive and discounts for transitioning from G Suite to Google Workspace.

  • Incentives and discounts are greater if you transition before your annual renewal date
  • Greater discounts exist if you are willing to commit to a 2 or 3 year term, instead of a 1 year term
  • Incentives change quarterly and, generally, become less generous over time, so reach out to us for details and your specific options
  • We will work with Google to address any unique requirements and circumstances

Incentives and smart subscription and license planning will save you money and mitigate any cost increase related to your transition.

Your Next Steps

  1. Check out our Quick Guide – Google Workspace Transition that covers migration paths and the impact on features and costs.
  2. Contact us to discuss and map out your transition from G Suite to Google Workspace, or use schedule a brief call with one of our Cloud Advisors directly.


Webcasts

Cloud Cover – Manage IT All

3T@3 Webcast Series: Tuesday, Sept 20 at 3:00 PM ET

You can Manage IT All.  With all the benefits of cloud computing, our IT services seem more complex.  In reality, the complexity has shifted from locked computer rooms to the collection of apps we use on a daily basis.  For many small businesses, traditional IT support services do not meet current technology and business needs.

The right IT management and services add value and save money.

In our September 3T@3 Webcast, Cumulus Global CEO Allen Falcon discusses how you can Manage IT All by exploring IT management strategies for small and midsize businesses. Allen will focus on improving the value-add to your business by rethinking and adjusting your IT service model.  Managed cloud services can better match current and evolving business needs and priorities.


Want to dive deeper? Click here to schedule a “no obligation” meeting with one of our Cloud Advisors.

Hybrid Workplace

Cloud Cover – Hybrid Work

3T@3 Webcast Series: Tuesday, August 18 at 3:00 PM ET

Economic, market, business, and social changes are driving shifts in the way we work and the way we run our businesses. We, as a society, have learned that in most instances we can work productively and collaborate regardless of our physical location. Reclaimed commuting time, work-life balance, and refreshed personal priorities change employee perspectives on their work environment. Successful businesses will adapt to changing expectations.

You can, affordably, adapt your IT to hybrid work while improving security and resilience.

In our August 3T@3 Webcast, Cumulus Global CEO Allen Falcon discusses IT strategies and solutions to help you adjust your IT services to better support hybrid work. Specifically, Allen will dive into virtual desktop services as a way to provide seamless services for on-premise and remote workers.

View On Demand:

Hybrid Workplace

Streamlining Security

3T@3 Webcast Series: Tuesday, May 17 at 3:00 PM ET

The on-going coverage and hype about the threats of risks of cyber attacks continues. While small businesses are more vulnerable and more frequent targets, the constant fear-mongering does not help. We become immune to the message. 

Streamlining Security: Sound business practices, not fear, should be your motivation to protect against cyber attacks.

In our May 3T@3 Webcast, Cumulus Global CEO Allen Falcon will identify the most common and most costly cyberattacks facing small businesses. He will then outline concrete, affordable actions and solutions to protect against these types of threats.

View the Recording On-Demand:


Spring Cleaning Your Files

3T@3 Webcast Series: Tuesday, April 19 at 3:00 PM ET

Have you counted the number of places where you store your files? How often do you need to search more than one service or location to find what you need? You are not alone! In an era of virtually unlimited and nearly free storage, we fail to keep things organized. The clutter makes it more difficult to find what we need, collaborate with colleagues, and save what we must.

Using the file services you already have will increase productivity, protect your information, and save you money.

In our April 3T@3 Webcast, Cumulus Global CEO Allen Falcon looks at how small and midsize organizations can most effectively use cloud file services to improve productivity, enhance security and privacy, and lower costs. With an understanding of personal file services – OneDrive and My Drive – and domain file services – Shared Drives and Sharepoint, businesses can build a file service that organizes and protects files in ways that make them easier to find, share, and use. With an eye on best practices, Allen will compare types of file services, define the role and use of desktop file service clients, and discuss ways to eliminate costly, redundant services. He will also share some Quick Tips that your staff can use to make it easier to work as a team.

View the Recording On-Demand:



Beyond Backup

3T@3 Webcast Series: Tuesday, March 15 at 3:00 PM ET

We all know that we need to backup our data and our systems. The vast majority of us have backup solutions in place. Most of us will be able to restore our data or recover from a disaster. Only a few of us will be able to do so with minimum disruption to our businesses and our lives.

Being able to restore data is not an option. The real measure of success is how quickly you can get back to work.

In our March 3T@3 Webcast, Cumulus Global CEO Allen Falcon looks at evolving business needs for data protection and business continuity. He will discuss the difference between “mean time to recovery” (MTTR) and “Return to Normal Operations” (RTO) and how these measures impact your business. He will also map out how restore, recovery, and continuity solutions offer different value propositions for you and your business and how to look at total cost and impact when selecting your solution.  

View the Recording On-Demand:



Business Continuity & Protection

Peak Productivity

3T@3 Webcast Series: Tuesday, February 22nd at 3:00 PM ET

We all have our jobs to do. We want to do well. We want to succeed. We want and need peak productivity. 

While “hacks” are trendy, productivity is boosted when we understand how to best use the tools we have.

In our February 3T@3 Webcast, Cumulus Global CEO Allen Falcon takes a look at features and tools that can save you steps, simplify your day, and boost your productivity. Whether you run Microsoft 365 or Google Workspace, learn how to get more done, more efficiently.

View the Recording On-Demand:



Managed Cloud Services

Keep IT Simple

3T@3 Webcast Series: Tuesday, January 25th at 3:00 PM ET

For small and midsize businesses, particularly solopreneurs and very small businesses, information technology is a double edged sword. Solid IT services are critical to your success, but they consume your time and budget.

Using managed services ensures you have effective and affordable services and frees up time and money to focus on your core business activities.

In our January 3T@3 Webcast, our CEO, Allen Falcon, provides an IT roadmap for solopreneurs and very small businesses (those with fewer than 5 to 10 people). The roadmap is designed to ensure you have the communication, collaboration, and security features and functions you need, along with the services and support to prevent IT headaches and disruptions to your business. Allen will also walk through a value analysis, looking at the hard, soft, and opportunity cost and savings of well-managed IT services.

Please join us, and bring your questions, for this informative session.

View the Recording On-Demand:



Managed Cloud Services

2022 is Here; What’s Next?

3T@3 Webcast Series: Tuesday, December 14th at 3:00 PM ET

It was not all that long ago that we thought the COVID-19 pandemic would be winding down and we would be returning to normal.  And while the shape and direction of COVID-19 pandemic is different now, the impacts are still very real and significant.

COVID-19 triggered fundamental changes in the economy, markets, and society that alter the way we need to operate our businesses and work as individuals.

In our December 3T@3 Webcast, our CEO, Allen Falcon, will cover the societal, economic, and market forces at play and how small and midsize businesses can adapt. From the “great resignation” and a broad labor shortage, to supply chain disruption and the shift to remote/hybrid work and office, Allen will explore ways small and midsize businesses can better leverage technologies and resources to respond to these challenges. And, to help your business survive and thrive.

View the Recording On-Demand:



Managed Cloud Services

Four Cornerstones for Cloud Security

3T@3 Webcast Series: Tuesday, November 16th at 3:00 PM ET

As Cyber Security month has come and gone and we still face increasing security challenges when protecting our businesses, customers, and employees. The rate of attacks against small and midsize enterprises continues to increase, as does the sophistication of these attacks. Beyond regulatory compliance and insurance risk, these attacks disrupt operations and put your operations, cash flow, and reputation at-risk. The good news: you can create a sound security foundation without breaking the bank.

Four security cornerstones create a solid foundation for your cloud security

In this month’s 3T@3 Webcast, our CEO, Allen Falcon, defines and details the four cornerstones for cloud security. He will delve deeper and walk through a road map for using the four cornerstones across your IT services and your organization.  With this road map, you will be able to:

  • Assess your security footprint
  • Identify security gaps
  • Prioritize changes and security services

Please join us, and bring your questions, for this informative session.

View the Recording On-Demand:



Managed Cloud Services

Cloud File Services

3T@3 Webcast Series: Tuesday, October 19th at 3:00 PM ET

As we continue to adapt to post-COVID realities, our businesses face new market pressures as well as new needs and expectations for how our teams will work and collaborate. Remote work is here to stay; Cyber security remains a challenge; Business continuity plans are necessary; Budgets must be respected.

Moving To A Cloud File Service Is A Strategic Approach For Access, Security, And Resilience

In this month’s 3T@3 Webcast, our CEO, Allen Falcon, dives into the what, why, and how of managed cloud file services. Allen will discuss:

  • When cloud file services are a viable replacement of on-premise file services
  • Providing native access to desktops, laptops, and mobile devices
  • Security and privacy
  • Backup/recovery
  • Data loss prevention

Allen will also discuss migration strategies and ensuring consistent services for in-office and remote users.

View the Recording On-Demand:



Managed Cloud Services

library

A Cyber Insurance Primer

Cyber Insurance Primer

With the increase in cyber attacks on small and midsize businesses, we recognize the need for cyber insurance to protect against potentially catastrophic financial loss. Completing applications and underwriting process seems like a pro forma process. All too often, however, businesses learn that the process is significantly more complicated.

Most cyber insurers do not help with the services you need in the event of a data breach. Even more challenging, insurers are denying claims if businesses cannot demonstrate compliance with their underwriting documents.

Cyber Insurance is a tool, not a solution.

This slide desk from our June 2022 3T@3 Webcast, discusses cyber insurance trends and expectations, and as a key component of your response to a cyber attack.

Please confirm the information, below, to view and download the slide deck:

Email Security: Good, Better, Best

eBook - Email Security - Good, Better, Best.eBook | Source: Cumulus Global

While much as changed over the past decade and a half, we still face email-based threats.

Why? Email Attacks are Easy.

Cyber attackers are able to say one step ahead of our defenses, in large part to the rise in social engineering. With phishing attacks and compromised identities, email impersonation and domain impersonation attacks can bypass traditional account security measures, including passwords and multi-factor authentication.

This eBook

  1. Provides an overview of the challenges
  2. Identifies three levels of email security protection: SPF, DKIM, and DMARC
  3. Discusses the value proposition for robust email security and protection

Please confirm your information, below, to view and download the eBook:

IT Services for Solopreneurs and VSBs

eBook - IT Services for Solopreneurs and VSBseBook | Source: Cumulus Global

IT Services pose unique challenges for Solo entrepreneurs, aka “solopreneurs”, and very small businesses (VSBs). As many IT services focus on larger organizations, these entrepreneurs and businesses share unique challenges.

Maintaining a professional IT work environment; separating business and personal apps and data; security and privacy; limited access to IT expertise; keeping IT simple; and limited budgets are challenges that require an IT strategy and sound decision making.

More than having IT services that are “good enough”, solopreneurs and VSBs need technology to save them time, effort, and money.

This eBook proposes goals and objectives that solopreneurs and VSBs should consider when planning and selecting their IT services. Based on these objectives, the eBook defines benefit-centric approach to creating a baseline set of services to have in place, and how leveraging managed services provides the administration, service, and support that creates value.

Please confirm the information, below, to view and download the eBook:


The Transition to Google Workspace

In October of 2020, Google announced the rebranding and restructuring of G Suite into Google Workspace.  In doing so, Google created two subscription tiers — Business and Enterprise. Within each tier, Google announced new subscription options with features aligned to better match what organizations of different sizes need and want in the productivity suite. With the transition to Google Workspace, most businesses gain communication and collaboration features they need and want.

For many businesses, maintaining current capabilities comes with a significant increase in subscription fees.

To help you plan your transition to Google Workspace, this slide deck with notes from our Coffee & Clouds Series webcast covers

  • Subscription changes
  • Transition options
  • Pro/Con considerations for each transition path

Please confirm the information, below, to view and download the slide deck:


State of Security for Small and Midsize Businesses

State of Security for SMBseBook | Source: Microsoft

If you work at a small or medium-sized business (SMB), you probably juggle multiple roles, including cyber security.

Gone are the days when cybercrime was exclusively a big business problem. In the modern workplace, all businesses are at risk regardless of their size or industry. Businesses recognize that a cyber security  program is an essential part of running a company.

This eBook identifies key findings from studies and surveys for small and midsize businesses and makes recommendations to ensure your business is protected, and can recover, from cyber attacks.

Please confirm the information, below, to view and download the ebook



Protect Your Business – Top 3 Security Threats

Protect Your BusinesseBook | Source: Microsoft

Security threats take many forms. Most owners of small and medium-sized businesses (SMBs) are aware of the need to defend against the top three — viruses, ransomware, and phishing attacks — but their organizations are generally not as prepared to deal with the risks related to employees leaking data or sharing sensitive information, whether maliciously or accidentally.

You face many of the same threats as larger organizations, but also the unique challenges around budgeting and setting priorities as the leader of a small or medium-sized business.

This eBook explores how you can safeguard your business against the top three security threats, plus the one threat your business is probably overlooking.

Please confirm the information, below, to view and download the ebook



Crash Course in Office 365

Office 365 Crash CourseeBook | Source: Microsoft

How Microsoft 365 and Office 365 can help you grow your business.

You already know the productivity power of Office applications like Word, PowerPoint, and Excel. Full adoption empowers you to access your content from any device, coauthor with anyone in real time (regardless of whether or not they’ve purchased a copy of Office), and use the power of artificial intelligence (AI) to create more impactful content with less effort.

This eBook is a six step crash course in empowering your team by leveraging the capabilities and features of Office 365 and Microsoft 365.

Please confirm the information, below, to view and download the ebook



Global Year in Breach – 2021

eBook | Source: ID Agent

Fundamental changes in the way we lived and worked made 2020 a wild year for cybersecurity professionals. The resilience of every company was tested in the midst of a pandemic-induced, volatile economy as threats snowballed in the wake of a rapid shift to remote workforce support.

Adding to, and perhaps fueled by, those challenges, a cybercrime boom that included record-breaking phishing and ransomware threats ratcheted up the stress. Sectors unaccustomed to being targeted by cybercriminals suddenly found themselves under siege while unprepared companies quickly learned the cost of failing to take cybersecurity seriously.

The Global Year in Breach 2021 report, gathers and analyzes data from industry-leading cybersecurity
solutions, combined with illuminating industry statistics to give you a clear picture of how the data breach landscape evolved in 2020.

Through this lens, this report provides insights into how global events can rapidly transform the cybersecurity landscape. The report forecasts continuing and emerging cybersecurity trends for 2021 and provides helpful advice about smart risk mitigations that fit every business and every budget.

Please confirm the information, below, to view and download the ebook



Google Workspace Security

Google Workspace SecurityeBook | Source: Google

We fully understand the security implications of powering your business in the cloud.

Because Google and our enterprise services run on the same infrastructure, your organization will benefit from the protections we have built and use every day.

      • Secure by design
      • Product security innovation
      • Compliance, eDiscovery, and analytics
      • Transparency

Our robust global infrastructure, along with over 700 security professionals and our drive to innovate, enables Google to  stay ahead of the curve and offer a highly secure, reliable, and compliant environment.

Please confirm the information, below, to view and download the ebook



Make it Work: The Future of Collaboration and Productivity

Make it WorkeBook | Source: Google

Many of the technologies , trends , and cultural norms that will shape tomorrow’s workplaces are already transforming forward thinking organizations around the world. In other words , the future of work is here it’s just not evenly distributed.

This report identifies three important and impactful changes businesses  can make to catch up with competitors that are already working in the  future:

  • Give people the tools to save time and work faster
  • Empower people to access knowledge and share ideas
  • Let people work how they want: flexibly and collaboratively

Armed with these three strategies , businesses can improve productivity and encourage innovation while better  meeting the needs of their customers and their employees now and in the decade (or more) ahead.

Please confirm the information, below, to view and download the ebook