Posts

Picking the Right Google Workspace Subscription for Your Business

/in

Google Premier PartnerTo meet widely varying customer needs, Google offers five core subscription options spread over two tiers. For larger organizations with frontline and deskless information workers, Google offers additional, specialized license options. If you are looking at a Google Workspace subscription for the first time, considering an upgrade, or looking for Gemini AI features, you’ll want to choose the subscription and licensing that meets your needs without overpaying.

Subscription Tiers

Business Tier

Businesses with fewer than 300 employees typically select one of the Business Tier subscriptions– Workspace Starter, Standard, and Plus. These subscriptions limit the number of users and focus on the features and security most appropriate for smaller organizations.

Enterprise Tier

Larger businesses, as well as those requiring more advanced capabilities and security, often opt for the Enterprise Tier subscriptions– Standard and Plus. The Enterprise Tier also includes specialized license versions for frontline workers and knowledge workers with other email services.

Selection Criteria

When selecting a subscription, most businesses focus on a few key capabilities, such as:

  • Storage capacity and shared drives
  • Vault archiving/e-discovery
  • Google Meet features
  • Select security capabilities

With AI now integrated into all Google Workspace subscriptions, you should take time to understand the Gemini features included in each plan. A deeper review of security features can also help guide your selection.

Here is a deeper look at key selection criteria.

Storage

Since September 2024, all Google Workspace subscriptions use pooled storage.

Vault, the compliant archive/e-discovery service, covers Gmail, Drive, Groups, Chat, and Calendar, is available for all Enterprise Tier subscriptions and Business Plus.

The amount of storage, allocated per user and pooled, is as follows:

Business Tier

  • Starter = 30 GB
  • Standard = 2 TB
  • Plus = 5 TB

Enterprise Tier

  • Essentials = 1 TB
  • Standard = 5 TB
  • Plus = 5 TB

Meet

Google Meet is a robust meeting and collaboration system that generally negates the need for third party solutions.

Google Meet with Business Standard and Plus

Meet Features in Business Standard and Plus Subscriptions

All Google Workspace licenses include a core set of features:

  • External participants
  • Secure meetings
  • Screen sharing
  • Mobile app
  • Dial-in (US & international)
  • Digital whiteboard
  • Hand raising
  • Reaction

At the Business Tier, Meet features scale up  as noted in the table.

The Enterprise Tier includes live streaming and additional security features with all licensees.

Participant limits increment as follows:

  • Essentials: 250
  • Standard: 500
  • Plus: 1000

Gemini AI in Google Workspace

The following matrix summarizes the Gemini AI features in each of the core Google Workspace subscriptions.

Google Workspace Gemini AI Features

Security

Google Workspace provides a comprehensive set of security features and tools. With too many settings and options to list here, we published a Google Workspace Security Feature Matrix as an eBook. 

Review security features against your regulatory, industry, and business requirements.

Selection Process

When evaluating Google Workspace subscriptions, it’s essential to assess the details. Part of your selection process should include determining whether selecting a higher subscription tier or upgrading is more cost-effective than integrating third-party tools to provide the functionality you need.

For example, while Google Workspace’s Standard Data Protection includes email sandboxing, the feature does not offer the same capabilities– such as QR code analysis– as many third-party email threat protection services. 

In many cases, upgrading your Google Workspace subscription provides the needed capabilities at a lower cost than using a third-party tool. This is often true for Google Meet compared to third-party web meeting tools like Zoom.

For other capabilities, however, a third-party integrated solution may still be required.

Your Next Steps

For help assessing your needs and options, please contact us or schedule a brief intro call with a Cloud Advisor.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

PC Continuity Means Business Continuity

/in

PC ContinuityIn today’s fast-paced business world, the ability to maintain continuous PC operations is crucial for your business. With limited resources and manpower, you cannot afford to lose data or prolonged downtime. A crashed laptop can take 4 or more days to repair (or replace) and rebuild. The impact on your ability to serve your clients, manage marketing and sales, and invoice will be operationally and financially disruptive.

Backup Covers the Basics

Backup solutions are foundational to business continuity, particularly for small enterprises. A reliable backup service ensures your critical data is secure and recoverable. Having backups off-premise, or in the cloud, extends your protection to physical hazards that can damage local backup systems.

Backups, while essential, come with challenges.  Before you restore, you need to repair or replace damaged equipment. This takes time. Restoring from the cloud is limited by bandwidth. This takes time.  Repair and restore gets you your data back, but slowly. Meanwhile, you will struggle to run your business.

Unique IT Challenges

As a sole practitioner or other very small business, you face unique IT challenges. With limited devices, a single computer failure can bring your business activities to an abrupt and extended halt.

Unlike larger businesses, you likely don’t have the budget to keep spare equipment on hand or to quickly purchase replacements.

As a small business leader, you want, and need, to strike a balance between risk, protection, and budget.


Connect with a Cloud Advisor

A Solution Set for Smaller Businesses

Fortunately, you have service options that help minimize your risk for business disruptions due to PC problems. 

PC Continuity

You can overcome the challenges and limitations of backup/recovery solutions without breaking the bank. PC Continuity solutions enable you to keep your business running while your PC is repaired or replaced and restored.

PC Continuity captures full images of your device multiple times per day. When needed, the image loads and runs on a virtual desktop in a cloud data center. You can access your system’s image from any device with a web browser or a thin client agent.

With PC Continuity, you can return to work quickly. For a small incremental fee above your backup/recovery service, your business keeps running.

Monitoring and Management

Ensuring your computers are current with respect to patches and updates helps ensure optimal performance and security.  Monitoring for system performance can also flag hardware issues before they cause damage or fail.

Remote monitoring and management services track the health of your computer and can alert your IT service team to issues and conditions before they become problems. The service allows for managing system and software updates and can provide remote access to your IT support team when needed.

Lifecycle Management

Larger companies use lifecycle management to manage their computer purchasing and upgrade cycles. For small businesses, lifecycle management focuses on extending the lifespan of your devices and understanding when it is best to upgrade or replace aging systems.

Besides tracking age and warranty status, these services can include extended warranty and accidental damage coverage plans.  These coverages provide repair or like-device replacement.  Having extended warranty and accidental damage coverage reduces the risk of maintaining older systems. In the event of an expected failure or accident, you can avoid early replacement costs.

Some lifecycle management services include certified electronics disposal, helping you avoid e-waste compliance issues and disposal fees.

Your Next Steps

Understanding the risks and impact of PC/Laptop problems, you should decide the value of the various levels of protections.  While protection and continuity services come at a cost, a single incident with your PC or Laptop can cost you in days of lost productivity, damaged or lost data, and thousands of dollars.

To assess your risks, protections, and business continuity needs, please contact us or schedule a brief intro call with a Cloud Advisor.  The assessment is free and without obligation.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

What is Pen Testing and Why You Should Care

/in

Penetration TestingCyber threats are evolving at an alarming rate, posing significant risks to your business. Penetration testing, commonly referred to as “pen testing,” is becoming a vital, proactive tool for assessing your risks.

Pen testing simulates a cyber attack on a computer system aimed at identifying vulnerabilities and testing the security of IT systems. Pen testing goes beyond electronic systems; it encompasses the entire IT ecosystem, including human elements and physical security. 

As cyber threats diversify, pen testing has become an important cybersecurity practice and an emerging requirement for cyber insurance.

Types of Pen Testing

Pen testing falls into various categories, each targeting different aspects of your business’s IT infrastructure:

  • External Testing:
    Evaluates vulnerabilities in the systems that are visible from the outside, such as web applications, servers, and network devices. It simulates attacks attempting to breach your network from the Internet.
  • Internal Testing:
    Examines what could happen if an attacker gains access to the internal network. It highlights potential damage and data exposure risks from within your organization.
  • Targeted Testing:
    A collaborative effort between your IT team and the testers, providing real-time insights into the attacker’s perspective and your response.
  • Blind Testing:
    Testers receive limited information about the target, mirroring the knowledge an actual attacker might have. This helps assess your organization’s security posture from an outsider’s perspective.
  • Double-Blind Testing:
    An advanced form of blind testing where neither the testers nor the IT staff are aware of the test. It evaluates the effectiveness of the security monitoring and incident response processes.

Benefits of Pen Testing for Businesses

Investing in pen testing offers businesses several compelling advantages:

  • Identifying Vulnerabilities:
    Pen tests expose weaknesses in systems, applications, and networks, allowing you to address them before they are exploited.
  • Prioritizing Risks:
    Not all vulnerabilities carry the same weight. Pen tests help you prioritize risks based on their potential impact and likelihood, guiding you on where to focus your efforts and resources.
  • Enhancing Security Measures:
    Insights from pen tests can guide the implementation of stronger security controls, such as multi-factor authentication, data encryption, and improved access management.
  • Boosting Cyber Insurance Prospects:
    Many insurers require regular pen testing as part of their coverage criteria. Demonstrating proactive security measures can lead to better terms and premiums.
  • Regulatory Compliance:
    For industries with stringent regulatory requirements, pen testing can help you assess compliance with standards like HIPAA, PCI-DSS, and GDPR. It can also help you benchmark against cybersecurity frameworks, such as CIS, NIST, and CMMC.

Getting Started

The best way to get started with pen testing is to perform a basic, preliminary scan of your environment. Referred to as a “Level 1” test, this snapshot provides a baseline assessment. From this assessment, you can determine what, if any, mitigation efforts are needed to improve your security, meet compliance requirements, and/or secure cyber insurance.

Your Next Step

Cumulus Global offers a free Level 1 Pen Test to qualifying organizations. Click Here to Request your test and to access related resources.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

Change Management in Cyber Security

/in

Security, Privacy, & ComplianceCyber Security Will Change Companies

IT change management is a structured process for evaluating proposed IT system or service changes. This procedure is carried out prior to implementing the requested change on an organization’s network, reducing or eliminating network outages.

At a recent security and risk management summit, Gartner shared their views of how cyber security will change companies.  While Gartner’s predictions focus on larger enterprise, several of their observations will likely hold true for small and midsize businesses (SMBs) when it comes to change management in cyber security processes.

Here are some observations and our view of how they will impact small and midsize businesses.

Impacts of Cyber Security Change Management

Through 2023, government regulations requiring organizations to provide consumer privacy rights will cover 5 billion citizens and more than 70% of global GDP.

Privacy regulations will continue to expand as more nations pass legislation establishing privacy requirements.  Within the US, we expect more states to follow California, New York, and Massachusetts with varying levels of regulations. Along with the regulations come the potential for fines and increase civil litigation, making it vital to pursue cyber security change management. In many of the statues, the protection is afforded the customer based on the customer’s location, not the location of the business.

For SMBs, establishing and maintaining a sound change management cyber security footprint is essential. Beyond the cloud infrastructure technology tools, businesses need to educate employees and have the policies and procedures in place. These policies and procedures should define expectations for employees and for how the business will respond to an incident.

By 2025, 80% of enterprises will adopt a strategy to unify web, cloud services and private application access from a single vendor’s SSE (Security service edge) platform.

Protecting access to systems is more challenging as the proliferation of usernames and passwords continue.  As the human element can be the greatest security challenge, Identity and Access Management (IAM) solutions will become the norm.

For SMBs, Single Sign-On (SSO), centralized identity/password vaults, and other tools are available and are, generally affordable.  Many SMBs current hesitate given the incremental cost per user per month. As the cost and risk of missing becomes greater, we expect SMBs will see value of Identity and Access Management solutions. These solutions will become the norm within a cyber security strategy, not an add-on.

By 2025, 60% of organizations will use cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements.

With increased concern and scrutiny from customers, consumers, and regulators, businesses are under increasing pressure to monitor and protect against third-party cyber security risks.  This trend will impact SMBs in two ways.

  1. Given the prevalent use of business email addresses as identities for third party applications and services, SMBs will monitor for reported breaches. Third party breaches give cyber criminals an attack vector.
  2. Larger enterprises will see businesses in their supply chains as potential security risks. They will increasing include cyber security requirement in vendor authorization process and in contracts.

SMBs need to be ready to meet the security and risk management demands — people, process, and technology — of their customers.

By 2025, 70% of CEOs will mandate a culture of organizational resilience to survive coinciding threats from cybercrime, severe weather events, civil unrest and political instabilities.

As businesses adapted to the COVID-19 pandemic, the inability of most businesses to respond to large scale disruptions exposed flaws in traditional business continuity planning. The pandemic put a spotlight on the need for business resiliency and continuity plans for businesses that had not yet considered continuity to be a priority.  The level of planning to address the threats from cybercrime will need to be the same as the planning for other disasters and business disruptions.

For SMBs, leveraging cloud solutions will remain the most cost-effective business continuity option.  Moving systems and applications into cloud services increases security, adds redundancy, provides geographic diversity, and provides better remote access than on-premise systems.  SMBs are at greatest risk from local or regional issues. Managed cloud services … even if only a “lift and shift” of existing servers and applications … will be accepted as a cost-effective way to improve cyber security processes, security and resiliency.

Final Thoughts on Change Management in Cyber Security

We expect small and midsize businesses will need to expand and change their cyber security footprint and processes. They will need to improve resiliency.  Appropriate solutions such as cyber insurance and breach response are available and are affordable.  Businesses can meet their security, resiliency, continuity, and operational needs effectively and affordably. The inherit advantages of cloud services and solutions make this possible.

To evaluate your requirements and readiness for better security and resilience against cyber attacks and other business disruptions, contact us for a consultation, or book some time with a Cloud Advisor.  The consultation is free and without obligation.