Posts

Microsoft or Google Calling? Call Your Trusted Advisors

/in

Ringing PhoneYou work with an IT service provider that learns your business, priorities, and IT needs. They work to address your needs and priorities within your budget and in alignment with your business goals and objectives. When economic conditions shift, the vendors with whom your IT service provider partners – Google, Microsoft, and others – get nervous and begin calling you directly, bypassing your trusted advisors.

Since February, we have seen and received reports that our customers, and those of other Microsoft partners, are receiving unsolicited calls, emails, and calendar invites from “Microsoft” about their accounts, licensing, and renewals. These unsolicited contacts are NOT Microsoft “solutions consultants” or “international suppliers” as they might claim. They are Microsoft telemarketing contractors tasked with convincing you to upgrade and expand your Microsoft licensing.

Why is This a Problem?

The contractors doing the outreach do not know your business, nor do they know the extent of your relationship with us, or your Microsoft partner.

  • Their suggestions are often incorrect.
    • They are not aware of how you are using your Microsoft 365 services and the needs of your business.
    • They are not aware of other services you are using, such as backup/recovery and third party security services.
    • Many of their recommendations will duplicate services and costs.
  • The communications and tactics are often aggressive.
    • They may state that they have reviewed or audited your account and you need to upgrade. They may also claim that you need to do an audit, giving you the impression that you are out of compliance.
    • They may attempt to refer you to specific vendors for assessments and services. These often duplicate services you already have or that can be provided more cost-effectively by us or your current Microsoft partner.
  • Customers and Microsoft partners report that the calls and meetings are often just high-pressure sales pitches to buy more seats – a waste of time.

What To Do

If you receive a call or email that you suspect is from a Microsoft “Solutions Consultant” or “International Suppliers”, verify that this is the case. Ask if they are a Microsoft employee or contractor and where they are based. Note that their email address will start with a “v-”, indicating they are a vendor – even though the domain remains “microsoft.com”.

If you do not want to engage, let them know as much and instruct them to contact Cumulus Global, or your partner. We, or your partner, will be happy to screen the call and advise you if the offer is worth considering.

Do you want to engage? Insist that Cumulus Global, or your Microsoft partner, is invited and participates in the meeting. We can provide context to the “consultant” and guidance to you.

Microsoft is not the only vendor that may bypass your IT service provider and contact you directly. It is always best to loop-in your IT service provider.

Your Next Step

At Cumulus Global, our priority is ensuring that you have productive, secure, and affordably managed cloud services. We work to ensure that you do not overspend on services and to focus your IT dollars on the capabilities and services you need.

If your needs or priorities change, let us know or schedule a meeting with a Cloud Advisor. We will help you adapt while keeping your IT services secure and cost-effective.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

Debunking Cyber Insurance Myths

/in

Cyber Insurance Risk Assessment

Your business faces an ever-increasing array of cyber threats. Beyond protections, cyber insurance is an essential component of a robust risk management strategy. Therefore, understanding cyber insurance realities is necessary for you to make sound security and business decisions. In this post, we focus on debunking common cyber insurance myths.

1MYTH: Cyber Insurance Policies Offer the Same Level of Protection

In reality, policies vary significantly with respect to coverages and services. Opting for bundled policies generally results in coverage gaps, as most general liability policies treat cyber coverage as an add-on.These gaps leave your businesses vulnerable to liabilities and losses.

Standalone cyber insurance policies, provided by financially strong carriers, offer comprehensive protection tailored to the specific needs of your business. They address unique risks associated with cyber threats given your industry, business size, and other risk factors. Standalone policies also often include coverage of forensics, temporary resources, and other recovery needs. Dedicated coverage helps you respond more effectively to a cyber incident.

2MYTH: Your IT Security Measures Dictate Your Premiums.

While robust security practices can positively impact premiums, broader industry trends and company-specific factors play a more significant role in determining pricing.

Industry-wide loss ratios have a substantial impact on insurance costs. Peer group averages impact premiums as well. Insurers assess the risk profile of businesses within sectors. As insurers issue more policies and analyze claims, insurers refine actuarial, incorporating additional factors and risks.

3MYTH: Cyber Insurance Policies do Not Pay Out

Many businesses hesitate to buy standalone cyber insurance policies out of fear that their policy will not pay out in the event of a claim. Reputable cyber insurers with strong financials rarely deny claims with a valid cause..

Inaccurate, or fraudulent, applications are the most frequent reasons for claim denials or reductions. 

Your application must accurately reflect your cyber insurance risk profile. The information you provide on your cyber insurance application should reflect a thorough review process. Cybersecurity tools offer verification of your security profile.

4MYTH: Cyber Insurance is All You Need

Many businesses, including yours, may need additional layers of protection for specific cyber risks. These additional coverages may not be available within a traditional cyberinsurance policy.

Cyber warranties offer additional layers of protection by covering these specific elements of cyber risk. Combining cyber warranties with cyber insurance creates a more comprehensive safety net. This approach bolsters your overall security strategy and ensures appropriate coverage.

5MYTH: Robust Cybersecurity Measures Eliminate the Need for Cyber Insurance

Investing in strong cybersecurity defenses provides crucial protection for your business. No security profile or system, however, will stop every cyber attack, data breach, or data loss incident. Cyber threats continually evolve. Even the most secure systems fall victim to sophisticated attacks.

Cyber insurance serves as your financial safety net. Beyond covering direct financial losses, better policies help you recover from incidents that slip through the cracks of your security measures. These resources include forensics, data recovery, customer relations, legal expenses, and more. Cyber insurance protects you financially if and when a cyber attack gets past your defenses.

6MYTH: Obtaining Cyber Insurance is Complicated and Time-Consuming

The thought of obtaining cyber insurance deters many businesses from seeking the coverage they need. Horror stories of complex applications, surveys, and audits create anxiety and fear of the process. 

Unfortunately, this myth can come true. Businesses that apply through general insurance agents and fail to leverage knowledgeable IT resources often run into issues during the underwriting process.

Cumulus Global partners with cyber insurance specialists that offer streamlined application processes and non-committal quotes. Our partners work with more than two dozen carriers, ensuring you have options to choose the policies that meet your business needs and budget. Non-biased policy reviews help you understand your coverages and make informed decisions.

Related Information

Cyber Security Requirements for Cyber Insurance (eBook)

5 Questions for Lower SMB Cyber Insurance Premiums (Coffee & Clouds)

Security CPR (Cloud Burst)

Security CPR Managed Security Services (Service Overview)

Your Next Step 

Avoid falling prey to cyber insurance myths. Contact us and let us introduce you to our cyber insurance partners.

We can provide you with a Cyber Insurance Risk Assessment and help you assess your cybersecurity profile.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

Picking the Right Google Workspace Subscription for Your Business

/in

Google Premier PartnerTo meet widely varying customer needs, Google offers five core subscription options spread over two tiers. For larger organizations with frontline and deskless information workers, Google offers additional, specialized license options. If you are looking at a Google Workspace subscription for the first time, considering an upgrade, or looking for Gemini AI features, you’ll want to choose the subscription and licensing that meets your needs without overpaying.

Subscription Tiers

Business Tier

Businesses with fewer than 300 employees typically select one of the Business Tier subscriptions– Workspace Starter, Standard, and Plus. These subscriptions limit the number of users and focus on the features and security most appropriate for smaller organizations.

Enterprise Tier

Larger businesses, as well as those requiring more advanced capabilities and security, often opt for the Enterprise Tier subscriptions– Standard and Plus. The Enterprise Tier also includes specialized license versions for frontline workers and knowledge workers with other email services.

Selection Criteria

When selecting a subscription, most businesses focus on a few key capabilities, such as:

  • Storage capacity and shared drives
  • Vault archiving/e-discovery
  • Google Meet features
  • Select security capabilities

With AI now integrated into all Google Workspace subscriptions, you should take time to understand the Gemini features included in each plan. A deeper review of security features can also help guide your selection.

Here is a deeper look at key selection criteria.

Storage

Since September 2024, all Google Workspace subscriptions use pooled storage.

Vault, the compliant archive/e-discovery service, covers Gmail, Drive, Groups, Chat, and Calendar, is available for all Enterprise Tier subscriptions and Business Plus.

The amount of storage, allocated per user and pooled, is as follows:

Business Tier

  • Starter = 30 GB
  • Standard = 2 TB
  • Plus = 5 TB

Enterprise Tier

  • Essentials = 1 TB
  • Standard = 5 TB
  • Plus = 5 TB

Meet

Google Meet is a robust meeting and collaboration system that generally negates the need for third party solutions.

Google Meet with Business Standard and Plus

Meet Features in Business Standard and Plus Subscriptions

All Google Workspace licenses include a core set of features:

  • External participants
  • Secure meetings
  • Screen sharing
  • Mobile app
  • Dial-in (US & international)
  • Digital whiteboard
  • Hand raising
  • Reaction

At the Business Tier, Meet features scale up  as noted in the table.

The Enterprise Tier includes live streaming and additional security features with all licensees.

Participant limits increment as follows:

  • Essentials: 250
  • Standard: 500
  • Plus: 1000

Gemini AI in Google Workspace

The following matrix summarizes the Gemini AI features in each of the core Google Workspace subscriptions.

Google Workspace Gemini AI Features

Security

Google Workspace provides a comprehensive set of security features and tools. With too many settings and options to list here, we published a Google Workspace Security Feature Matrix as an eBook. 

Review security features against your regulatory, industry, and business requirements.

Selection Process

When evaluating Google Workspace subscriptions, it’s essential to assess the details. Part of your selection process should include determining whether selecting a higher subscription tier or upgrading is more cost-effective than integrating third-party tools to provide the functionality you need.

For example, while Google Workspace’s Standard Data Protection includes email sandboxing, the feature does not offer the same capabilities– such as QR code analysis– as many third-party email threat protection services. 

In many cases, upgrading your Google Workspace subscription provides the needed capabilities at a lower cost than using a third-party tool. This is often true for Google Meet compared to third-party web meeting tools like Zoom.

For other capabilities, however, a third-party integrated solution may still be required.

Your Next Steps

For help assessing your needs and options, please contact us or schedule a brief intro call with a Cloud Advisor.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

PC Continuity Means Business Continuity

/in

PC ContinuityIn today’s fast-paced business world, the ability to maintain continuous PC operations is crucial for your business. With limited resources and manpower, you cannot afford to lose data or prolonged downtime. A crashed laptop can take 4 or more days to repair (or replace) and rebuild. The impact on your ability to serve your clients, manage marketing and sales, and invoice will be operationally and financially disruptive.

Backup Covers the Basics

Backup solutions are foundational to business continuity, particularly for small enterprises. A reliable backup service ensures your critical data is secure and recoverable. Having backups off-premise, or in the cloud, extends your protection to physical hazards that can damage local backup systems.

Backups, while essential, come with challenges.  Before you restore, you need to repair or replace damaged equipment. This takes time. Restoring from the cloud is limited by bandwidth. This takes time.  Repair and restore gets you your data back, but slowly. Meanwhile, you will struggle to run your business.

Unique IT Challenges

As a sole practitioner or other very small business, you face unique IT challenges. With limited devices, a single computer failure can bring your business activities to an abrupt and extended halt.

Unlike larger businesses, you likely don’t have the budget to keep spare equipment on hand or to quickly purchase replacements.

As a small business leader, you want, and need, to strike a balance between risk, protection, and budget.


Connect with a Cloud Advisor

A Solution Set for Smaller Businesses

Fortunately, you have service options that help minimize your risk for business disruptions due to PC problems. 

PC Continuity

You can overcome the challenges and limitations of backup/recovery solutions without breaking the bank. PC Continuity solutions enable you to keep your business running while your PC is repaired or replaced and restored.

PC Continuity captures full images of your device multiple times per day. When needed, the image loads and runs on a virtual desktop in a cloud data center. You can access your system’s image from any device with a web browser or a thin client agent.

With PC Continuity, you can return to work quickly. For a small incremental fee above your backup/recovery service, your business keeps running.

Monitoring and Management

Ensuring your computers are current with respect to patches and updates helps ensure optimal performance and security.  Monitoring for system performance can also flag hardware issues before they cause damage or fail.

Remote monitoring and management services track the health of your computer and can alert your IT service team to issues and conditions before they become problems. The service allows for managing system and software updates and can provide remote access to your IT support team when needed.

Lifecycle Management

Larger companies use lifecycle management to manage their computer purchasing and upgrade cycles. For small businesses, lifecycle management focuses on extending the lifespan of your devices and understanding when it is best to upgrade or replace aging systems.

Besides tracking age and warranty status, these services can include extended warranty and accidental damage coverage plans.  These coverages provide repair or like-device replacement.  Having extended warranty and accidental damage coverage reduces the risk of maintaining older systems. In the event of an expected failure or accident, you can avoid early replacement costs.

Some lifecycle management services include certified electronics disposal, helping you avoid e-waste compliance issues and disposal fees.

Your Next Steps

Understanding the risks and impact of PC/Laptop problems, you should decide the value of the various levels of protections.  While protection and continuity services come at a cost, a single incident with your PC or Laptop can cost you in days of lost productivity, damaged or lost data, and thousands of dollars.

To assess your risks, protections, and business continuity needs, please contact us or schedule a brief intro call with a Cloud Advisor.  The assessment is free and without obligation.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

What is Pen Testing and Why You Should Care

/in

Penetration TestingCyber threats are evolving at an alarming rate, posing significant risks to your business. Penetration testing, commonly referred to as “pen testing,” is becoming a vital, proactive tool for assessing your risks.

Pen testing simulates a cyber attack on a computer system aimed at identifying vulnerabilities and testing the security of IT systems. Pen testing goes beyond electronic systems; it encompasses the entire IT ecosystem, including human elements and physical security. 

As cyber threats diversify, pen testing has become an important cybersecurity practice and an emerging requirement for cyber insurance.

Types of Pen Testing

Pen testing falls into various categories, each targeting different aspects of your business’s IT infrastructure:

  • External Testing:
    Evaluates vulnerabilities in the systems that are visible from the outside, such as web applications, servers, and network devices. It simulates attacks attempting to breach your network from the Internet.
  • Internal Testing:
    Examines what could happen if an attacker gains access to the internal network. It highlights potential damage and data exposure risks from within your organization.
  • Targeted Testing:
    A collaborative effort between your IT team and the testers, providing real-time insights into the attacker’s perspective and your response.
  • Blind Testing:
    Testers receive limited information about the target, mirroring the knowledge an actual attacker might have. This helps assess your organization’s security posture from an outsider’s perspective.
  • Double-Blind Testing:
    An advanced form of blind testing where neither the testers nor the IT staff are aware of the test. It evaluates the effectiveness of the security monitoring and incident response processes.

Benefits of Pen Testing for Businesses

Investing in pen testing offers businesses several compelling advantages:

  • Identifying Vulnerabilities:
    Pen tests expose weaknesses in systems, applications, and networks, allowing you to address them before they are exploited.
  • Prioritizing Risks:
    Not all vulnerabilities carry the same weight. Pen tests help you prioritize risks based on their potential impact and likelihood, guiding you on where to focus your efforts and resources.
  • Enhancing Security Measures:
    Insights from pen tests can guide the implementation of stronger security controls, such as multi-factor authentication, data encryption, and improved access management.
  • Boosting Cyber Insurance Prospects:
    Many insurers require regular pen testing as part of their coverage criteria. Demonstrating proactive security measures can lead to better terms and premiums.
  • Regulatory Compliance:
    For industries with stringent regulatory requirements, pen testing can help you assess compliance with standards like HIPAA, PCI-DSS, and GDPR. It can also help you benchmark against cybersecurity frameworks, such as CIS, NIST, and CMMC.

Getting Started

The best way to get started with pen testing is to perform a basic, preliminary scan of your environment. Referred to as a “Level 1” test, this snapshot provides a baseline assessment. From this assessment, you can determine what, if any, mitigation efforts are needed to improve your security, meet compliance requirements, and/or secure cyber insurance.

Your Next Step

Cumulus Global offers a free Level 1 Pen Test to qualifying organizations. Click Here to Request your test and to access related resources.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

3 IT Trends We See Now

/in

Working with hundreds of small and midsize businesses, we often see trends in IT interests, plans, and initiatives. Given all the hype, we expected to see Generative AI as a big trend this fall. While our clients are interested in it and beginning to use it, Generative AI is not among the top three trends this fall.

Here are the 3 trends we see now.

3 Incremental Cybersecurity

With a never-ending string of cyber attacks, new regulations, and expanded expectations from customers, insurers, and others, your peers are reassessing their cybersecurity measures and making adjustments. 

Like your business, most small businesses have some cybersecurity measures in place. Adding incremental services is a fiscally smart way to increase prevention, fill gaps in protection, and ensure a more effective response. 

Universal multi-factor authentication (MFA), penetration testing, security awareness training, and improved recovery and continuity solutions are among the services your peers are adding.

2 Virtual Desktops

Remote and hybrid work are the norm. So is bring-your-own-device, or BYOD. The challenge is ensuring your team has a consistent user experience that is productive and secure.

Virtual Desktop, sometimes referred to as remote desktop solutions, provides a cloud-resident environment that is secure and effective. With a virtual desktop infrastructure (VDI), such as Azure Windows Desktop, your team accesses a secure work environment from any device with Internet access. Apps run and data remains in the cloud – only screen, keyboard, and mouse traffic touch the local device.

By removing the end user device from the security envelope, you do not need to put security software, or company data, on employees’ personal devices. You reduce the scope of your management (and the cost) while having more control over your environment.

1 Managed Cloud Services

Your IT and cloud services are more sophisticated and capable. Keeping current, ensuring the environment is secure, and helping your team use your IT services most effectively takes time. Instead of letting things slide, your fellow small business owners and leaders are moving towards Managed Cloud Services.

Managed Cloud Services, like more traditional managed IT services, put monitoring, management, administration, and support into the hands of experts. You get an integrated bundle of security, services, and support that matches your needs and your budget.

While Managed Cloud Services often comes with some increased costs, the enhanced value gained outweighs the cost.

Your Next Steps

Our Cloud Advisors are ready to help you assess if and how Virtual Desktops and Managed Cloud Services may benefit your team and business.

To assess and adjust your cybersecurity, check out these resources:

Our eBook, Cyber Security Requirements for Cyber Insurance, defines basic, preferred, and best practice cybersecurity for small businesses. 

We also offer multiple assessments to help you understand and benchmark your current cybersecurity, including:

These assessments are free with a Referral Code. 

Contact us or schedule time with one of our Cloud Advisors to learn more and obtain your Referral Code. 

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management.

Google Upgrade Prevents SPAM and Defines Email Best Practices for 2024

/in

Google email sender guidelines updates coming in 2024: how to prepare

Google constantly works to enhance security and reduce the prevalence of spam in Google Workspace and Gmail inboxes. AI-powered defenses successfully filter out almost 15 billion undesired emails each day. Google stops over 99.9% of spam, phishing, and malware threats. Still, as spamming techniques evolve, threats to user security persist.  Google will deploy new rules for bulk email senders. These Google email sender guidelines and rules prevent SPAM using email best practices that we should all follow.

Improving Security with Google Email Validation

Starting in February 2024, Google will implement new criteria for bulk senders (i.e., accounts that send more than 5,000 messages to Gmail users in a single day). These new email sender guidelines and requirements focus on email validation, and the evaluation of an email address’s legitimacy. 

New Email Requirements for Bulk Senders:

  • Authenticate Email: Bulk senders must strongly authenticate their emails. This protects against the exploitation of loopholes by malicious actors and allows users to trust the source behind the emails they receive.
  • Enable Easy Unsubscribe: Bulk senders will be required to provide recipients with an easy, one-click option to unsubscribe from commercial emails. These unsubscription requests must also be processed within a time period of two days.
  • Send Wanted Emails: Google will set a clear spam rate threshold to protect Gmail users from receiving an abundance of unwanted emails. Notably, this measure is an industry first. 

This Change Impacts You 

If email is part of your marketing program, even if you are not a bulk sender, these rules impact you. While Google is enforcing these rules for bulk senders, following these rules improves your email results. By improving your email reputation, and reducing the risk of impersonation, your emails are more likely to land in the inbox rather than the junk or spam folder. 

Things to Consider to be Ready for The Bulk Sender Changes Happening in February 2024

1 Make sure your Domain Name Service (DNS) email settings and protocols are correct and complete.

2  Preferably, use an email marketing platform instead of your Google Workspace account for large group and bulk marketing emails.

  • Email marketing platforms give you the ability for easy un-subscribe and will provide the necessary features to comply with the anti-spam and data privacy laws and regulations.
  • Google limits the number of recipients per email and the number of emails you can send per day. Google may suspend your account if you exceed these limits.

Your Next Steps to Prepare for New Google Email Sender Guidelines

Contact us or click here to schedule a call with a Cloud Advisor  to review your DNS protocol settings and our Managed DNS Services.

For more details about Google policies that impact emails received by, and sent from, Google Workspace, review Google’s Email Sender Guidelines.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

Manage Storage in Google Workspace and Understand Limits

/in

Google Workspace

Updated January 3, 2003: Clarification on length of grace periods.

With the move to pooled storage across all subscriptions, Google no longer supports legacy options for additional storage for Google Workspace. As such, many individuals and businesses find themselves approaching or exceeding the pooled Google Workspace storage limit for their accounts.

What Happens Next After Reaching The Google Workspace Storage Limit

If you reach or exceed your pooled storage limit, Google gives you a grace period to either reduce the amount of storage used, or to add more pooled storage by changing your subscription.  After the grace period, your account becomes “read-only.” This change impacts your services including being unable to upload files or create new Google Docs, Sheets, Slides, or Forms.

Your grace period is:

  • 14 days if you do not have legacy Additional Storage license(s).
  • 60 days if you have legacy Additional Storage license(s).

You Have Options

You need to either add more Google Workspace storage, or you and your team need to free up storage.

Add More Storage

You have three options for adding more storage.

1 Upgrade.  The easiest way to add storage capacity, and Google’s recommended solution, is to upgrade to the next subscription tier, from Business Starter to Standard; from Business Standard to Plus; from Business Plus to Enterprise Standard.

2 Add Licenses. As an alternative, you can opt to add one or more additional licenses to increase the storage pool.  Both of these solutions will incrementally increase your cost.

3 Add 10 TB of Storage. You can add Additional Storage to Google Workspace subscriptions with pooled storage. The added storage comes in blocks for 10 TB at a cost of $300 per month.  This option is generally too expensive for most small and midsize businesses.

Which option is more cost-effective depends on your current subscription, your number of users, and the amount of storage you want to add.

Free Up Storage

We can recommend several techniques for freeing up storage, each with advantages and disadvantages.

1 Review and remove large or unnecessary files.  Ask each user to go through their “My Drive”. Your Administrator should review your Shared Drives. Be careful not to remove files that may be needed.

2 Review and remove duplicate files. Encourage each user to delete files that have been copied to a Shared Drive, or for which they have multiple copies that are no longer needed.

3 Remove and reduce large emails. Instruct and help users work to through their historical email and delete emails with larger attachments. Verify that the files were saved to My Drive or a Shared Drive. Be careful that the content of the email is no longer needed as well to avoid losing information you might need later on.

4 Move files to other storage. Using Google Cloud you have other storage options. These storage options work well for static needs, such as archiving projects and media (image, audio, video) libraries. Accessing Google Cloud storage requires

5 Move files to local storage. While counter to a Cloud Forward approach, you can move files to local storage. If you  do download the files to local storage before deleting, remember to make sure you protect those files with a backup/recovery solution.

We Can Help with Google Workspace Storage

Our team of small and midsize business cloud experts can and will help you chart your best path forward.  Let us help you assess the effort and cost for your options, and choose the best solution for you and your business. Schedule a call with a Cloud Advisor or send us an email.

About the Author

Chris CaldwellChristopher Caldwell is the COO and a co-founder of Cumulus Global.  Chris is a successful Information Services executive with 40 years experience in information services operations, application development, management, and leadership. His expertise includes corporate information technology and service management; program and project management; strategic and project-specific business requirements analysis; system requirements analysis and specification; system, application, and database design; software engineering and development, data center management, network and systems administration, network and system security, and end-user technical support.

3 Secrets to Avoiding IT Problems

/in

Problem and SolutionIf you are a sole practitioner, a solopreneur, or the owner of smaller businesses, you face unique technology challenges. You, and businesses like yours, are uniquely dependent on your technology.  Your computer and phone are critical tools without which your business can screech to a halt.  Avoiding IT problems is critical. And yet, you do not have time to be the IT guru. You may not have access to, or the budget for, traditional IT services.

The good news is that you can take steps to avoiding IT problems without overspending.

1 Stay Current

When we say “stay current”, we do not mean spending hours reading and studying the lasted IT advancements and opportunities.  Stay Current means keeping your systems up to date.

  • Make sure you regularly apply Windows (or MacOS) updates.
  • Windows Update should also inform you of firmware updates from your laptop manufacturer.
  • If you are not running cloud-based software that updates automatically, make sure your desktop applications are up to date as well.

Staying current with system and application updates ensures you have the latest system-level security protections in place. It is common for security experts to find “holes” in Windows and applications. Updates fix these risks and reduce the chance of a successful malware, ransomware, or other form of cyber attack.

2 Security CPR

Security CPR is our model for pragmatic protection for your business.

  • Communicate & Educate:
    • Know that even your business is a target;
    • Understand the current nature of cybersecurity risks; and
    • Learn how your behavior can prevent or enable attacks.
  • Protect & Prevent:
    • Deploy security solutions focused on stopping the most common type, and the most damaging, cyber attacks on small businesses.
      • Email advanced threat protection and next-gen endpoint protection, for example, protect you from attacks steal your identity and passwords.
      • Proper DNS configuration can stop cyber attackers from impersonating you or your business.
    • Include low-cost and no-cost solutions like multi-factor authentication (MFA) and local disk encryption to prevent access should an account get compromised.
    • Ensure you meet industry and legal security and privacy regulations and requirements; several states are imposing regulations above and beyond more familiar requirements (PCI, HIPAA, etc.).
  • Respond & Recover:
    • No protection or prevention is perfect.
    • Use affordable services that not only recover your data, but let you continue operating while you recovery.
    • Be prepared to address the customer service, legal, and financial aspects of a successful cyber attack. Cyber Insurance is a key component.

Many of your peers assume that security will be too expensive. They see the press coverage and read the articles, failing to realize that tech media targets larger businesses.  Our Security CPR model focuses on balancing risks, protections, and costs to deliver the best value for your business, and smaller business like yours.

Additionally, the model helps you with avoiding IT problems beyond security and compliance. The same solutions help you minimize the risk of hardware problems and software issues while making it easier to recover should something go wrong.

3 Partner with a Pro

If you are worried that you cannot afford expert IT services, you are not alone.  Most sole practitioners and owners of smaller businesses worry about upfront and on-going IT costs. As a result, you may turn to family, friends, or the “guru” in the blue shirt at the store in the mall. Even if your go-to person is in IT,

  • Do they focus on your needs as a small business?
  • Are they available when needed?
  • Do they plan ahead, or only offer guidance when it is time to make a purchase or after a problem?
  • Are they helping you get the most out of the features and capabilities of your IT services?

It is easy to let concerns about cost get in the way of IT services than can truly help you and your business thrive and grow.

A single IT problem can easily cost more, directly and indirectly, than using IT professionals to plan, manage, and support your business. An unexpected failure or cyber attack can disrupt your business for days, resulting in missed deadlines, lost revenue, unexpected costs, and a damaged reputation. Sound planning and active management prevents problems. The right services are key to avoiding IT problems, keeping you operational, and helping you recover should the unexpected happen.

Focus on value.

The right cloud solutions simplify your IT services. Simple reduces the number of things — hardware, software, services — to learn, manage, and support. Matched with the right guidance, management, and support, the right IT services more than pay for themselves.

How Cumulus Global Can Help You Avoid IT Problems

We build our Essential and Basic Managed Services to meet your needs as a solopreneur or owner of a smaller business. Leverage the cloud; focus on key solutions; Rely on expert guidance, management and support.

Explore how our Managed Cloud Services can help you and your business. Click here to schedule a call with a Cloud Advisor or send us an email. There is no cost and no obligation.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management. 

 

The #1 Security Solution that Costs You Nothing: Multi-Factor Authentication

/in

Security KeyWe have all seen and heard the warnings about the ever increasing number of cyber attacks against small business.  More than crypto-ware, small and midsize businesses are targets of other forms for ransomware, impersonation, crypto-mining, and business email compromise attacks. The threats are real, as are the operational and financial risks to your business. Multi-Factor Authentication, or MFA, is an effective, “no cost” solution.

Along with the warnings, you are likely, almost certain, to receive pitches, promos, and offers for a never-ending array of security tools and services.  Like other small and midsize businesses, you lack the bottomless budget. You cannot do it all; you need to prioritize your spending on security products and services with the biggest bang for the buck.  “No Cost” solutions are, of course, the best option when they work.

Protect versus Prevent With Free Multi-Factor Authentication

Some security solutions protect your and your systems, other prevent access and actions.  The difference is important.

Protection solutions help stop attacks from happening.  Services like advanced threat protection and next-gen endpoint protection stop phishing, infecting attachments, and dangerous link attacks by blocking the attack from reaching you or your team.

Prevention solutions stop attackers from successfully accessing your systems and data.  These solutions work after a cyber-attacker has figured out, or purchased, your identity.

In reality, you need both types of solutions. Protection solutions provide the broad shield against targeted and broad scale attacks. Since no protection is perfect, prevention solutions stop the attackers before they can get in and do damage.

“No Cost” Prevention: MFA

The good news is that you can deploy the most effective prevention solution, Multi-Factor Authentication, at “no cost.” We put “no cost” in quotes because, while the basic solution is free, you will need to spend some time setting it up and educating your team.

Multi-Factor Authentication is an authentication method that requires the user to provide two or more verification factors to gain access or entry to a system, application, or other online account or resource.  Most of the applications and systems you use, including Google Workspace and Microsoft 365, include MFA as security feature and option.

These integrated MFA services often provide the second level of verification via SMS message, single-use link, and/or an authenticator app on your smart phone. In general, using an authenticator app is considered more secure than SMS message or single-use link.

As reported by Microsoft in 2019, MFA can block more than 99.9% of account compromise attacks.  If a cyber attacker has your username and password, MFA is the best way to prevent them from getting in and doing harm.

Overcoming Objections with a Free MFA

When putting MFA in place, you may get some pushback or hesitation from your team.

  • MFA does add extra steps when logging in, an inconvenience for your team.
  • As you likely run several apps and systems, your team will need to setup multiple entries in one, or more, authenticator apps.
  • Your team may need to create and save “backup access codes” in case of system or access issues.

While your team may object to the inconvenience, the added effort is reasonable given the level of prevention.

You Can Do More with a Free Multi-Factor Solution

If the number of accounts, passwords, and MFA services is too much, you have options. While they come with a price tag, single sign-on (SSO) and identity and access management (IAM) services can minimize the inconvenience.  Most small and midsize businesses do not see the value given the cost, but it remains an option.

We Can Help

Configuring and managing MFA is part of our Basic, Business, and Premium Managed Cloud Services. We can also help you put MFA in place for your current IT services. For more information, click here to schedule a call with a Cloud Advisor or send us an email.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

library

7 Questions to Ask Your IT Provider

/in

eBook | Source: Cumulus Global — For small and midsize businesses like yours, the information technology and services environment continues to change. Here are seven questions, across a range of topics, to ask your current IT provider to ensure they are actively helping you look forward.

Read more

5 Things Your IT Provider Should be Telling You

/in

eBook | Source: Cumulus Global — Beyond Microsoft 365 and Google Workspace, SMBs use cloud services differently than larger organizations. Understanding these differences, we identify strategies to guide your plans and decisions for getting the most value from your current systems and new, managed, cloud services.

Read more

2023 OpenText Cybersecurity Email Threat Report

/in

eBook | Source: OpenText Security — Attackers persistently adapted their email-based techniques throughout 2022, introducing more nuances into their methods. This eBook shares current information about Phishing, Business Email Compromise, Cryptocurrency Scams; and the Top Malware Threats. The report provides examples of attacks as a learning tool for understanding attacks, how to prevent them, and how to respond.

Read more

Cloud Strategies for Small and Midsize Businesses

/in

eBook | Source: Cumulus Global — Beyond Microsoft 365 and Google Workspace, SMBs use cloud services differently than larger organizations. Understanding these differences, we identify strategies to guide your plans and decisions for getting the most value from your current systems and new, managed, cloud services.

Read more

Understanding Third Party Breach Alerts

/in

eBook | Source: Cumulus Global —
Third party breach alerts inform you of third party data breaches that may pose risks to your business. This eBook looks at the information provided in third party breach alerts
and, using examples, discusses how to interpret and use the information provided.

Read more

A Cyber Insurance Primer (Slide Deck)

/in

Slide Deck | Source: Cumulus Global —
Cyber Insurance is a tool, not a solution. This deck is from our June 2022 3T@3 Webcast: A Cyber Insurance Primer and discusses the what and why of cyber insurance and how it fits into your cyber security and incident response plans.

Read more

Email Security: Good, Better, Best

/in

eBook | Source: Cumulus Global —
Cyber attacks by email have skyrocketed over the last decade. Email and domain impersonation attacks, fueled by successful phishing attacks, bypass account-centric security. This eBook discusses how to protect your business and domain from Business Email Compromises and impersonation attacks.

Read more

IT Services for Solopreneurs and VSBs

/in

eBook | Source: Cumulus Global —
IT Services pose unique challenges for Solo entrepreneurs, aka “solopreneurs”, and very small businesses (VSBs). More than having IT services that are “good enough”, solopreneurs and VSBs need technology to save them time, effort, and money.

Read more

The Transition to Google Workspace

/in

Slide Deck | Source: Cumulus Global —
For many businesses, the transition comes with a significant increase in subscription fees. This deck, with notes, from our Coffee & Clouds Series webcast covers …

Read more

State of Security for Small and Midsize Businesses

/in

eBook | Source: Microsoft —
This eBook identifies key findings in studies and surveys covering security for small and midsize businesses, and provides set of recommendations to ensure …

Read more