Are your Google AU license costs adding up? Here’s what to do
Businesses are in a bind. Keeping employee information secure is essential for data protection. But, following the introduction of Google Archive User (AU) licenses, it’s a major expense.
Before this change there was a free option: the Vault Former Employee (VFE) license. Now, AU licenses offer a replacement, but at a cost of between $4-$7 per person, per month.
While this is cheaper than full Google licenses, it’s still an additional charge for ex-employees. In this short guide, we explore alternative options for archiving employee data that keep information safe but don’t cost a fortune.
Why is archiving employee data so important?
In many countries, businesses are legally required to keep staff data – often for years after an employee leaves.
For US employers, the length of time information should be kept depends on the type of data and local rules. Many businesses use seven years as a baseline, because this covers most state and federal rules.
Similarly, rules vary for UK businesses depending on the kind of information kept. The key message is that the length of time you keep data depends on the reason it was collected. Should a previous employee make a claim against your company after leaving, you may need access to their records as evidence.
Proper archiving means you can retrieve data for specific situations such as legal disputes, freedom of information requests, or restoring access should the person become an employee again.
What’s the alternative to Google AU licenses?
You don’t need Google AU licenses to ensure data is stored securely, easily retrievable and restorable, and deleted after a set period. Because CloudM Archive does all this and more.
Our archiving tool has an optional offboarding step to automatically send the leaver’s data straight to your chosen GCP storage bucket, where this information will be deleted after a set time (in line with your data retention policies).
You get full visibility of the data in your storage bucket with CloudM Archive. This comes in handy if you receive a freedom of information request. Instead of spending hours hunting down a single email, you can view storage buckets indexed by user and restore the information in a few clicks.
Best of all, you don’t need to pay for full or AU Google licenses for your team. You just need to pay for CloudM Archive and the cost of holding data in your Google storage buckets. Which, even when combined, works out much cheaper than the AU license fees.
Switching to CloudM Archive: how it works
The transition to CloudM comes in two parts:
1
Reduce what you pay for existing licenses
First, move Google AU license holders to CloudM Archive using our Migrate tool. The CloudM team is on hand to make this transition smooth and easy for you.
2
Control your current spend with automation
Next, set up CloudM Archive so that future leavers have their information stored here instead of incurring new Google AU license fees. With CloudM Archive, leavers data is automatically archived and licenses can be reassigned.
We know you might need to approach data management more flexibly, too. So if you’d rather keep a specific power user’s data on an AU license, you can add a bespoke offboarding step that keeps it there instead.
Combining CloudM Migrate and Archive is a winning formula for cutting license costs. Just ask Paul Young, Head of Collaboration and Communications Digital Solutions at Holcim Group:
“We’ve saved millions of dollars by using CloudM to archive users to a secure storage area. The product has worked since day one. But, if something isn’t working as expected or needs a tweak, CloudM listens and finds a solution with a level of thought and care you don’t always see.”
Read the full case study on how Holcim Group saved on AU license fees and manual admin with CloudM.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About CloudM
CloudM is an award-winning SaaS company whose humble beginnings in Manchester have grown into a global business in just a few short years.
Our team of tech-driven innovators have designed a SaaS data management platform for you to get the most from your digital workspace. Whether it’s Microsoft 365, Google Workspace or other SaaS applications, CloudM drives your business through a simple, easy-to-use interface, helping you to work smarter, not harder.
By automating time-consuming tasks like IT admin, onboarding & offboarding, archiving and migrations, the CloudM platform takes care of the day-to-day, allowing you to focus on the big picture.
With over 35,000 customers including the likes of Spotify, Netflix and Uber, our all-in-one platform is putting office life on auto-pilot, saving you time, stress and money.
Exploring the Pros of Passwordless Authentication vs. Multi-Factor Authentication
Today’s security teams are constantly tasked with identifying and implementing effective solutions to safeguard your organization’s sensitive data. One such debate that often arises is the comparison between passwordless authentication and multi-factor authentication (MFA). In this blog post, we will delve into the advantages of passwordless authentication using digital certificates compared to traditional MFA methods, offering insights into how this approach can enhance your organization’s security posture.
Understanding the Basics of Passwordless and MFA
Let’s get a clear picture of what we’re comparing. Imagine a world where forgetting a complex string of characters doesn’t lock you out of your account. That’s the realm of passwordless authentication. Instead of traditional passwords, it leverages something you have (like a digital certificate) or something you are (such as a fingerprint) to verify your identity. It’s like having a unique key that only you possess, making access both seamless and secure. Now, shift your gaze to multi-factor authentication (MFA). This security method layers up, asking for two or more proofs of identity before granting access. It could be something you know (a password or PIN), something you have (a security token or smartphone), or something you are (biometric data). Each layer is designed to add an additional barrier for potential intruders, ensuring that compromising one element alone isn’t enough to breach an account. Together, these approaches redefine security landscapes, each with its unique strengths and considerations.
The Security Benefits of Going Passwordless
The shift toward passwordless authentication heralds a significant leap in securing user identities with far less reliance on easily compromised or forgotten passwords. By embracing digital certificates, an organization sets the stage for a more secure verification process. These certificates act as robust, cryptographic proofs of identity that are much harder for attackers to forge or steal compared to traditional passwords. This move not only reduces the surface area for phishing attempts but also curtails the risk of large-scale password breaches, which have become all too common. Without the need for passwords, the vectors through which cybercriminals can gain unauthorized access are markedly narrowed, enhancing the overall security fabric of an organization. This innovative approach aligns with the principle of ‘what you have’ being a more secure identifier than ‘what you know,’ positioning digital certificates at the forefront of modern cybersecurity efforts.
Streamlining Incident Response with Passwordless Solutions
Embracing passwordless authentication significantly contributes to more efficient incident response mechanisms within organizations. By integrating digital certificates, the complexity and time involved in addressing credential-based threats are markedly reduced. In a landscape where speed and accuracy are paramount in mitigating risks, the ability to quickly revoke compromised certificates and enforce access controls becomes a game-changer. This agility in response not only prevents potential breaches from escalating but also supports a more proactive stance towards cybersecurity. Implementing passwordless systems means that incidents related to password theft or misuse can be more rapidly identified and contained, ensuring a swift return to normal operations and maintaining the integrity of your security perimeter. This streamlined approach to incident response, devoid of the traditional password pitfalls, fosters a more resilient and adaptable security posture, enabling organizations to respond to threats with unprecedented speed and efficiency.
The User Experience: Making Security User-Friendly
The transition to passwordless authentication not only heightens security but significantly enhances the user experience. Imagine the convenience of bypassing the all-too-familiar struggle of recalling complex passwords or the frustration of being locked out after too many incorrect attempts. With digital certificates, authentication becomes a smooth, almost invisible process, where access is granted effortlessly and securely. This leap forward in user experience means no more interruptions to workflow due to forgotten passwords or time-consuming reset processes. It represents a paradigm shift where convenience meets security, ensuring that users can focus on their tasks with minimal disruption. This streamlined access method reduces the workload on IT support teams, cutting down on the countless hours spent assisting with password-related issues. By prioritizing user-friendly security practices, organizations not only foster a more productive environment but also encourage a stronger adherence to security protocols, as the path of least resistance now aligns with the most secure practices.
Comparing the Costs: Passwordless vs MFA
Diving into the financial side of things, the debate between the cost-effectiveness of passwordless authentication systems, such as those utilizing digital certificates, versus traditional MFA approaches, can seem daunting at first glance. Initial outlays for setting up a certificate-based passwordless framework may present a steeper curve, reflecting the investment in a more sophisticated infrastructure. However, it’s crucial to look beyond the initial setup. Over time, the reduction in overheads related to password resets, support calls, and the management of password-related breaches often translates into significant savings. On the other hand, MFA, while potentially cheaper to initiate, carries with it ongoing expenses. These can include software subscriptions, hardware tokens, and the manpower needed to manage and troubleshoot the MFA systems. This ongoing commitment can, cumulatively, end up being more costly than a passwordless system’s initial setup. Therefore, when assessing the financial implications, a broader perspective on cost, encompassing both immediate and long-term expenditures, is essential to make a well-rounded decision.
Preparing Your Organization for a Passwordless Future
Embracing a passwordless future requires thoughtful preparation and strategic implementation. As you navigate this transition, focus on educating your team about the benefits and mechanics of digital certificates. Develop and refine technical infrastructures that support a seamless shift to certificate-based authentication, ensuring compatibility and security at every step. Leverage automation to streamline the deployment and management of digital certificates, minimizing manual errors and enhancing efficiency. Engage in continuous learning to stay abreast of emerging threats and adapt your strategies accordingly. By taking proactive steps today, you’re not only securing your organization’s digital assets but also paving the way for a more secure, efficient, and user-friendly tomorrow.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。
Finding Microsoft Message Queuing (MSMQ) Servers with runZero
Microsoft has disclosed a pre-auth use-after-free vulnerability in the Microsoft Message Queuing (MSMQ) service running on Windows. MSMQ is a message queuing mechanism that allows different systems and processes to communicate reliably.
CVE-2024-30080 is rated critical, with a CVSS score of 9.8, and allows attackers to execute arbitrary code with the privileges of the server process. This issue was reported by k0shl with Kunlun Lab.
What is the impact?
Successful exploitation of this vulnerability would allow an attacker to execute arbitrary code on the server.
Are updates or workarounds available?
Microsoft has released an update addressing this vulnerability. Users are encouraged to apply this patch immediately.
How do I find potentially vulnerable systems with runZero?
From the Asset Inventory, use the following query to locate systems running potentially vulnerable software:
os:Windows AND tcp_port:1801
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.
What are SLA, SLO, and SLI?
Learn the differences between SLA, SLO and SLI and how to implement these metrics to improve the quality of service offered by your company. Also, learn about the challenges and best practices for implementing them, along with some real-world examples.
Importance of SLA, SLO and SLI in user experience
Talking about SLA, SLO and SLI means talking about user experience. Each of these acronyms (we will explain them later) is on the minds of developers, who are looking to achieve increasingly reliable and high-quality IT services and resources. To achieve this, they must understand and effectively manage objectives at service levels, relying on defined indicators and formal agreements that lead them to achieve user satisfaction.
Objective of metrics and their application in system performance
What is measured can be improved… so metrics help ensure a service meets its performance and reliability goals. They also help align the goals of different teams within an organization toward one goal: the best user experience.
Differences between SLA, SLO and SLI
- Definition and scope of each metric.
Imagine a base where SLI (Service Level Indicators) refers to the quantifiable measurement to evaluate the performance of a service. Above this base you may find SLO (Service Level Objectives), which set objectives for service performance, and SLA (Service Level Agreement), which are legally binding contracts between a service provider and a customer. - Example and applications in different contexts.
For example, a cloud service provider may define latency as the amount of time it takes to process a user’s request and return a response as SLI. From there, an SLO of no more than 100 milliseconds is established for a consecutive period of 30 days; if the average latency exceeds this value, they will issue service credits to customers.
If an SLI is set on the e-commerce website based on the error rate as a percentage of failed transactions, the SLO could set the error rate to not exceed 0.5% during any 24-hour period. The SLA agreed with the cloud service provider would include this SLO, along with penalties or compensation if it is not met.
SLI: Service Level Indicator
Meaning and function
Service Level Indicators (SLIs) measure the performance and reliability of a service, to determine whether an offer meets its quality objectives. The SLI also helps identify areas for improvement. Examples of indicators include latency (response time), error rate, throughput, and availability (uptime). These metrics are usually monitored over specific time periods to assess performance. As it can be seen, SLIs are the foundation for setting performance and reliability benchmarks for a service.
Challenges and strategies for their measurement
Based on the fact that SLI refers to metrics, the main challenge is to achieve a simple approach to the indicators, since they must be easily analyzed and compared in order to speed up decision-making based on the results. Another challenge is choosing useful tracking metrics that correspond to the actual needs of the product or service.
SLO: Service Level Objective
Definition and purpose
Service Level Objectives (SLOs) set performance and reliability objectives that service providers aim to achieve, in line with a service’s SLIs. So these SLO help to evaluate and monitor whether the service meets the desired quality level. For example, a cloud provider may say that their goal is to achieve 99.99% availability over a specific time period.
Challenges and recommendations for implementation
The main challenge is that objectives must be clear, specific and measurable, so it is recommended that the service provider works closely with stakeholders to define SLOs and their scopes.
SLA: Service Level Agreement
Concept and purpose
A service level agreement (SLA) is a legally binding contract between a service provider and a customer, outlining agreed SLOs and penalties for non-compliance. SLAs ensure that providers and stakeholders clearly understand the expectations about the quality of service and the repercussions in case of non-compliance (financial compensation or service credits) with the agreed standards. SLAs include SLOs such as latency times, error rate, and availability. Of course, before service begins, the service provider and the customer will negotiate Service Level Agreements. SLAs help to have a clear understanding of performance expectations, channels and courses of action, and service reliability, safeguarding the interests of both parties.
Challenges and best practices
One of the most important challenges of an SLA is that it does not go along the line of business priorities, so a best practice is to involve the business areas where the greatest impact on the service level is generated in the agreements. Also, monitoring the SLA and updating them can be a complex process that requires reports with data obtained from multiple sources of information. In this regard, it is recommended to acquire the technological tools that help to retrieve data from multiple sources in a more agile and automated way.
Comparison between SLA, SLO and SLI
As we have seen, SLIs are the foundation for SLOs and SLAs, with quantitative metrics to assess service performance and reliability. SLOs use data derived from SLIs to set specific objectives on service performance, ensuring that the service provider and stakeholders have clear objectives to achieve. Hence, SLAs incorporate SLOs into a contract between the service provider and the customer, so that both parties have a clear understanding of performance expectations and consequences in the event of non-compliance.
To be clearer, it helps to look at these tables that compare differences, challenges, and best practices:
Table 1: Differences between SLA, SLO and SLI
Metric | Purpose | Application | Flexibility |
SLI | Actual measurement of service performance. | Internal, paid. | High flexibility. |
SLO | Internal objectives that indicate service performance. | Internal and external, free and paid. | Moderate flexibility. |
SLA | Agreement with customers on service commitments. | Payments, availability. | Low flexibility. |
As it can be seen in Table 1, to the extent that the metric is more specific (SLI), there is greater flexibility for its definition, AND, the more specific the metric (SLA), the more parties involved the commitment is.
Table 2: Challenges and best practices
Metric | Challenges | Best Practices |
SLI | Definition of product or service associated with business needs. | Another challenge is choosing useful tracking metrics that correspond to the actual needs of the product or service. |
SLO | Balance between complexity and simplicity. | Close collaboration with the parties involved in the service to define SLOs and their scopes. |
SLA | Alignment with business objectives. | Define realistic expectations, with a clear understanding of the impact on the business. |
In Table 2, you may see that the challenges for the metric are different, due to their internal or external nature. For example, SLOs are internal objectives of the service provider, while SLAs establish a commitment between the provider and the customer (service user), as well as penalties in case of non-compliance.
Real-world applications
Examples of how these metrics are applied in different companies and services.
- SLI:
- Service availability/uptime.
- Number of successful transactions/service requests.
- Data consistency.
- SLO:
- Disk life must be 99.9%
- Service availability must be 99.5%
- Requests/transactions successfully served must reach 99.999%
- SLA:
- Agreement with clauses and declarations of the signing parties (supplier and user), validity of the agreement, description of services and their corresponding metrics, contact details and hours for support and escalation courses, sanctions and causes of termination in case of non-compliance, termination clauses, among others.
Conclusion
Service metrics are essential to ensure the quality of the service offered. Whether you are working with the service provider or you are on the other side of the desk, the service user, you need to have reliable and clear information about a service’s performance in order to generate better user experiences, which in turn translates into better responsiveness to internal customers (including vendors and business partners) and external customers of any organization. Additionally, do not overlook the fact that more and more companies are adopting outsourcing services, so it is helpful to be familiar with these terms, their applicability and best practices.
We also recommend these tools that Pandora FMS puts at your disposal:
- Powerful SLA Reports (by days, hours, weeks).
- Pandora FMS Uptime calculator, which measures online time of a machine or server, available status and service time.
Market analyst and writer with +30 years in the IT market for demand generation, ranking and relationships with end customers, as well as corporate communication and industry analysis.
Analista de mercado y escritora con más de 30 años en el mercado TIC en áreas de generación de demanda, posicionamiento y relaciones con usuarios finales, así como comunicación corporativa y análisis de la industria.
Analyste du marché et écrivaine avec plus de 30 ans d’expérience dans le domaine informatique, particulièrement la demande, positionnement et relations avec les utilisateurs finaux, la communication corporative et l’anayse de l’indutrie.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.
