5 Reasons Your Frontline Workers Need to Transform to the Cloud

Frontline Workers have a significant impact on the business, directly impacting customer experience and are the eyes and ears for reporting on progress, spotting new opportunities and providing extraordinary customer experiences. Don’t let your Frontline Workers miss out on the power of Chrome Enterprise that drives greater efficiency for the business.Read More

When We Met With Sundar Pichai

It was May, 2015 at Google I/O in San Fransisco.

We flew in from Minneapolis to see the live keynote from Sundar Pichai, who was then the Chief Product Officer (However, Larry Page appointed Pichai as CEO in October of 2015 when Alphabet was officially implemented as the parent company of the Google family).

At the time, Pichai talked a lot about introducing Machine Learning (ML) into Google’s product set. No one knew exactly what that could look like or how it would evolve.

With the recent Google for Work rebrand into Google Cloud, and the heavy focus on ML and Google Cloud Platform across the board, we’re now seeing what Pichai envisioned last year during I/O. One of the larger releases is Quick Access, which shaves 50 percent off the average time it takes to get to the right file by eliminating the need to search for it. It uses machine learning to intelligently predict the files you need before you’ve even typed anything.

From left to right: Paul Lundberg (Agosto CTO), Aric Bandy (Agosto President), Sundar Pichai (now Google CEO), Irfan Khan (Agosto CEO).

We had the privilege of briefly meeting with Pichai during I/O and discussing the product roadmap with him and his vision for ML. With their recent enterprise rebrand, it got us thinking about that conversation with him last year.

Excited to see what’s to come.

Google Cloud and G Suite: Keeping Track of the Rebrand

Google announced big news today: Google for Work is now called Google Cloud, and Google Apps for Work is now called G Suite.

But wait! It’s more than a name change…

G Suite not only speaks to the ecosystem of apps they’ve built and are continuing to improve upon, but they’ve announced the deeper integration with machine learning and artificial intelligence to improve your team’s efficiency and decrease the amount of time you jump between emails, meetings, and video calls so that you can focus on the important things at work.

The branding can be a little confusing and is always difficult to adapt to, but this guide should clear it up for you.

Updates Google Announced:

Quick Access: This removes your need to search for documents. Through machine learning, Google tracks ongoing meetings, emails, and chats to determine what documents you need to access next, drastically reducing the amount of time you spend searching for that one thing Pam shared with you three months ago.

Find a Time: Google Calendar saves you time when you need to coordinate schedules for multiple attendees. This functionality has been in Google Calendar for some time now, but the recent updates allow for smarter room booking. It rolled out to iOS today and by the end of the year it will be on Chrome as well.

Explore: This function was released last year in Sheets, incorporating machine learning to help you create complex graphs and functions easily. Today, Explore was released in Docs, Sheets, and Slides. It’s like having a researcher, analyst and designer by your side.

Team Drive: This is what we’re most excited about. In order to keep pace, a new capability called Team Drives redefines the model, shifting from a focus on the individual user to a focus on the team. Content ownership and sharing are managed at the team level, and new roles give more granular control over team content. Team Drives help streamline teamwork from end-to-end, from onboarding a new team member (add her to the team and she instantly has access to all of the work in one place) to offboarding a departing team member (remove him from the team and all of his work stays right in place), and everything in-between. We’ve been previewing Team Drives with a small set of customers, and we’re excited to begin to extend this capability to more customers through an Early Adopter Program.

Still Has the Same Apps

G Suite is still a collection of applications for enterprises to collaborate and communicate. Here are the staple applications in the suite:

Gmail: Gmail works on any computer or mobile device with a data connection and offline support lets you keep working even when you’re disconnected. Wherever you work, your email is there.

Hangouts: Hangouts enable online video meetings right from your laptop, mobile phone or tablet. With Google Apps, this included video conferencing connects you with up to 15 colleagues or clients anywhere in the world with just a click.

Calendar: Organize your day with Calendar and get event reminders on your phone or in your inbox. Attach files or docs to your event so you have the right materials when your meeting starts.

Google+: Google+ is a social media platform for your business. A place for sharing ideas, news, and stories. A place to connect with coworkers, family, and friends. Choose who can see your posts by sharing with a group of people, or your entire organization.

Drive: Keep all your files in one place and always have the most up-to-date version wherever you are. Automatically sync files from your desktop and have access across your devices.

Docs: Create and edit text documents from any smart device. Multiple people can work in the same document at the same time, and changes are saved automatically.

Sheets: Create and edit spreadsheets from any smart device. Handle everything from simple task lists to data analysis with charts, filters and pivot tables.

Forms: Create custom forms for online surveys and questionnaires. Gather responses in a spreadsheet and analyze the data right in Google Sheets.

Slides: Create, edit and present polished presentations from any smart device. Multiple people can work on the deck at the same time and everyone always has the latest version.

Sites: Launch a mobile-friendly destination site for your team or project, or a portal for your customers using simple drag-and-drop tools.

Admin: Administration shouldn’t need a manual. Easily add users, manage devices, and configure security and settings so your data stays safe.

Vault: Manage, retain, search and export your organization’s email and on-the-record chats. Vault is included exclusively with our $10/user/month plan.

3 Reasons Why You Should Choose a Google Partner Instead of Going Direct to Google

In your company’s transition to Google for Work, you may wonder whether it makes sense to go through a Google partner, or go direct to Google.

What’s the difference, and what are the benefits?

Google for Work provides amazing products for an all-encompassing business solution. Their product suite has many solutions from email, collaboration, word processor, video chats, storage, intranet builder… and more.

But you already know that.

Think of going direct to Google as going to an auto parts store. You know your car. You know how to do the instillation yourself and you have the time. 

Going with a Google Partner is like going to a mechanic. You get services to make sure everything runs properly and you won’t stall out on the highway. Google partners provide clear and knowledgeable guidance with support from start to finish while implementing these tools for you.

Many businesses enjoy the benefits of working with a partner for an easy transition and to have Google product experts foresee situations for them and provide solutions to ongoing business challenges.

So, here are 3 things (among many others) you can get from a Google for Work Partner that you can’t get if you go direct to Google:

Develop a Custom Strategy

Google for Work Partners bring Google into your business in an efficient and knowledgeable way, from strategy, rollout, deployment, training, change management,  and onward.

Before making changes, partners assess where your company is and where you want it to go.

It’s a tailored approach to make sure each Google product fits well with your business goals and your teams can adapt.

If you need a custom solution, some partners are experts in developing scalable products on Google Cloud Platform. Application developers guarantee that your company isn’t forced into a mold.

Your partner team will guide you through recommended Google products as well as suggested custom alterations. Once a strategy and product suite is settled upon, you’re guided through a seamless purchasing process. Google Partners handle all of the logistics, allowing you to focus on managing a single account.

Working without a Google for Work Partner, your business is left with a one-size-fits-all solution. Though Google for Work products are versatile, companies benefit immensely from customized solutions that maximize ROI and productivity.

Migration, Deployment, and Change Management

Choosing to migrate your company to Google for Work on your own can be time consuming and interrupt flow of business.

Using a Google for Work Partner allows you to focus on work while they handle migration and deployment. With decades of experience, a partner team understands the requirements of each legacy system. They can deploy new products and seamlessly migrate your data with little to no impact on workflow.

Change management professionals are vital to the success of any major transition in a company. A lack of support and education can cause even positive changes to stall.

Your partner team will closely examine the organization, judging previous change patterns, methods that were successful, number of users, and the company’s needs. An implementation strategy is then tailored to fit the specific business.

Preparing users for the transition and determining an efficient and realistic timeline are a large part of successful implementation: downtime and redundancy are reduced while productivity increases.

Your partner team will conduct a series of trainings to ensure employees feel confident moving forward with a new system. Basic trainings cover the transition process and how to use new products.

Additional sessions are available to encourage user engagement. They’re conducted on site or remotely. A benefit of using Google for Work Partners is that every training is fitted to the client. Surveys are distributed and analyzed to determine the level of user confidence and the location of knowledge gaps.

As a result, employees feel heard, their concerns are addressed, and user engagement is heightened.

Internal marketing and communications trainings are conducted between Google for Work Partners and internal marketing teams.

Your change manager will discuss techniques to increase enthusiasm among employees adopting new platforms. Internal teams will be guided in communicating useful and energizing information throughout your company, enhancing adoption and engagement.

Maintain Support

After Google for Work has been deployed, your Google for Work Partner team remains with you each step of the way.

Account administrators are assigned to your company, ensuring ongoing technical support. Especially in the early days of a new system implementation, existing IT departments and account admins can feel overwhelmed by big changes.

Working with a partner removes that.

If you work alone, in-house technical support can inadvertently slow things down. By using a highly experienced team to complement your on-site support, both the transition and ongoing use of new platforms are made easier.

Ongoing trainings are also available to companies that use a Google for Work Partner. These cover a range of topics and are tailored to fit your business needs. Project management and coordination meetings are conducted at regular intervals. Each meeting addresses whether target timelines and objectives are being met.

Additional trainings can include case development. Every development training is designed for your particular company and its needs. Workflow requirements and business scenarios specific to your enterprise are addressed.

Your partner team will discuss how to streamline work and increase productivity in your field, leveraging Google for Work’s specific capabilities for your company.

Ongoing webinars and events keep your team informed of changes, updates, and helpful hints to maximize Google for Work’s applications.

Newsletters are also distributed frequently, containing tricks for better productivity with Google systems. If you find that your teams need further training in a particular area, your premier partner will create a custom 30-60 minute training session to be conducted remotely or in person. You can issue brief quizzes before and after each training session, assessing the effectiveness of each meeting. Additional trainings can be designed around continued knowledge gaps, and materials can be further tailored to your specific employee base. By providing your team with the tools needed to succeed, productivity and ROI increase.

Conclusion

Google for Work is a comprehensive and versatile suite of products that make the most of speed and efficiency in the cloud.

Optimize your investment in these products by using a Google for Work Partner. With support from start to finish, these experts provide amazing insight, support, strategy, and knowledge throughout the entire process.

Going directly with Google can be a good solution for some small businesses who feel confidant doing a technical deployment. But for most mid to large sized companies, product experts are required to guarantee a smooth transition.  

What Happens to My Data in Google? (Pt. 3 of 3)

This is the 3rd of a 3-part series on Google Cloud Security. You can read the first part here, and the second part here

When I talk to customers, we get past the security conversation pretty quickly. 

When I explain to them how Google does things, they have lots of independent verification, your rate, you can test Google, they buy the security very quickly.  

The problem now is people worry more about what’s happening to their data. 

It quickly goes from a security conversation to, “No, no, I believe Google’s security is better than ours,” to a conversation more like, “I want to know what happens to my company’s data within Google’s hands.”  

What happens to your company data in Google?

Now, there’s a lot of misinformation about this.  

So, how does Google think about data protection? They think about it two ways. I always like to start this talk with security, because without security, you’re not going to have data protection.

The other component is privacy. If you don’t have a solid privacy policy and policy practices in place, you’re not going to have it either. 

The number one piece of misinformation is that people confuse Google’s consumer services (the ones that Google offers for free) with the services they offer to companies, businesses, schools, and nonprofits. 

They’re completely different offerings. Just to be clear, for that free Gmail account that you sign up for, yes, they’re using that data for advertising. Yes, there’s profiling. Yes, there’s scanning.  

But for all the products that they offer to businesses, schools, nonprofits, that’s not the case. In that case, in the original case, you guys own the data. Google is simply considered the data processor.  

Google can only use the data in the way in which you’ve instructed them. Let me go into a bit more detail here… This has three big components, like three legs in a stool, really.  

1. Transparency

What transparency means is that they’re going to tell you what they’re doing with your data. And it’s about being transparent before you’re a customer, without having to sign some sort of magical, special agreement.  

So, I mean sharing things like where their data center locations, Google’s security reports, their SOC 3 reports, their ISO reports. All of their contracts are public. Meaning their data processing and who their subprocessors are, all these components, all of their commitments on data deletion, information on what data can be used for… this is all publicly available. 

You can look it up now. It’s on the web.

And what it comes down to is what can Google use the data for?

We can use the data for absolutely nothing but what you instruct us to do.  -Google

So just to be clear, Google cannot use your data for advertising. They cannot mine your data for any purpose whatsoever, even to improve their own product; they’re simply not allowed to do so. And this is part of their business contract with companies.  

The intellectual property of the data is yours. You get the idea: Google literally has zero rights on your data. They own the rights to their service.  

So, as long as you don’t try to reverse-engineer Gmail, you’re going to be OK.

They’re also extremely portable. 

You could literally take your entire organization’s data and shift it into Google over the weekend. And you could change your mind next week, and move everything out Google. You can do that too.  

There’s no penalty. It comes out in usable file formats. It works so well, Google’s competitors have built tools around it to quickly expedite the movement of data in and out of their platform.  

2. Strong Contracts

All of Google’s contracts are written in a way that’s European-centric language. It’s not because they’re a European company. It’s just that the standards there are very, very specific when it comes to data.  

So there, you’re the data controller and the data owner. You give Google instructions, they’re the data processor. They can only do what you tell them. They have a global data privacy policy that applies to businesses, schools, and non-profits

It’s different from the one that if you look up “Google Privacy Policy,” it’s not that one. That’s for consumers.  

This one is publicly available and they update this all the time. Because they’re constantly getting feedback from data protection authorities in the US, in Europe, in Asia and our position is that they will only strengthen their commitments, not weaken them. So one of the more recent ones is they put an SLA on data deletion. Google made ongoing commitments to maintain compliance with their security audits and data privacy audits, which I’ll talk to you about here in a moment.

These sorts of things, this is all available, which is very useful for a business.  

So if you’re a parent, and you want to know what’s happening to your children’s data, you can just go and read it. There’s no advertising. There’s no scanning. It’s not some secret contract that each company has their own thing agreed upon.

They build on it. Google tells you what they’re going to do, they’re transparent. They legally commit.

But how do you really know what they’re doing? Google’s perspective is that you should trust them, but verify yourself.

3. Auditing

The problem in the past is that all of Google’s audits had been very, very focused on security. They start with security. Security’s strong. They have all the ones you’d expect– ISO 27001, SOC 2, SOC 3, SSAE in 16, ISAE 3402.  

These are all independent security audits. But again, we get past that security conversation pretty quickly and it goes into data usage. People don’t argue about security. They know what good security is.  

They argue about data usage, and how data should be protected.

Should it be transferred internationally? How does all that work?

So, what did Google do? They went and worked with their buddies over at ISO, their Swiss friends, Google’s standard-setting organization. And they worked with them to develop a new standard.

The new standard is called ISO 27018. This is about data privacy, the processing of personally identifiable information by public clouds, which is Google.

It’s exactly what Google’s looking for.

The next thing Google did is work with their auditor to be able to audit them against this new standard. So remember their infrastructure, everything I talked about being completely customized?  

Google can’t run an audit sending a college kid in with a clipboard saying, “Oh, there’s my blade server, and what’s my patch level?” 

It doesn’t work that way.  

At Google, everything is customized. They have to embed their auditors with their engineering teams. It takes a long time. It took over a year for the auditors to be trained on Google’s platform, and then be able to conduct an audit afterwards.

But the good news here is that they’ve adopted the standard, and they’ve had this since September.

Google announced it almost a year to the date after the standard had been released. Just so you understand how important this is, let me talk a little bit about how these standards work, if you’re not familiar with them.  

ISO 27001 is a family of standards.  

The first level is around security. There’s 114 security controls, which goes back to our story. You have to have security before you can have privacy. After you’ve gone through, and we talk about all these different controls that are in place for Google’s platform, you’ll learn that ISO 27018 is built on top of it.

You have to have security before you can have data protection and these are looking at different things. This is asking if Gmail is secure? Is it locked down? Are all those controls in place?  

And the next one is looking at the question: what’s that data being used for? Is it guaranteed that it’s not being used by other systems? What’s out there? How is this being protected? 

This is what’s important.  

So now, for the first time, you have independent, third-party, audited verification on what’s happening to your data.

This is something that you can take to your board. This is something you can tell your users about. But what makes it interesting, when we start talking about things like data privacy, is that it just doesn’t apply to services like security.  

So security on Gmail, Drive, and all of those products are covered. But, data is different; you can get to that from all kinds of different ways.

For Google’s privacy standard, yes, it had to cover the applications. But it had to cover every way that you could get to the data, so all the APIs, all the SDKs, or the software development kits, and tools that you might want to run on top of them.

So all these have been included as well.  

Another benefit of working with a company like Google who operates around the world is that they operate around the world. And that means that different countries and regions have different standards relating to data privacy.  

And for Google, they always have to take the strictest one.  

International Security Compliance

Sometimes it’s Europe, sometimes it’s Korea, and sometimes it’s the US. And these sorts of things, knowing that they have to meet all of these strict standards, you can have peace of mind that this is something that’s important to them, and that they’re going to be on the leading edge of what’s happening with data protection around security and data privacy.

Google has a very, very large team, both in DC, in Brussels, in Singapore, working with governments, who focus on working with data protection authorities because this is an evolving thing.

In Europe, there’s a lot of change happening right now. Google is compliant with everything that’s happening there now. They work very, very closely with them. But this is something that is constantly developing and because Google has such a vested interest in all these markets, it’s in their interest to be compliant and to be a leader.

And this is something that they’re really trying to bring home to the US. So when you talk about moving to the cloud, now, you can think about the abilities, but it does this increase the risk for what you’re doing on a day-to-day basis at your business?  

We think that you should look at it as a risk assessment. We talk about having extraordinarily strong, world-class, leading-edge security. That’s great, but it’s only part of the problem.  

You have to understand how that data is being used and know what systems there are.

Having all this information available, it’s fun to share with you guys extraordinarily detailed security audit reports to back all these claims up.

You can run your own penetration testing. Having strict, bulletproof contracts about what your data can and cannot be used for and having very, very strong enforcement mechanisms for them there. 

Don’t look at Google’s platform as being the same as you have on your personal accounts, or being equivalent. It’s 10 times better.

How Does Google Handle Cloud Security? (Pt. 2 of 3)

This is the second post in a three-part series on cloud security. To read the first post on, click here. 

We live in a mobile-first world. What have we learned from the security mishaps in the past few years?

The traditional thinking of having walls around everything, putting everything on your secure network, well that doesn’t work anymore.  

The reason people did that is because they don’t have infinite budgets, and they said, “Okay, we need to focus on security. The logical place to focus security measures on is the network.”

Google’s philosophy is a bit different. 

Big surprise there. 

Google’s Philosophy With Securing a Network

Google believes there’s no such thing as a secure network anymore, whether it’s run by a government or a company.

At Google, they assume everything is breached. They assume everything is broken. They assume these things because they believe that it is the only way to protect yourself.

When talking about secure architecture, you can’t just be good at one thing. You have to own the entire stack. And for most companies and organizations, this is far too expensive.  

There’s no way you’re going to get budget to do this.

So Google, at the scale that they operate on, literally invests billions of dollars in this. Because they’re investing at this scale, they’re able to do things that other companies simply can’t.  

Google looks at their data centers (their network) and they secure all the information.  

But where do most of the breaches occur?  

Hackers haven’t breached a data center. But, they’ve hacked social networking, or they’ve installed something on your browser or your device. So, Google has taken the steps to protect you there as well.

How Google Protects Your Users From Attacks

First thing’s first, Google has Chrome as a browser.

There’s a version of Chrome called Chrome for Work. You can use it, it’s free.  

But, with Chrome for Work, what makes it different is the fact that you can apply up to 280 security policies to Chrome. And you might say, “Well, I could do that with Internet Explorer.”

But, Internet Explorer just runs on Windows. Chrome runs on Windows, Macs, Linux, iPhones, Android, and all the Chrome devices.

You can now have one set of security policies, apply it across all your different devices, and have them all act as first-class citizens.

So, where are those breaches happening?  

It’s that old enemy of ours, the username and the password. And what happens? It’s that thing that you tell your users not to do. You say, “Please don’t use your password on other sites.” 

What do they do? Everyone has their favorite password and they reuse it over, and over, and over again.

So, at Google, what they’re trying to do is to make the password irrelevant. In fact, we have multi-factor authentication. 

With multi-factor authentication, the username and password become irrelevant without a code or having a phone nearby, which is connecting via Bluetooth or et cetera.

This is the next step to get around that social engineering.

There’s a Chrome extension called Password Watch. It’s a Chrome extension you can require via policy for all your users. 

It takes a portion of your corporate password – a portion of it, not the whole thing. It’s hashed, it’s salted, it’s stored on the browser (not at Google). And what happens is it watches what your users are doing.  

Then, if someone tries to reuse your corporate password on another website, it locks the account.

So, it’s the end of the night, I’m sleepy, I go to another website. That password’s muscle memory, right? I accidentally put in my corporate password on a different site.

I’m like, oh no, now I need to reset, everything is off now and I need to go back and reset all my accounts.  

It’s that kind of proactive security you need to use to protect yourself.

Encryption in Transit

As I talked about in Part One of the series, Google has an amazing story on encryption at rest in their data centers. 

Encryption in transit at Google, they use a technology called Perfect Forward Secrecy.

It’s stronger than most military-grade VPNs.  

Effectively, what this is, is that for every single user, for every single web session, they have a unique set of certificates, hardened to 2048-bit strength.  

If you’re using mobile devices, it’s a mobile-first world out there. On Google’s platform, there’s Android for Work. This uses SELinux to create a secure container on the device where you can store your corporate information and manage the device.

But not everybody’s on Android.

So you can do the same thing for the iOS, for the native iOS MDM, MAM APIs.

Again, enforcing things like encryption and data management, that’s all part of our platform. But, if you have another third-party solution, Google plays nice with everyone else.

It uses the bits that makes sense for your organization. If you guys have a robust authentication system for your company (Google works with governments and militaries as well), if you want to be able to have a username, a password, a token, a retinal scan, a blood sample, if that’s what you want to do you want to manage that, that’s something Google can integrate with all those different systems.

They have lots of customers with great examples.  

How do Google’s Products Work in Light of Security?

There’s a product called Google Drive. I’m sure you’ve used it and are familiar with it. 

For those who don’t know what it is: it’s a huge, unlimited hard drive in the sky for your data. The only limit is that of file size; the maximum size a file can be is five terabytes.  

So, if you have one that’s bigger than that, I’m sorry, not yet.  It’ll probably be coming. But you can have as many of those 4.9 terabyte files as you want.

The amazing thing about Google Drive is that it works with all the different file formats, not just Google stuff. It works with Microsoft OpenOffice, Adobe, whatever.

Whatever you have, or just big, big, big files of data, you can upload them here, it becomes very easy to share, and it’s available on different devices.

Now, the great thing about Drive is that it’s easy to share. But, the scary thing about Drive is also that it’s easy to share.  

I want to be able to control what’s happening to my information. So, if you’ve never seen a sharing dialogue within Google Drive, the way that it works is that every single document has strict permissions.

Now, with the strict permissions, I can invite individual users within my company to have access to that. I can have them view it. I can have them edit it. I can have them collaborate it.  

All these things are there and I can actually put information rights management on it. This is a problem Google has been trying to solve in IT for a long time. So I want IRM. I want to be able to prevent people from copying, downloading, or printing this information.  

When you combine IRM with permissions like this, you have real control of your data.

When I want to share a document with you, I send an email. It has a link. I click on the link, and if I decide later that you shouldn’t have access anymore, I remove your access.  

That data has never left the cloud, and it’s not available on their device anymore. But let’s say you really want to control who you share it with. Lots of folks say, well, I want to share my information, I want to collaborate, but I want to control the collaboration.

So, now Google has said you can whitelist organizations outside of your own who you’d like to collaborate with.

So, it’s not just the entire world.

You can limit it to a set of other organizations- this is having real control of your data. And again, this works within any file format.

How Google Protects You Against Hackers

Scale matters in security more than anything else. If you’re going to scale in any area, you have to scale in security. At Google, they have over 500 full-time engineers working on security all the time.  

That’s more the most IT departments. And their guys (as you can imagine) are very, very good, but there are lots of smart people outside of Google.

So they collaborate with the academic research community and the security community. They’re published over 160 white papers on security.  

If you don’t believe any of the claims I’m making, Google was the first company to have a bug bounty program.

Hey, if you don’t believe that their security is so good, you’re welcome to try and hack it yourself.  

Conduct your own penetration test. You don’t have to call me. If you can find something interesting, Google has money for you. It can make you famous, give you a swag T-shirt, and, if you do something really impressive, maybe even a job.

This is the proof that’s in the pudding. I was talking with one of the head security guys at Google and he was mentioning that six of their large customers in the last six months conducted penetration tests against Google… with no results. 

A government customer for Google in Australia, in the military, was talking about the security of their network. Google proposed, “Well, let’s run a pentest on your network and mine. I know who’s going to come up on top. And this can be part of an evaluation.”  

This is not being cocky, but it is saying there’s a difference between perceived security and actual security and that Google is interested in actual security.

Of course, it wouldn’t be any fun for Google just to say, “Come try and hack us” if they didn’t try and hack other people.  

So they have a team called Project Zero.  

This is where they’re hacking their friends in Redmond and their friends in Cupertino. Of course they’re nice, not bad guys.

So when Project Zero finds vulnerabilities, they tell them about it. But the only catch is that they only give them 30 days to fix it.

Now for Google, 30 days is a very long time. For some of Google’s competitors, 30 days is not near enough. And if they don’t fix it, Google shames them publicly about their security vulnerabilities, and releases it to the press.

So, that entices the companies to do the right thing.

Now, the reason that they do this is not to be mean. It’s their philosophy that if the cloud is not secure for everyone, then it is secure for no one.

So, we’re all better off working together. Now, the way in which Google runs their infrastructure makes them very agile with security.  

And when I’m talking about agility, you could think about a zero-day attack. 

So, if there’s a new zero-day attack, what do you have to do today? Well, it has to come out, and it has to be discovered. After it’s discovered, you’re going to go and work with your AV vendor.

You’re going to say, please give me a fix. They’re going to develop a fix. They’re going to give it to you. Then you’re going to have to distribute it. You’re going to have to install it. You’re going to have to go through all this. How many days have passed already?  

But you’ve already been taken. The Chinese are in and out.  

Since Google is the world’s largest email provider (with over 900,000 active accounts), they have to be ready for zero-day attacks.

With AV and vulnerability scanning, Google has multiple layers. In addition to that, there’s a company out there called VirusTotal. That’s a Google company. Their sole reason for existing is to facilitate the identification and addressing of malware and threats.  

Now, in that same zero-day attack scenario, there’s a new zero-day attack, it attacks a Gmail user in Mumbai. Not only can Google protect that one user in Mumbai, they then immediately protect all other accounts in real time. 

This is the speed you have to move at to stay ahead in today’s world. 

Google can actually prevent incidents before they even happen now.

You guys heard about the Heartbleed SSL vulnerability? That was a big one last year. The POODLE SSL exploit? Google discovered all of those.

So, before they were even announced, Google was patched and fixed for those vulnerabilities over their entire platform, network, and user base.  

Google’s not always going to be the first one to find a bug. But, because of the way that they run their infrastructure, when it’s fixed once, it’s fixed everywhere.

This is the only way you really have a chance to stay ahead when it comes to cloud security.

Click here to read part 3/3

Agosto Invests in Best Practices for Cloud Information Protection

Agosto has good news to share! CloudLock, the leading provider of information security applications for enterprises using the cloud, has recently certified a number of Agosto employees through the CloudLock Champions ProgramTM. We at Agosto already know our team members are talented in their respective areas, but having a partner invest in training and certification in companion technology that will benefit our customers is a huge bonus. Agosto’s CloudLock Champions to date include Lindsay Dubin (Friefield) and Andrew Boushie, both in Sales, and Thomas Blade in Technology.

As early evangelists of cloud computing, Agosto is recognized for its vision of how IT can provide a competitive advantage for its clients. This trend continues by offering CloudLock, the best practice for enterprise information security. Through a program of training and communication, CloudLock ensures that its partner Champion candidates, like those from Agosto, get what they need to educate customers on information security best practices (Sales) and administer information security thought leadership to customers (Technology). Champions are required to put their information security skills to the test in order to receive the Champions badge of honor.

The CloudLock Champions ProgramTM differentiates Agosto with advanced knowledge of CloudLock’s offerings and provides many benefits to our customers. Agosto employees work hard to become our clients’ trusted advisors, and this is evident by efforts to become experts in CloudLock’s leading information protection solution. The core of the CloudLock Champions Program empowers Agosto’s participating team members to articulate the need for information security, allowing customers to take full advantage of their Google Apps ROI, to accelerate cloud adoption in general and to protect sensitive data.

With CloudLock’s investment in their Champions program, Agosto is better equipped to recognize information security needs, for instance, if a client must be in compliance with PCI, PII, or SOX regulations.

CloudLock is the leading provider of information security applications for enterprises using the cloud. Companies are moving sensitive IP, customer and employee data into the cloud. That data is vulnerable if no safeguards exists around how employees are handling it. The largest organizations in the world trust CloudLock to protect their data. If you’re interested in learning more about CloudLock, visit cloudlock.com or contact info@cloudlock.com. You may also contact Agosto.

Agosto and Axcient Partner to Provide Managed Business Continuity

Agosto, a top Twin Cities managed services provider, has selected Axcient as our backup and disaster recovery partner.

With industry-leading IT solutions, together Agosto and Axcient provide best-in-class Managed Business Continuity support with the simplest to use, most reliable, instant cloud recovery solution available.

Make the switch with Agosto to the award-winning Axcient solution and receive 20% off when you move to Axcient from any of these competitors: Asigra, AppAssure, Barracuda, Continuum, Datto, Doyenz, e-folde, nScaled, SonicWall, Unitrends, Xilocore or Zenith.

To learn more, register for one of our informative webinars or call our sales line at 612.605.3520.

Agosto Sponsors Lifetime Fitness Lutsen 99er with Race Videos in the Cloud

Agosto was a proud technology sponsor of this year’s Lifetime Fitness Lutsen 99er bike race, providing a cloud-based video delivery system for participants.

Taking place in Duluth, Minnesota, the Lutsen 99er course winds through nearly 100 miles (a 39 mile option also offered) of beautiful forests along Minnesota’s North Shore. Beginning at the Lutsen Ski Resort overlooking Lake Superior, the race consists of road and trail that the organizers say has as much moose traffic as people traffic at any given time.

Agosto’s development team devised the race day video system, rendering videos via IaaS (Infrastructure as a Service) in the cloud, automatically scaling on demand as resources are needed. Participants were invited after the race to view themselves at various points along the race route. Using Google’s Cloud Platform, the Agosto team creates custom applications to help businesses improve efficiency and reduce costs.

In addition to the technology challenges of the day, Agosto CTO Irfan Khan, faced extreme weather challenges. Duluth and the surrounding area experienced the worst flooding in decades just prior to the race. Local roads and resources were severely damaged across the region, but businesses remained open and tourism was encouraged as immediate volunteer and official repair efforts got underway.

“This year’s Lutsen 99er was a fun but tough race, made more difficult because of the wet ground,” said Irfan. “Agosto is proud to be a race sponsor, with our developers bringing the race day videos to the cloud and to race participants. We’re also proud of the people of Duluth, who have been pushing through the damage to the area’s infrastructure, and we wish them the best.”

To learn more about Agosto’s core Google Apps or Google Cloud Platform work, or to talk to us about how we can help your business, contact us.

Agosto and Google Ready for Business in Canada

After a lot of planning, scouting and strategy meetings it’s official: Agosto has opened its Toronto office and the company is the first Google Apps Premier Enterprise and SMB Reseller to establish a local presence in Canada. Over the past few months, we have co-hosted several events with Google in Canada, where we have heard about the opportunities for a company like Agosto to provide both a strong partnership for Google Apps migrations and deployments. Agosto’s managed service experience, spanning over 11 years, also uniquely positions Agosto to help create new and more cost-effective mobile apps, cloud-based services and solutions for our clients.
View Larger Map

Speaking of clients, as a Premier Reseller of the Google Apps suite of communication and collaboration tools, Agosto already helps companies in Canada including The Second City, to successfully deploy and use Google Apps. At Agosto, we serve clients of all sizes, from CIOs of the largest companies to the volunteer IT staff at small non-profits. A recent complex project included the migration of over 17,000 employees from Microsoft Exchange to Google Apps, with employees located in 41 locations across four continents and training for users in eight languages. Agosto is pleased to be able to offer a high level of service to Canadian businesses.

Our new office is located in Suite 2500 of Toronto’s beautiful Eaton Town Centre at 1 Dundas St. West, Toronto, ON M5G 1Z3, Canada. You can reach Agosto at sales@agosto.ca. Send us a message and let us know what IT projects have been lingering on your plate that you’d really like to see through, and let us lend a hand.

The Agosto Team is excited to be in Canada. Look forward to meeting with you soon at one of our events.