Google Apps has four compelling metrics for the small business owner.
    
1. Its cost is extremely low as compared to a solution that you’d manage on your own. It scales to your needs, where you can add and remove users/cost at your own discretion.

2. Every Google Apps user gets 30gb of email and file storage in Google Apps – an     extraordinary amount of space for the cost.
    
3. Google Apps enjoys “six-nines” up-time: Google is online .999999% of the time during the year. That means that the service goes down for, at most, two hours out of every year. That’s better than “five-nines” up-time which is an enterprise computing standard. Google Apps is extraordinarily reliable.

4. Control. We can control the security and the user experience with Google Apps from one centralized point, protecting your employees, your customer, and your company’s intellectual property.

A Google Apps for Work Reseller and Partner since 2008, Mickler & Associates, Inc. is uniquely qualified to assist small and large companies moving to Google Apps for Work. We've helped hundreds of companies and more than 2,200 users all across the US and Canada.

Want to know more? Just ask! Heck, we don't charge anyone for the privilege to learn how we can help their business. Thanks again for your time. 

If you're moving or transferring files from one user to another within a Google Apps domain, that can be accomplished using a transfer tool within the Admin Console.

And the bad news: if you're moving or transferring files from one user to another outside a Google Apps domain, there is not a native tool for that function.

However, there is a work-around. Here's how it works.

• Let's pretend you have user@domain1 and user@domain2.

• You want to move (change ownership) of files from user@domain1 to user@domain2.

• In the user@domain1's Drive, create a folder called INBOUND and share it to user@domain2.

• In the user@domain1's Drive, copy or move all of the content you want to move into the INBOUND share.

• In the user@domain2's Drive, find the INBOUND share and make a copy the file.

• The copied file is now owned by user@domain2.

• Unshare the INBOUND folder in user@domain1's Drive.

Now, all of this sounds pretty cool until you notice two things:

1. Google Drive doesn't have a native way to copy a Folder. What an oversight?

2. Google Drive appends a text string of "Copy of" in front of the file. Very obnoxious.

Low, another work-around.

• In user@domain2's Drive, create a new Spreadsheet.

• Add an Add On called copy folder. You'll need to search for it and grant it permissions.

• In the spreadsheet, select the Add On copy folder.

• The UI is pretty simple: select the INBOUND folder and process.

• The script will recurse through the INBOUND folder and make a duplicate of it; it will also recurse the subdirectory structure and re-create subdirectories.

• The copied INBOUND folder will now be owned by user@domain2.

• You can now unshare the INBOUND folder.

A couple of notes on the copy folder add-on.

• It's not perfect. Expect it to crash on long recursive processes.

• I think the "breaking" of recursive processes may be due to ownership rights of objects within the folder being copied - but I'm uncertain at this point.

• Instead, try to break down your copying process into batches - handling sub-directories separately.

One day, maybe ... soon? ... Google may feel nice enough to create a means of copying a Folder within the web user interface. Then, one day, by the Grace of Google, we could assign ownership rights outside of a Domain to another Google Apps user. But until then, I offer these work-arounds.

R

Cryptoviruses are malicious software programs written to deny a user access to their files. They're usually downloaded as an email attachment. If executed, they seek the hard disk for user-generated content (Excel files, Word docs, txt files, PDF files, etc.) and encrypts them; that is to say that the program scrambles the data and makes the file totally worthless.

That's pretty bad. Still, what's worse is that the virus doesn't stop looking at files on the local hard disk. It will also encrypt whatever it can on a network file share, or, an attached USB storage device (like an external hard drive).

When the user tries to open up the content, the virus may even display a message requiring the user to drop money into a Paypal or Bitcoin account as a form of ransom. Further, trying to open up the content may trigger the virus all over again as to re-process encryption on new documents.

Here's the deal: there's virtually no recovery from this and it's really bad juju for the small business. Even local backups against locally-attached USB hard drives will be affected. And it's not like this stuff is going away. These kinds of attacks are only going to increase this year.

Cryptoviruses represent an enormous threat to small businesses because they usually don't have the expertise to recover their files quickly, and, a complete loss of their files is an absolute loss of intellectual property. Hopefully, they won't actually pay ransoms because it only encourages more malicious software, and, they're helping to fund the virus-writers.

The files affected by a cryptovirus will be utterly lost unless:

1. The user has enabled a shadow volume on their Windows computer and/or server with sufficient drive space to go back in time x-number of days prior to the infection. 

2. The user/firm has deployed an online backup product. The online backup product has copies of user files securely on another computer outside the network from which backups can be recovered.

The situation is pretty bad if neither of these options are available to the technician attempting to recover this data.

In my opinion, there's a range of controls that need to be implemented in order to help safeguard small businesses from these devastating forms of malware.

Administrative Controls: Small businesses need strong policies controlling user behaviors, especially surrounding the use of USB (thumb) drives and personal email systems. Thumb drives bypass our Technical Controls and place a file directly on the system; private email systems cannot be monitored and filtered, and stuff transmitted across them can't be controlled. Users should be prohibited by company policy from using these kinds of technologies on work assets; if they want to check personal email, they should use their own phone. Finally, training: users should be trained on how to spot errant programs and suspicious attachments and taught not to open them.

Technical Controls: Certainly we can implement Technical Controls that prevent the user from using USB sticks, and, from accessing private email accounts (like filters on our firewall). We can also implement strong filters on our corporate email service to help screen viruses and spam. We can use modern web-based mail systems that prevent downloading of suspicious attachments. We can implement antivirus on our workstations. We can set mandatory shadow volume settings on workstations and file servers. We can centralize file management to a single set of repositories (like a server or a NAS appliance). And we can implement an online backup product against those repositories to allow for offsite recovery.

I help my clients with many of these things as a strategy for countering cryptovirus threats. I help my clients:

• Develop Administrative policies and procedures to safeguard their IT assets

• Implement the Technical Controls necessary to execute their Administrative directives

• Audit the system and implement corrective actions to ward against evolving threats

The threat of cryptoviruses isn't insurmountable. They can be planned for. But that's just it: they must be anticipated and planned for. If their risk isn't managed, there's nothing that'll help the small business if they're hit by one of these attacks. Recovery is very difficult if not impossible.

R