Google is bringing the best of their products and cybersecurity partners to help protect against malware, phishing, ransomware, and other cyberattacks. Google Cloud's Work Safer program enables public sector organizations to securely collaborate and communicate in hybrid work environments.
Speaker 1: On behalf of Google Cloud and Carahsoft, we would like to welcome you to today's podcast focused around Operation Work Safer: Eliminate Threats and Protect Against Cyber Terrorism, where Michael Shenk, Work Transformation Lead at MediaAgility Benjamin Shenk, Google Workspace Specialist at MediaAgility, Katie Tobin, Workspace Innovation at Google Cloud, and James Ferreira, Workspace Specialist at Google Cloud will discuss Google Cloud Work Safer Program.
Benjamin Shenk: As we get started, just to kind of tag on to the introductions, I'm sure everybody has now heard of Carahsoft, and is familiar with Google. But I want to take a moment to introduce MediaAgility. MediaAgility is a premier Google Cloud partner, as well as a Google Cloud MSP managed service provider, we have specializations across the board. And ultimately what this means is that, as Katie and James and their team works to create fantastic technology, they then look to partners like MediaAgility, to be the hands and feet that help deploy and help public organizations optimize a lot of those tools that are robust and powerful when used correctly. So we're the folks that provide that white glove service for agencies such as yours. With that you're going to hear from Mike and myself today. But this is just one small part of the MediaAgility. Team, we are backed by over 500 plus, Google Cloud certified engineers and have specializations across the board. Further well, today, we're going to be talking a lot about beyond core workspace enterprise and the rest of Google's work safer tools. Security is a core tenet of MediaAgility is offerings. But we are also a full service public sector partner, working with Cloud maps, workspace, Chrome, and providing custom solutions. So if there's anything that strikes your interests here today, know that we can likely serve you there as well. As we get started, I want to really focus on security. And as we do, I want to ask you for just a moment to imagine your perfect morning. Maybe this is 7:30am. And you wake up without the alarm, you're able to start some coffee and get moving on your day. You already know what is lined up for work, you know that your team has everything in order. In fact, the last Friday, you cleared out all of the helpdesk tickets, and you know exactly what today it has in store. Now, I want you to imagine Jeff's morning. And of course, Jeff, we have changed names to protect the innocent here. But Jeff is a very real person in a very real story, although his name is not actually Jeff. But it was 2am when he first got his call, not the 730 Wake up he was hoping for and the first few times his phone rang, he actually let it go to voicemail figuring it was spam. Because even if it was work, it would likely wait until morning. However, on the third call, he figured out that something had to be up he answered the phone it was the executives voice telling them that they're going to critical IT failure and he needed to get on site to assess the damage ASAP. On arrival, it became abundantly clear that the issue was far wider reaching than he had imagined. Everything that even tangentially touched their IT systems were down, workers were locked down because their key cards no longer worked. Maintenance hadn't showed up yet. So everybody was just milling about waiting to get in. The machinery, meanwhile, was at a complete halt with millions of gallons of product spoiling in front of them. They couldn't even flush it to clean it out and keep the machines moving because their waste management facility was also locked down. After a quick call to the heads of the IT departments at the company's other plants. Jeff quickly realized that this wasn't simply an IT failure as the executive accounts it. This was his worst nightmare. This was the exact thing that he had been warning leadership about for the past two years when his team conducted a vulnerability audit. This was the result of a long, premeditated ransomware attack. The fallout for the business was significant millions of dollars of inventory were last lines were down for nearly two weeks, and key customers at that point were demanding to be released from the contracts. On the IT side. Everything seemed to have been touched by the hack. And while they are able to use their disaster recovery tools to get most things back online. It was estimated that Jeff and his team had over six months of work ahead of them just to get all the endpoints safely back online. The unfortunate reality is that the scenario Jeff faced is not an isolated incident. It is a universal threat facing businesses, individuals, and in today's climate is especially prescient for government agencies. In the last year alone, the average cost of a data breach has increased by 10% to $4.6 million. Again, that's on average. Of course, there's smaller ones. And of course, there's more massively large ones too. Moreover, these take nearly a year to identify and contain a typical breach. On top of this cybercrime is no longer something that is discussed just in a cybersecurity website, right for a niche audience. It has now solidified its place in the world's daily vernacular, as it has become a regular front page feature in the news with headlines seen, and consequences felt worldwide. Moreover, the nature of cyber threats has fundamentally changed. With a remote workforce endpoint, every employee and every patch presents a serious vulnerability. And it's no longer lone wolves looking for a nice payday. We are now facing many state backed groups, targeting data and access points to key infrastructure and economic drivers appointment all the more clear about the current struggle we're seeing in Ukraine. Cyber security is no longer a best practice or a nice to have. It is now a matter of national security. And I'm sure that's why we're all here today. Changing threats requires a more robust, a more proactive, and Zero Trust approach capable of staying ahead of the bad actors, and avoiding critical vulnerabilities like manual updates and patches. The good news is that these type of tools aren't a pipe dream. And together with specialized deployment partners like MediaAgility, Google has made these tools available to the public sector, through a new suite of security tools collectively bundled through Google's work safer offering. Over the next 15 minutes, you'll learn about some of the best practices of these tools that organizations have implemented to proactively protect their users data and infrastructure from cyber terrorism, then you get a chance to take a look at the tools themselves, as Katie and James walk through them. So to kick things off, I want to hand it over to Mike from our team to share how one team is protecting their organization by implementing BeyondCore Zero Trust framework. Mike.
Michael Shenk: Thank you, Ben. So really get us started, I do want to start with just a little high level, what is beyond core what is Zero Trust just to make sure we're all on the same page. And the traditional approach to security has always been to secure the perimeter, keep all of your confidential information and users within the perimeter and repel attacks from within the confines of your firewalls. COVID has officially breached the perimeter leading to a very acute need for a more modern Security, Architecture and ethos. To top it all off. Shifting from the perimeter made things easier for cyber terrorists targeting remote employees, and it vastly increased the number of attack points available to them. To exacerbate that situation, we've seen a very significant increase in the number of large scale phishing and ransomware attacks. And as Ben mentioned, they're targeting major segments of the US infrastructure and shutting down portions of our economy. These aren't the phishing attacks, we used to see just trying to get a few three iTunes gift cards. These attacks are highly sophisticated, targeted, and they're being executed by nation states rather than small time hackers. These are just a few of the reasons that our clients are turning to beyond core with Google workspace to protect their users, their devices, and most importantly, their data. Our clients and really government agencies overall are choosing to adopt the beyond core Zero Trust approach with Google workspace. For the ease of deployment, administration training, and the reliability that comes with Google. I want to share one story for you, that goes a little bit deeper into beyond core from a high level and its application in the wild. Due to the nature of our business and our security conversation today, as well as just good old fashioned NDA. We are going to be doing this dragnet style. So the names have been changed to protect the innocent. And in this case, and for the sake of continuity, I was working with Jeff. He's the CTO of one of my clients managing 1000s of users across a widespread geography. And he's responsible for improving security operations across all org units. He like I'm sure a lot of you on this call had a lot riding on his data security initiatives. And during the initial chaos of the pandemic, Jeff had been able to really string things together as issues came up, but I'm sure you can imagine what that led to. Some of you may have been in a similar situation, you know, just remember back to March of 2020. It was chaotic. But we were all adopting new technology rapidly just to keep operations running as smoothly as possible. It was rough to put it very lightly. You fast forward to one year later, and we had seen some of the dust settle, we learned how to operate effectively, we let a lot of departments adopt their own tools to get more done. This rapid procurement cycle was absolutely necessary, and it absolutely created a much larger attack surface and added additional weak points and vulnerabilities. We also saw SAS budgets balloon and become a bit of a rat's nest that needed attention. This is exactly what Jeff was working with, picture your own environment and really consider what your objectives would be. For Jeff, we focused on his key objectives at a high level and found the right framework and solutions that worked for him. Jeff top objective was at the time, in essence to extend the perimeter. His private network had been the safe space for users and his data. How can you build that same level of security outside of your firewalls. He also needed to ensure data sovereignty for all employees hybrid remote and on site. Phishing attacks had also reached an all-time high, it was imperative that the end user be protected from phishing attacks, and in essence from themselves. And last, but certainly not least, how can organizational security then be extended to contractors and seasonal employees who have high turnover? So for objective number one, we really had to consider the following. How can you trust the untrustable? How can you treat public Wi Fi like your secure private network, and due to the rising costs and support cases that were coming in? Can it be done without VPS this was the first hurdle and this is where beyond core architecture and methodology first came into play. In this case, the goal was not to blindly just trust the untrustworthy, but rather to design your security architecture as though nothing can be trusted. Basically, you're treating your internal network, like a public hotspot at the airport. Trust nothing, trust no one. Don't set your laptop down on that sticky spot at the Wi Fi bar. We were able to demonstrate how beyond core enterprise and Google workspace enterprise allow you to provide secure access to confidential data through context aware access controls, browser security and sandboxing and AI ml deep scanning of data of drive data triggers to ensure no accidental nor intentional loss of confidential data. Your users could be on the private network at the Pentagon or the public network at Starbucks and their data remains completely secure. Regardless, these solutions are cloud native and browser based no need for VPN at all. And with secure SSO and SAML authentication and auto provisioning, the user experience was improved and significantly reduced support tickets, the perimeter in essence was eliminated safety and security was extended to all networks. Objective number two, expands a bit on Jeff's first priority. With the safe space extended to all corners of their geography, the focus was put on data sovereignty across all locations and end users. Jeff, like a lot of you I'm sure had to follow some very strict compliance policies. Just think about your own environment, you know, how can you ensure proper access to confidential information regardless of your end users geography or the location of that data. And working closely, we again took a page from beyond core and we put the focus on content compliance, data loss prevention and encryption. By following the methodology beyond core and within that framework of the work safer tools, confidential information had very strict access controls, retention periods, and advanced proactive measures in place for compliance. By leveraging beyond core server and the AI and ML power Decision Engine, we establish content compliance rules for all mail and all data sharing events. The tools within beyond core workspace enterprise and the work safer program allowed Jeff to establish proactive compliance and data loss prevention rules to ensure the proper encryption of communications, as well as blocked the sharing and sending of sensitive data before it ever leaves their secure cloud environment. Jeff's third objective was amplified by the continuing growth of cyber terrorism. There was a substantial increase in phishing and spoofing attacks being reported and unfortunately also being clicked or forwarded by their end users. We need to do identify a way to significantly reduce phishing attacks and ideally, to limit the human element that attackers prey upon in these phishing and spoofing attacks. The reality was it no matter how well educated and users were around, you know, HTTPS, or whatever it might be. They were still at risk of phishing that taps into human nature. How could we stop phishing before employees ever see it? How can we further ensure that ransomware is not getting through end users? Jeff had some really fancy and rather expensive mail filters and yet still had regular phishing emails getting through. What we did was we ran some comparative tests, ran some analysis, and ultimately implementing secure sandboxing within Gmail and Google workspace to stop malicious links and attachments. Through the workspace Enterprise Security Console, were able to utilize the constant scanning and reporting on the security dashboard and leverage the investigation tool to quickly identify, isolate and mitigate any suspicious activity that was surfaced. Finally, with just internal employees secure and those objectives reached, the focus then shifted to the very large number of contractors and seasonal employees who were constantly onboarding and offboarding. Support was becoming unwieldy, to say the least and really took up way too much bandwidth of an already shorthanded IT. Ideally, they wanted to move to a bring your own device or BYOD for contractors to reduce that overhead and the workload, but their current setup, let them vulnerable on unmanaged devices and endpoints. We worked with Jeff to approach this issue within the framework of beyond core and the seamless integration of beyond core enterprise with Chrome. By following beyond core methodology and leveraging chrome you can make unmanaged devices function like manage devices. So picture this, if you will, you onboard a contractor in the admin console, place them in the respective Org Unit, issue their credentials. Now they sign in on their personal device using Chrome and beyond core strictly enforces access control for all of their applications, data, file, shares and more. When it comes time to offboard, you disable their account. Beyond core enterprise workspace enterprise and the seamless integration with Chrome made the process simple and secure. So imagine the time savings and cost savings you can realize by implementing this in your environment. How much time could be saved by eliminating imaging and deployment, local installs delivery and logistics and there's other manual headaches that we've all had to live with. By putting the focus on security and progressing toward Zero Trust environment, Jeff was able to quickly and effectively accomplish his key objectives. The results have been positive across the board, phishing emails. Ransomware threats are at an all-time low. Jeff's team's bandwidth is an all-time high. I recently was able to connect with him and ask Jeff to identify what is his number one benefit as a result of adopting beyond core and the work saver tools? My expectation was, it's going to be cost savings or ease of use. His answer was a bit revolutionary, maybe you look at it from a different light. For Jeff and his organization, the greatest benefit had been in developing a far stronger culture of security across his team and the rest of the organization. Ports on firewalls don't open themselves. An admin does that phishing and ransomware emails don't proliferate to all of your users on their own, someone clicks them or forwards them cyberterrorism plays on the human element. By implementing beyond core enterprise with Workspace enterprise, Jeff was able to reduce the human element and most importantly, it got everyone thinking differently and more proactively about security. Beyond core Zero Trust is the methodology. Beyond core enterprise workspace enterprise Chrome and the entire work saver suite are the tools that really allow you for that quick and easy implementation. workspace enterprise plus is the keystone to the work safer program, in my opinion, and Ben is going to take a much more focused look at how the applications within workspace enterprise combined to provide you with best in class security. And that ease of use we've come to expect from Google.
Benjamin Shenk: Thanks, Mike. Yes, Jeff's story does a great job of showing us the what and the why behind Google's Zero Trust security framework and tools. Now as we dive into Google workspace enterprise security, what many would consider sort of the backbone of this, we're going to take a more granular look at how organizations are implementing these tools in their day to day operations. To do that, we're going to stop beating up on Jeff and instead we're going to talk about our client, Doug. So when we met Doug, he was the senior director of an of it for a rapidly scaling healthcare automation and biotech company. When we first spoke to him his purpose was clear He needed a set of tools that can keep up with the organization's rapid growth, and uncentered alized hybrid workforce. Right off the bat, he knew that the team needed better tools to facilitate real time collaboration, communication and document creation, and Doug's own words. He said, they needed the right tools to get work done, effectively, efficiently and important to our conversation today, securely. And to put it simply, their legacy system was failing to deliver on these desires and causing serious hesitation, as well as real concerns on the security front. Now, most of Doug's team had used Google workspace in their personal lives, they have Gmail personally, they've used these things for planning family outings and collaborating with friends for fantasy drafts, and nearly all of their new hires had used it during their university years. So the fact that it was both familiar and easy to use is what initially prompted Doug to reach out to discuss Google workspace as a possibility. However, it wasn't long before we realized that what the organization truly required was more than a typical productivity suite, more than slides and worksheets and, and administrative tools that come with it. You see, they were in an industry where all of their peers were under threat, they had seen several of their competitors go under due to intentional and unintentional data breaches just in the past year. At this point, data security was not a nice to have. It was an absolute must. And the rapid scaling of his team also meant that they needed to simplify their systems. They were frustrated with their bloated it and the disconnected nature of third party tools, and ultimately held them back from using them correctly. So not only were the functions limited, but the human element of managing them was also causing some issues. Because the organization was headquartered in a metro area, remote work and hybrid work was here to stay after COVID. And so they were constantly wondering how can they actually protect their endpoints as well as their users, both from others and from their own bad habits. Moreover, they needed a solution that met with the strict compliance and data retention requirements that were local to their industry. It was a tall order. And of course, Doug was not shy about one other major determination. And that was his budget constraints. When he took his role originally, he told us that he had been tasked with reducing the team's bloated IT budget. And at the end of the day, they needed all this wrapped up in a solution that would ultimately save them money. So we got to work. And we defined four operational security objectives. These are the non-negotiables that the team required in order to operate efficiently and securely at scale. First, they needed to secure all sensitive data. Second, they needed to prevent, detect and remediate all malware threats in one single place. Third, they wanted to protect their users as well as their endpoints. And finally, they wanted to ensure that throughout the entire process, absolute security and compliance was in place for all of their communication, and storage. After our conversation, we went ahead and set Doug up with a test environment so that he and his team could put Google workspaces tools through the ultimate stress test, so that he could see if you can get all of this in one affordable and intuitive set of tools. In doing so, we helped him configure some specific solutions to reach his operational objectives. I want to walk you through some of those here today, taking again, a more granular approach to some of these tools. So to secure all of their sensitive data, the approach that we took working with them was twofold. One was to prevent data exfiltration with proactive data loss protection rules, and to protect their intellectual property with new intellectual property protection capabilities. So for Doug's seem, they needed protection in every crack and crevice. This meant covering email, Cloud Storage, document creation, as well as chat, and even their browsing. And given the nature of this work, they also needed to protect any proprietary or confidential data in situations where they might be sharing this or presenting it to external partners. And so using logic driven rules, we enabled Doug and his team to detect and label all data in their environment based upon its sensitivity, again, using the tools native to Google workspace in the admin console. Then they implemented automated actions to actually use those labels to prevent sharing any of that sensitive data. The end result was an environment wherein anytime on any device and using any Google workspace application, sensitive data could be barred from being improperly shared. And any concepts communicated to external parties partners included restrictions to the ability to download, copy and print to protect those intellectual rights. The next objective we approached was to prevent, detect and remediate malware threats. Now, the reality was the ducks team had already had a malware protection service in place. However, in practice, this legacy platform was failing to impress. Because it was a third party tool, it meant having to access data and finding reports in multiple places and can be toilsome to monitor as well as administer effectively. Looking for a single pane of glass, he turned to Google workspace, and we were able to help him set up a command and control center for all things email security. at the ground level, this looked like activating Google workspaces secure sandboxing, when every email that comes in if there is an attachment, Google detonates, that attachment in a secure sandbox environment to make sure that there's no bad scripts or any anomalous behaviors taking place before passing that through to a user's inbox. In addition, this included activating advanced pre delivery message scanning, as well as attachment and link components rules so that he could pull attachments and links out so that their users didn't even have the chance to accidentally click those if there was anything anomalous about them. On top of emails, existing spam, phishing and spoofing detection, this provided around email security solution for them. But more importantly, they're able to set up that single pane of glass, that command and control center using Google workspaces security dashboard. This allowed them to see everything that was happening within Gmail, any phishing attempts, any spam, what was coming through, that might trigger any of their data loss prevention roles, or even taking a look at user access rules. It was a kind of a broad set of alerts and visibility into that data. And with the investigation tool, they're able to take action and remediate those threats all in one place. In addition from that admin console, they're able to create automated reports and activity rules, so that at the end of the day, they can actually have a service that is doing the work that they used to have to do themselves, freeing them up to do things that add more value to the organization. Ultimately, Doug and his team were able to rip and replace their previous tool, simplifying their work while extending their capabilities through the Security Center. Their third operational objective was to protect their users and endpoints. Specifically, they wanted to be able to on mobile devices protect their Android and iOS users, ensuring that every device has screen locks is password protected, and that when a device may be lost or compromised, they're easily and readily able to lock or wipe that device remotely. Again, as they kind of bounced around the idea of boot of BYOD. They want to make sure that this was something that would be flexible, but robust. Moreover, they wanted to make sure that they can limit some of the apps that their users are utilizing. And so we were able to set all of this up through the native mobile device and endpoint management rules found within Google workspace. On top of this device management, they also wanted to extend their security from their devices to the users themselves using context aware access. This is extending Google's Zero Trust to their users. This is able to limit the access based upon the user's geography, the operating system that they are using, is it outdated. The device registration is this a device that is registered with the organization or you bombing a friend's. And they're also able to push users through a secure browser such as Chrome to make sure that anytime they're surfing the web, it's with sandboxing built in. Ultimately, we were able to utilize these two tools to protect their users from their own forgetfulness, and bad habits, like leaving your phone somewhere or jumping on public Wi Fi because it's just a little bit more convenient. We could stop that we can be proactive, and allow this this security to almost be invisible to the users while protecting them all the same. Finally, we addressed compliance and security. The first thing we tackled was data retention. And this was very simple using Google Vault. For them. They needed to keep all of their data for seven years that was known that was clear. They needed to have a clear trail that they could easily Look into should there be any reason for eDiscovery or any other reference, we were able to set that up using Google Vault so that everything that went through their email, their cloud storage, even chat was going to be retained for that time, no questions asked. Further, they wanted to make sure that you know, all of their data was encrypted and safe. By default, Google workspace encrypts everything in transit and at rest. And we were also able to work with them to enable additional s mime encryption for their emails, as well as pairing that with confidential mode so that if there's a, an important email that is sent, you can actually have that blocked by or password protected by a phone number, or a two factor authentication, I should say. And also have that expire after a certain period of time. Further, they were very mindful of where their data was stored. And so with Google workspace enterprise, we were able to set up data regions by organizational unit. And we also began rolling out client side encryption. This meant that for Google workspace, core services, their data was doubly encrypted, even to Google. It's Google's kind of saying, Hey, if you guys want Zero Trust, you guys don't even have to trust us take the reins encrypted all around. And all of this was done while maintaining the highest levels of compliance for their industry. In the end, Doug's team was able to consolidate, simplify and secure their users. And in doing so, they're able to save an estimated $480,000 per year by replacing all of these bloated third party tools. Now, admittedly, not everybody may be using the same suite of tools that they had. But I would not be surprised that if for most of us after 2020, there's some areas that we will be able to consolidate there. That's what we were able to do for Doug's team. And now, as we've just talked about the backbone, Google workspace enterprise, this might be the front line of defense. But to cover our flanks, there's a handful of other tools that we are currently utilizing through the Work Safe Work safer offerings. And to introduce those, I would like to now kick it over to Katie, and James, from the Google team, to talk about some of the other work safer offerings.
Katie Tobin: Hey, thank you so much. We're thrilled that you're here spending the hour with us. And if you've been paying attention, you should probably be a little bit scared right now, especially if your name is Jeff. And just thinking, wow, especially right now to be watching the news. Cyber-attacks are even more top of mind than usual. And what would you do if you got that call? You know, I from government, before I joined Google, I worked in the government for my whole career. And we always had this tension, I'm sure you've experienced this too, between what is safe, versus what is efficient, right. And so if you did everything hard copy, that is really hard to hack. But who wants to do that? Like, we don't want to go back to the 80s. You know, like, I know, 90s Fashion is back when 90s technology should not be. But then you know, people will think well, we use email, it's an easy email for using public Wi Fi for using bring your own device, then what happens? Is it really safe? And I mean, the good news is you don't have to compromise anymore. You can have it all, which is just such a really. And so we were talking earlier about workspace. And hopefully that's a tool you all know and love. You know, that's Gmail, that's calendar, that's Meet, it's what we're using right now, you're already using workspace, we talked about work safer, or sorry about beyond Corp enterprise. And you know, as a liberal arts major, I can tell you that I use it every day. And I don't have to think about it, which is great. I just know that it's there to protect me and keep me safe. And they're, as they say, an industry. But wait, there's more. There's some other tools that are also here to protect you as part of work safer. And again, they are they're just as easy, right. And so James can kind of walk through those and give some examples and some context about how they're used. We're really just want to, you know, reiterate, we're throwing a lot of information at you. You do not have to take frantic notes on everything or make the flashcards or whatever, just remember that these folks have your back, right? Google safe, secure, gonna save you money. Carahsoft wonderful partner, MediaAgility. Wonderful partner. So all you need to do is save the contact info, the people who sent you this and follow up with them, and then just sit back and enjoy the show. And I'll hand it over to James.
James Ferreira: Great. Thanks, Katie. You know, I feel like everybody else has already done such an amazing job of talking about the software. It's just a testament to you know, what Maisie partners Google has, and, you know, they're not they're their depth of knowledge in the products and how they're applied in the real world. So, you know, we brought out work safer, we are in an environment where, you know, there are attacks, that it's a real thing it's happening, it is something to be worried about, and at the same time, you know, COVID and Other things that really changed how we work, we aren't working in offices most of the time anymore. Most of the time we're working somewhere else, maybe it's at home, maybe it's, you know, your favorite coffee shop and things like that. But we are becoming very, very mobile and moving around, and how do we protect that data? How do we share that data with other people, without having to have people go in and buy specific software in order to be able to work with you, you know, some certain desktop installed software? How can we make that accessible to where you can still work with people, even if they're not on the same system and do it safely. Some of the things that you see with the increasing security lists or you know, things where we see local software that's running on the machine, it can be compromised, patches and updates, they can be compromised as part of the supply chain, email attachments continue to be a huge risk. And then just you know, things that are controlling stuff on premise stuff that's not well protected by 1000s of security experts that that look at it all day, every day. You know, those are just some of the area's the numbers, these are these are the numbers that are verified, we've got these for different third parties, 94% of phishing emails, they're coming through malicious attachments. That's a big deal. If you add security keys, I'll show you a slide here in a second. What that does, lets people stolen credentials, whether this is from hacking into a system and getting all the credentials off the system, or it's from different phishing type things in this office attachments, just uploading files and downloading files, that there's viruses in the in the attachments, these are real threats. And we see those play out and a lot of the things that you've seen in the news lately, they attacks, huge attacks, they're affecting, you're affecting 1000s of people and doing things like you know, shutting down supply, supply chains, and pipelines and things like that, that this this is a real threat that we definitely have to start doing. And that's why Google has invested so much time, and so much energy into making the systems that you're just seeing demonstrated just a few minutes ago, all those little safeguards, make a massive difference, a huge massive difference. And really, the way Google's approaching this is, everything's cloud first. Google has always been a cloud first company, we were born in the cloud, we've always remained in the cloud, there's still no local software installed on your computer, it works on every device, we're not going to change that. But we're also not going to allow that system to be compromised. And so we don't trust anything, no device, no person, everything is Zero Trust. In Google's opinion, we detect everything that comes through the system. And Google's footprint is massive. Gmail is five times the size of all the other mails, hosted mail services in the world combined. And we see billions and billions of emails every single day, we see it all Google system and its AI is learning from everything that it sees it touches, and is able to protect you in ways that were not possible just a few years ago with other virus protection software and things like that. And so we're really reaching out to do that. We have found that when you're using a security key along with a physical security key along Long with our system, that there will be you will not get hijacked, we have not had a single hijack an account at Google with its more than 25,000 employees. Ever since we started with security keys, our system is because it is has such a massive footprint, we're able to protect you from 99.9% of all spam and phishing attacks, you still need a key, that's the best, that's the best thing that point 1%. If you have a key, it becomes 0% chance you're going to lose your credentials or your access. And then also just reporting on ransomware. So no Chrome OS device has ever been affected with ransomware. There is zero reports of that. It is a very robust, very secure system. Some of the things we provide with the WorkSafe for program, of course, you've heard all about workspace and all of the controls to run everything that your technology touches. We're also introducing reCAPTCHA enterprise, or Pixel phone for enterprise is coming soon. Then we have beyond Corp for protecting all of the different apps and everything else that you may touch that are third party apps, things like that. We do offer that BeyondCorp. But they're the Titan keys I've mentioned a couple times. Now. If you don't have one, get one. They are the number one thing that can protect you from losing your credentials. And then of course, Chrome enterprise, which allows us to secure the Chrome browsers across all different devices. I also want to mention a couple of our partners that we have super tight integrations with Palo Alto, probably firewalls, you're already using Chronicle and cloud strike. These are these are things that are very, very predominant in the industry. And we work hand in hand with those.
Michael Shenk: Thank you, Katie. Thank you James for going through those additional tools that come along with the work safer offering and as you were talking James, I really was hoping I had my car keys on me, but I don't that's where my tightened security key is. I keep it on my keychain just like the fob that I use. Used to use to get into my office now, I don't need the fob for the home office anymore. And to really just sort of touch on, you know, the pricing, I don't want to really belabor the pricing point too much here. The bottom line is that if anything we've said today resonates with you. We also have the promotions and the flexibility to ensure that it works with your budget. So to activate the work, say for promotions, you start with Google workspace and one other offering. Most often what we see in the initial phase is it's focused on workspace enterprise and beyond core enterprise. And just with the promotions in front of you now, for an average agency with 1000 users, this equates to over $215,000 in savings each year just on licensing alone. Think about how that would look for your team, especially when combined with the decrease in support tickets and the increase in in, you know overall team bandwidth that you achieve as a result of implementation. And finally, I really just wanted to touch on next steps. You know, if you want to take a nice long look behind the curtain, so to speak, and see how these tools perform with regards to your specific use cases and environment. Please contact us we're here to help however we can by offering complimentary deep dive demos, security reviews, free trials with comprehensive mutual evaluation plans to really help you get up to speed and testing to determine if this is right for your organization. We're here to help you make an informed decision. And again, just like dragnet provide you with just the facts.
Speaker 1: Thanks for listening. If you'd like more information on how Carahsoft or Google Cloud can assist your public sector environment, please visit www.carahsoft.com/google or email us at google-sales@carahsoft.com. Thanks again for listening and have a great day.