From Startup to Scale-up: Cybersecurity Insights from a Director of Enterprise Technology
You know the technology. You know the industry. You know the structure you can sell. You can sell up and down the stack, like SMB enterprise. Like, he's you could run a team.
Max:Mhmm. Like, he's he's not he's not hurt at all. Yeah.
Neil:Was it the same when I when I sent you my resume and your ass, I was like, what are you looking for? And that's why I haven't responded back with something. Oh, it's a it's a real good question. This it's so broad. Right?
Neil:Like, there's security part, which I think that's where I wanna go. But I I realized, like, well, I don't have a single certification. Like, funny enough, my single certification is Windows Vista. You know what I mean? On paper, just like who is this guy?
Max:Windows Vista. Oh my goodness. How was the sabbatical going?
Neil:It's going good. Yep. The first month and a half was fine.
Max:Detox. Just
Neil:just detox and unfogging, like, the beauty, deleting superhuman, deleting Slack and all that stuff. But, you know, now that it's been, like, a one that half, it's like I'm driven to find something.
Max:You gotten twitchy yet?
Neil:Yeah. That's exactly what's happening.
Max:Yeah. I I think the goal is you gotta, like, push through the twitchy phase. And, like, when you get through the twitchy phase, right, then you're, like, you know, you're there. You know? It's, my win the lottery, like like, thing is just taking my cell phone and just smashing it on the pavement as hard as I can and then walking right into an Apple store and buying another one.
Max:But, like, it'll just be the act of, like, wow.
Neil:I would love to have this to, like, a Motorola Razr from, like oh, can you imagine? Just text and phone call.
Max:I've been looking at these devices for a while now of, like, the dumb phone devices. And that's the thing that really pushed me into wearing a watch Mhmm. More than anything else. Just to, like, leave the phone. We used to have a cell phone so family can get ahold of you, and I feel much better about that.
Max:Like, I can, you know, have a heart attack on the side of the road and still call on, like, one without my phone. I'll be full time. How long it's so so a month a half out there?
Neil:You're about too much now.
Max:So, I mean, that's the what next is an interesting question, though. Right?
Neil:It's interesting about Hector and John reached out last week with Would you come
Max:back? That's what they see.
Neil:I was like, maybe for this. I thought about it, but, you know, just because everyone I've reached out to, it's like, just got nothing. Nothing back. And what makes me nervous is getting into, you know, like, the holiday season. You know?
Neil:Especially with, like, elections and stuff like that. Like, no one knows what's gonna gonna happen with the market. So Mhmm. But where security seems like an amazing opportunity, it's like once we get into that IPO market, yeah, there's a necessity for for all that. Right?
Max:Security is such a strange animal to work with companies. And I've been asking this question for, I think, 4 or 5 years. You know? And predominantly, the company's building the product and selling the product of, how do you sell this to a company that's not buying? Right?
Max:Like, because it really feels like there's a it's a very binary divide. Right? Like, we're in the market for x. We need to go buy x or we have to solve y. Right?
Max:And if they're not in the market to buy x or solve y, like, how do you go through an education cycle? Like, you should have multifactor, or you should have it e, or you should have this thing. And I haven't found a compelling answer for that one yet. I mean, you've been on the inside of this for a while now. Like, selling to an organization, even from an insider standpoint of going up the stack and saying, hey, we need to have these things in place.
Max:It's not an easy, kill to climb. Right? Right.
Neil:Well, the obvious one is an external fact. Yeah. Right? But where I found about that too is finding value to it. Right?
Neil:Or like a sales meeting. It's like, hey, we have an RFP for a large contract. Let's get a how to date game so we can turn it fast. That seems pretty productive.
Max:It's, outcome. Right? You have to sell the outcome.
Neil:Exactly. Exactly.
Max:It's very difficult for, I think, a lot of people in IT to make that shift. It's we get so wrapped up in, you know, the sales speak is speeds and feeds. Right? But we get it's like the actual technical that doesn't really matter what it is. It's like, you know, storage or computers, you know, Internet or firewall or whatever it is.
Max:It's, like, always, like, a technical conversation around it because that's how it's presented, and that's how we we operate. But then you go and you try to talk to a nontechnical person, like, hello, this is CFO. Can I have $1,000,000 for what? You know, for this thing. What does this thing do?
Max:It's really awesome.
Neil:Console cost center. Right.
Max:Jeez. My my theory in this with security is kind of, I've used the term scar tissue now a lot of when there's enough scar tissue that builds up, then people will start investing in cybersecurity because they don't want to experience it again. And I don't I don't mean it like it's like, oh, my neighbor was just hacked, so I don't wanna get hacked. Or, like, I was at this other company and this company got hacked. Or, like, I'm on the board of here.
Max:We have an investment in this thing. You know, some kinda like maybe not even first degree, but more like second degree. Like, something horrible has happened, and so now let's buy these things and invest in it. Make sure it doesn't happen to us almost.
Neil:It's interesting, you know, even for our personal sites, like, how do I get EDR device?
Max:Yeah. Right.
Neil:So you can't get a single license of, like, SendAll 1 or CrowdStrike.
Max:I figured out how to do it.
Neil:Oh, you did? Yeah.
Max:Yeah. I figured out how to do it.
Neil:We'll talk about that later.
Max:Yeah. No. It's that's a really good point. Right? Like, you know, that divide for a lot of companies, it feels like you have to cross that, like, 100 to 200 employee threshold before a lot of this stuff actually becomes practical to go out and purchase and and a bunch of, I guess.
Neil:Is Defender okay?
Max:It's got a lot of the market at this point. I mean, we'll see. I looked you up on a LinkedIn before we did this. I was just kinda curious because we've known each other for a long time. And I wanna talk about your career arc for a moment.
Max:Sorry at the beginning, really. This is, you know, your Windows Vista certification days. Right? Yeah. So, you know, Neil, you started with your title as desktop support engineer.
Max:Right? But you started doing very classical, like, IT and help desk and end user support. And, you know, had a couple stints, you know, in that realm. And then really unusually, I think, in the tech space, long stints companies, almost 8 years, you know, with what became a Mobi over 5 years with video. I mean, this video app, these are these are long run.
Max:So I'd I'd love to hear more kind of, like, what got you into this and what those levels were where you felt like you really crossed the line and what that looked like for you.
Neil:Yeah. Work started off was quality IP, meaning which was, yeah, small MSP of Ken, Ohio, and I was just trying to get college credits. Mhmm. So I was working there as an internship, close friend, you know, probably under its wing, and we were basically providing support for everything from dentists to call centers. You know, basically, any company that does not have the budget for full time IT.
Neil:So that experience, I feel like, brought a lot of exposure to different types of Windows servers from 2003 into 2008, r two, all that stuff. So a slew of different firewalls. Right? And it kinda just got thrown into it, and I didn't realize at the time of what I was working on because I was just being exposed to it for the first time. And, you know, from there, I I always had this drive to Los Angeles, a bunch of family out here.
Neil:And once I graduated, I was like, oh, I'll just throw a couple feelers out there and see what I can get. And that jump happened to a company called Internet Brands. You know? People attend that type of software, I believe, and that, you know, just like you said, basic desktop support as servers, Blackberry, Golden Age.
Max:Oh, man, I have stories.
Neil:Yeah. From there, it just went from desktop support to for just other opportunities to get more exposure, going back to another local MSP here. Did that for about a year and then just managed to network and find a recruiter through a friend at, at Kone at Panetta, and that's really where I think the experience started to have long stints. It's a pretty much a bad ship. And I was just working my way up from there.
Neil:A lot of rapid growth, like, 2 or 3 m and a's during my time there from it was like a cone and interior to a Moby. So a lot of work churn on prem Microsoft Exchange to Office 365 to Google Apps in the span of 5 years to a lot of fairly big projects, which we outsourced at first. And by the time I finished there, to why are we outsourcing this? Will we again do it in channel? To answer your question of where the biggest jump happened was, you were you've heard a lot of this, the traveling around the world, you know, from everything, from network to office bill and semi at a Moby, we have 10 to 12 offices, everything from to, you know, Singapore to Tel Aviv, London, Rafi, stat, site site VPNs, all that all that fun stuff.
Neil:Active directory servers everywhere, you know, trying to just build that network up without with the team that we had at the time. But I think that's really where BigSpace jumped because of the rapid growth from, say, 200 people all the way to a 1,000. And then they kinda settled off, and that's, a little bit bigger to kind of start back at that 80 to a 100, and let's do it again.
Max:Until you've been through that kind of growth, it's hard to explain it. But that, like, hair on fire, like, everything is happening at the same time, it's fun. Right. You know? It's it's it's addictive.
Max:You know? And if you go through if you've been once you've gone through a startup phase and that, like, 80 to a 1000, like, just drive. You know, it's it's hard to, like, sit idle for a long time and and get back into it. And I'm gonna dig into m and a. Right?
Max:Because this is I think m and a becomes one of the first, like, untapped value unlocks for IT IT teams. Because now you have a a a very specific business objective, and the business objective is acquisition. It's well, could be evaluation. Right? Can we make this acquisition?
Max:It's evaluation, acquisition, integration, and then efficiency. And the faster you get through those steps, you know, the more value that's driven out of that acquisition and and the return to revenue. And, like, the first one you guys went through, you know, since the first one through org, you probably have people that have been through m a before working from the org at that point, but the org hasn't gone through. And so what did you see kind of with the first one versus the second one versus the third one of that engagement involvement and and how much you were involved in that conversation of, like, okay, now we've done this, we kinda know what we're doing. Go out and take care of this for us.
Neil:The common pattern is the 3069 with the plans. Right? Mhmm. And then, you know, typically, IT doesn't have much instruction at that point, and you start seeing, you know, documents shared to 2 different systems, and it's was this kind of like, oh, crap moment. I mean, when do we integrate this?
Neil:When do we actually migrate from one system to the other, which system wins?
Max:And you're talking about, like, I mean, right now, you're talking about, like, Google Workspace or Spotify.
Neil:Yeah. This is fine for sure. Right. Email collaboration. Right.
Neil:Right. Basic stuff. I feel like that's still our biggest hurdle at first, you know, at least in my experience.
Max:What was the decision like? Just the company do the acquisition in your case or I mean, what was the evaluation process of what went?
Neil:The evaluation process was really from a from a cost perspective and productivity. It might what's gonna cause the least amount of disruption and what kind of really what kind of pricing we're gonna get for a longer term contract that we felt comfortable with. From there, it's laying the blocks into the network and office space automation. Say that it's not really part of IT facilities was a heavy heavy part of it. Offices.
Neil:Right? And that what kind of came second. So it was never really part of the engineering side until it became like an active directory authentication conversation. But with that, I think maybe the email and collaboration was the big hurdle at first. I think what I learned from the first interaction with you.
Neil:The second was, you know, learning from, say, third party contractors that were doing this day in, day out. Right? And then figuring out the business. In each case, so what we need to kind of accelerate and how fast we need to do it 2nd and third times. Mhmm.
Max:I don't think there's this is one of those, like, there's no right way. It just becomes like a personality way. Right? Do you do these, like, long, slow, you know, migrations, or do you go, like, crazy and, like, rip the Band Aid off? And I've been involved in enough data center migrations, for example, where it's, like, we're trying to do no downtime and rolling and rolling.
Max:When I say migration, I mean, like, physically leaving one building and going to a different building. I've I've turned into much more, like, just do it, you know, kinda person. It's like, we know we're gonna make this migration. We're gonna spend 6 months doing this migration, or we're gonna do it right now? Like like, just jump off the cliff and figure out how to build a plane on the way down.
Max:I think
Neil:you've helped us that from cage to cage.
Max:Yeah. That was a fun one. You bring up third party contractors. And this is also a really interesting dynamic. I think we start talking about, like, in house IT of, you know, being in a role where you're now transitioning into supporting the organization, helping the business function, not necessarily doing the work.
Max:And I I feel like that becomes a big transition for a lot of people on their IT careers and and working their way up of understanding, like, I don't have to physically be doing the work. Like, now my valued organization is getting more done. And then seeing that with the contractor cycle coming in and then also kind of this constant, like, push and pull around. Well, I can do the work, should I not do the work, do we do the work, do I fly to Singapore and install this Meraki equipment, do I hire somebody, you know, like how how did you find that balance?
Neil:I think a lot of the balance, was due to just cost, you know. When you're working with the 3rd party contractors, like, you still need someone internal who works with that, and when you're working with lean teams and 4 or 5 people, it's like, well, we're gonna dedicate 1 person to this regardless, and might as well just do it. Mhmm. And then and this is what I found from ads, provided value by face to face time with those local IT personnel that were on my team in and being able to kind of build those relationships, especially when we have people from Sydney to, yeah, Singapore. That's really the big driver to it was, well, we can do it ourselves and know how he did it rather than relying on just good basically, just remote hands is typically ended up being now I know it's not always the case, but, I mean, the vendors and everything, but from the extraction that kind of speed that they wanted it to happen, that seemed to be the most effect.
Max:So so probably comes down a lot to stack too, like stack selection. If you're running local AD, right, infrastructure that has to be in an office to maintain and support local AD and, you know, Windows desktops and print infrastructure and networking and Internet, everything else is very different than if you say you're on a Google Workspace with Mac, like, what your touch point really is now in these offices. Right? I mean, like, when you were factory, you start talking about, you know, cost. How deep did you guys get into this conversation around, you know, staffing ratios?
Max:Right? Like, when I started, enterprise IT staffing ratio was around 60. 60 to 1. So 60 people per 1 IT practitioner. And I don't feel like it's unusual to talk to a company right now where they're at a 150 or 200 or 1.
Max:Now, the good news is there's a lot more tooling available. I mean, and, you know, the stone age is when I was doing this, but, you know, it's a lot. Right?
Neil:Yeah. And you
Max:guys are I mean, you were extremely lean. I mean, you were lean in the movie, and you were extremely lean at video. Right? Because I said, I think
Neil:it started around 60 to 70 to 1 and, you know, crude up 101 and probably touched to 150 at some points. So it was that conversation on, oh, if anything works, what do we create IT for? It's a it's a it's a fine line.
Max:Oh, jeez. Oh, it's so funny. It's so true. Like, you can never win that argument. Right?
Max:You know? Like, everything's working, and we don't need this anymore. No. It's working because we have this. We'll get rid of this thing.
Max:Everything is dependent on to work properly. Oh, I've seen that too many times. But it's hard. Right? Because in at the flip of it is and especially, maybe this is scar tissue again.
Max:Right? There's no institutional memory. Even a new person come in. You know? Even a new executive that comes in that doesn't have the experience and the history of what went through this phase from a to b.
Max:And then all of a sudden, like, oh, why don't we have this stuff? We don't need this stuff. And, like, we're not you know, what's what's what'll pick up? Oh, SD WAN. We don't need this SD WAN box.
Max:Our like, it's fine. If you're like, you're dark. It's fine because you have this SD WAN box. Please don't get rid of it. It's interesting to listen to Theo talk about, like, you know, I just kinda had this internship with this MSP.
Max:And then, you know, fast forward 15 years, you know, I've had a career in IT. Right? Like, that wasn't the design. You didn't go to
Neil:college to do this. This wasn't like a plan. Right? And to back up, I started my career as Arnold Tech 2 years. And I don't know if you knew that, but I turned branches at Honda for for 2 years before that.
Neil:So
Max:I mean, there's something gratifying about the physical world after you've been focused on the the digital world first.
Neil:Still waiting to hear back.
Max:But then it comes like hobbies. Right? Like, you're like I know a guy, and he was in San Francisco and, you know, content delivery. Like, he's really core Internet engineering, content delivery. And I think he went to I think it was Iceland.
Max:They went to Iceland and did a Jeep, you know, like, overlanding caravan deal. Okay. And he comes back from this this this I mean, amazing photography. Like, I would absolutely wanna do this. He comes back from this experience and, like, immediately goes out and buys a Jeep Rubicon.
Max:And, like, it is, like I think he was in Soma, you know? And he's, like, got a grinding wheel. It was, like, cutting the fenders off off the Jeep. They're, like, doing this out of Overlanding. And it seems extreme until you've been, like, working on a keyboard for, you know, 15, 20 years.
Max:Like, oh, yes. That's fine to actually, like, grind a fender off. It wouldn't put, like, you know, and then go off into the wilderness for a few days.
Neil:Yeah. Yeah. 100%. I think
Max:all of us have the same fantasy, which is like, you know, being on a deserted island with, like, no Internet and no phones and no emails and, like, you know, climbing trees for coconuts. And then we make it about 6 weeks and we start getting to achieve. We're not back.
Neil:We had the conversation on, like, farming. Like, you
Max:know Yeah.
Neil:Beauty of just waking up and feeling soiled? That's really basic life. Yeah. Well, where do
Max:you think that comes from?
Neil:What do
Max:you think drives that?
Neil:I just think it's like the I was in flux. Right. Well, I mean, just like you said, like being on a keyboard, staring at a screen. Yeah. It's productive.
Neil:There's a lot of work getting done, but, you know, seeing just the physical part of it, I think, needs to be fulfilled at certain times.
Max:It really is unrelenting. Right? You know, the push of the organization and the growth. I mean, you've been in ad tech, so obviously, ad tech uses IT and tech to drive revenue. So at least the organization understands the value of IT and tech more than others per se.
Max:Right? But even in that world, there's still a lot of friction of, like, what do we spend money on? What do we not spend money on? And, you know, if you're on workspace to me, I mean, I can't even imagine watching an organization transition off Slack at this point. I mean, it'll be, you know, just hey.
Max:We're gonna we're gonna switch off Slack to Teams. I mean, that's that would be a fun dialogue to have internally.
Neil:Yeah. For sure.
Max:Anyway, if you got carved into a pretty big transition, really from, like, IT director to what I think you ended up dubbed as, like, enterprise technology. Right? And this went from, you know, I would say, like, classical IT infrastructure work into more, like, organizational, you know, integrations and workflows on Allstate. How did that come about and why you? Was it just, like, you raised your hand, or it was, like, hey, you do this?
Max:And what was the experience of making that change and that transition outside the company? We found the topic.
Neil:I think a lot of it at first starts with in IT, there were kind of a few basic, obvious applications in the workspace, the Slacks, the Atlassian.
Max:Let's actually pause and talk to audio for a second. Right? Pretty typical tech stack for IT. Right? So so desktops were Mac desktops.
Max:Right? Workspace, Slack, Salesforce. Walk me through the the different pieces.
Neil:Right? Salesforce, NetSuite, ERP, some expense software with Coupa. And I think that's when, over time, you know, I was exposed to the finance and accounting side of the applications. Those were always managed by Datapart, same thing with Salesforce, and kind of sat in the way I can do it in terms of the down its own. But I think what really brought it together was utilizing the power of the and then something like Workday for your HRIS.
Neil:And I think that's where the scalability started getting obvious. Hey. We have all these attributes in in Workday for this is this is the source of truth for a lot of data, and I think it was a shock at first to see how much manual work was being done in underlying applications. And when we have a leading IT team and director of IT, there's responsibility of, like, 10 to 15, and then start looking at overall spend and efficiencies and natural, like, correcting the spend. Right?
Neil:And I think that's where a lot of pieces just kind of fell in into my responsibility there, and I think that's where I think a technical aspect in those applications that previously wasn't unlocked became obvious and needed to be. And it would be sold to, like, hey. Why are we doing this? We've always done that. But, you know, just removing an error, a human error, weekly CSV, upload, or what what have you from certain systems.
Neil:Wait a second. This is all in, you know, single source of truth. Obviously, this web becomes big when you're saying, like, your CRM to HRIS to IDP and which way data is flowing. But once you try to get a few key attributes there, it controls a lot of things and unlocks a lot of efficiency in the system all the way down to which I can we'll probably get into, like, something with RBAC RBAC giving back models and how it shifts into security. There's a certain amount of
Max:churn that happens when inside of an organization, and, you know, hopefully, that churn is relatively low. You'd say let's just pick a number. Let's just say it's 10%. Maybe a 10% churn. You know?
Max:When a company is 50, that's not you know, it's 5 people. Like, the the the inclination to still do processes manually is pretty straightforward. When you get to 500, that's 50. You know? And and then you start talking about complexity applications.
Max:How many do you have? Are they revenue doing Salesforce? Is it Slack? You know, like, there's, you know, the the touch points. Because every application you put out, there's there's stats that's like every application deployed in enterprise actually has 8 touch points within that application with other systems.
Max:And so you start you start modeling that out and look at the graph and say, okay. We've got, you know, 5 applications, you know, but then they're interconnected with each other, and all of a sudden, there's a lot of stuff that applies. And then, you know, again, 500 versus a 1000 a 1000 people. So just that, like, onboarding off off I hate off boarding. It's a term, but, like, the onboarding, off boarding process of consistency.
Max:Well, we need access to this data in Salesforce, this data, and that's this data here. How did you guys end up on on Workday? Was that just, you know, an extension? I mean, this like, Workday didn't show up because somebody decided you were gonna start integrating the organization around an HRS. Right?
Max:Like, it was Workday happened, and then it started getting integrated, and then it became like, oh, wait. There's this thing here. Let's use it.
Neil:Right? Workday happened more from the rapid growth stage and, you know, outgrowing a PEO in that model. Right? I'm not an expert at what I typically would say, like, you know, between 405100 feet crossing, that threshold becomes more cost effective. But at the same time, it's like fine line because now you need all its internal tax to benefits, things of that nature.
Neil:But I think that was one of the pieces where I was supposed to at first, but then, you know, looking up the APIs and seeing what data we can grab from it. Efficiencies directly to Mike. Again, with the lean team, you're finding every little thing you can do to the remediation. But that's really kind of what what what drove it.
Max:And then also, Okta existed before Workday came in, or was Okta and Workday around the same time for you guys?
Neil:Okta existed before when I first stopped there, and it wasn't much integration sample. Right?
Max:Okay. Let's get into it. I think this is the conversation that really triggered the, like, Neil, you have to do this with a comp, like like, thing here, which is, you know, I think the frustrating thing about tech for me is, like, knowing what, like, Nirvana should look like, but then never actually being able to achieve it. You know, like and just always finding these things that, like, hold you up. Right?
Max:So we were talking about it, and the conversation we were having was, do you actually need Okta? Because, you know, we start talking about SCIM provisioning and SAML provisioning and what supports SAML and what supports SCIM and what does you know, like like What are you
Neil:paying for?
Max:SCIM. It's not cheap. Right? Yep. It's very expensive, like, shockingly expensive.
Max:Right? But even, like, working through that, and you take a step back and you say, should we be doing all this in the first place, or should we just be doing, you know, OAuth on top of Google Workspace? I mean, right, because this was a Google environment. I mean, pros and cons with that. You know?
Max:Because also the HRS systems are getting a little more sophisticated in terms of being able to take actions and do things on these other, you know, SaaS applications as well. Right? Like, maybe not as as sophisticated as a full SAML integration, but, like, pretty good. So, like, you know, you've got a little separation from this, but, like, thinking back and looking at it, why not just do Google Workspace with OAuth and just say, hey, you know, Asana, you can only authenticate, you know, with our Google domain or, you know, film of like application. Right?
Max:It started off as that. But again, I think what drives it is cost for the 3rd party application
Neil:across from, you know, say starter plan to premium to enterprise Mhmm. To, like, you know, you can easily say starter level off, you know, premium sale, and enterprise, Right? And it worked well for a good amount of time, but once you start onboarding, 20 people a week, which we were for several several months here. Again, you're trying to look for any test is one, you know, burn out your team during these type of things and let alone the update that the cross summons move away from team to team changing world ops, that's where we felt that we can't be very important to have that functionality.
Max:I talk about this a lot with people of you know, you said, like, the the plans, like the starter, Right? And the the premier, you know, like, whatever the whatever they call these things in their Chinese menu. But it really is impressive at how much the tax is to get SAML. And, usually, SAML comes along with ediscovery as well. So for companies that haven't been through any sort of litigation holes yet with ediscovery, and then you turn around and you have to enable that, you know, as a cost feature.
Max:You know, I've seen this with messaging platforms where 1,000 person orgs all of a sudden, they're like, oh, we thought we were paying $8 a month for this thing, and it really is now $15 a month for this thing, and it, like, happens overnight. Like, okay, go budget that. So 20 people a week times probably a desk applications in addition to physical device provisioning and everything else that's going on with that. But Doesn't base applications. Right?
Neil:Once you get into each department, the department specific thing. You know, engineering probably being or not, you know, the one offs where you kinda have to deal because you haven't added something to it in a while.
Max:Were you able to automate all that into Okta? Were you still finding edge cases where it was like we can do, you know, 90% of this, but we still have to remember to go through and do x manual tasks for this team and this department?
Neil:We've seen it got, like, 80 to 90% of it through, and conversation there was, well, we only have 10 licenses and, you know, did it make sense to have that in otherwise? Right? It was just some app that, smaller team had that value there for. Right? So I think I I firmly believe in that, like, 80 20, 90 10 rule where it's like is progress not perfect?
Neil:When you have something like an Atlassian workspace, it's it's a no brainer. What you'd start doing is there access reviews, SOC 2 and stuff. I think that's where it really becomes
Max:hot topic. I'm curious what your experience was with this because I find even in tech companies, IT is a support function. Like, not not like DevOps or, you know, production engineering. I'm talking about like the classical, like, IT enterprise role. So there now becomes this, like, friction where it's almost like the organization needs IT to function, but at the same time, the organization is pissed off that IT exists and slowing them down.
Max:Right and I'm interested to hear how as you get deeper into workday and opta and deploying these things like personally I found that if you give HR the ability to go provision people themselves and do their own onboarding and say like they don't have to talk to you to like roll some, you know, like, hey, we're hiring 20 people. Like, do you want me to talk to anybody? It, like, seems to tamp down that, like, IT rage that comes out in people. Right?
Neil:Yeah. Well, I think, again, it's a it's a value add for now 2 teams. Right? 1 you're doing onboarding, say, every Monday. And it seems very repetitive for recruiters to all, like, hey.
Neil:Did this person get their laptop shipped? Did this person get their email activated? Those type of questions get bored of having that status. It it drives just, yeah, adding to initial function. It's like, yeah, you started with SAML, then we got to provisioning, basic user accounts, you know, just authentication, right, authorization, but it's kind of just building blocks to the point where, just like I said, bring in a new hire or what's the start date, automatically have these jobs that and the workflow's a trigger, like, hey.
Neil:This is gonna contact our provider to ship a laptop, and I'll have them enter their address in Workday and push it to that, and, you know, just a cascading effect of these pieces to to be 1.
Max:Did you notice a shift as that was rolled out more? Like interactions with HR, with recruiting, with engine with the marketing engineering teams, did you notice a shift in your interactions with them as you got deeper down into these automations?
Neil:Yeah. It was definitely a positive shift just because it allowed people to work on other things. Yes, there was still a verification and check that we had in place. But again, I think the beauty was where I really felt like we needed minority end is the auditing because it's this constant back and forth, you know, hunting through logs like, who did this, when did this happen, when? If you can point to a single issuer ticket with Jira, you have all these timestamps.
Neil:It's like, okay, well, here's I can automate via APIs, and here's an underlying system. So that's Was
Max:SOC 2 a customer acquisition push? Was it a growth push? Was it a pre IPO push? Like, what pushed the SOC 2 conversation?
Neil:What's the SOC 2 conversation was? Where I'm like from a partner deal? And it's what with large companies and what they wanna see from our side.
Max:So it wasn't just SOC 2 then. I mean, partner deals, probably a whole bunch of stuff gets gets pushed down. Right? We talk about security at the beginning of being this, you know, let's do this before we get to this point of sales cycle. Right?
Max:Like, I don't feel like anybody wakes up one morning and goes, oh, we wanna be SOC 2 compliant. Right? And we're ice towards 7,001. Or or, you know, maybe you're in an industry where you have to have CNMC or you need to be teamhand for these different things. But, like, it it adds a lot of overhead to you guys.
Max:I mean, like, you know, your annual process of audit with SOC 2. It's like it's like, hey. You had SOC 2 time coming around. Right?
Neil:Like Yeah. Well, SOC 2 type 1 is like that that was fun at first because of, you know, just a a third party audit that had got us ready for it. So we we really did a readiness before we got to it. So that wasn't too different. I think it's once you get into type 2 continuous is where it's like, we really caught me on top of this.
Max:Well, because now you've also designated controls that you have to adhere to basically till the end of eternity. Right? And that gives you a certain amount of flexibility as well once you've designated those controls. Because, like, to go and unwind a control, you know, requires some effort. This, like, always drives us this point of, like, shadow IT.
Max:Right? You know? Like, people are like, what's shadow IT? And I find, like, shadow IT being this, like, part of it's just, like, we don't wanna deal with our IT team because we don't wanna deal with that. Right?
Max:So we we can just go and fire up NetSuite and we can be charged. Right? Or we can go do this tool, we can be a charge. Right? So, like, all these applications show up.
Max:But it's hard because, you know, like, if you're SOC 2 compliant and somebody goes and fires up some application that has data in it that IT isn't involved with. Right? Now you've got, like, this, like, enforcer function that you have to maintain of being, like, the the you know, like, walk around and be like, I know you've got that application running. We gotta, like, either do x, y, and z or it's gotta go. You know?
Max:Like, that creates conflict too, doesn't it?
Neil:Yep. Absolutely. And that at least one control VINs is the current process, has the ability to purchase software. But to your point, you know, there's anything with, like, social logins or what have you, but trial accounts and things like that, that's that's always a fun one too. I found it's really valuable.
Neil:It's over all these, like, SaaS managed software to make it, you know, detecting social outcomes, be it Google or someone adding them a tile in in Okta for something. It helps, become that watchtower.
Max:Okay. So now this becomes, like, the soft skills. Right? So, like, because, you know, it's like we're it's an enabler function. Right?
Max:You're supposed to enable business to function. So like so now somebody's, you know, somebody's added tile to Okta. Right? Like, what's the right way and what's the wrong way to deal with it at that point?
Neil:Like when that fires off. Interesting questions. I think it's sure it's really like a case by case basis. Sometimes you see applications that are already in your stack. It's like, well, why is happening?
Neil:I think, a lot of it is fun, an awareness. What is our software catalog, and it starts there. On to the other side of that way, you see something pop up like, Son, I went, you use Jira and Atlassian, and every department uses it. It's like, what what is this? Right?
Neil:But it was really, a lot of it was something like, whack. No. No. From that point. Right?
Neil:And I think this is kind of where we probably left off on some conversations System like that to really control that because, you know, something we wanted to automate.
Max:It's an interesting point. Right? You know, go out and get an SWG and a CASB just to mitigate your manual process around shadow IT functions. And there's actually there's a lot of sassy applications that are out in the market now that that's part of their whole thing. It's like, hey.
Max:We're gonna help you figure out your shadow IT. How do you think about this or Emily, maybe you haven't thought about it, but I'll ask you now. In terms of organization sizes, like, 50 versus a 100 versus 200. I mean, I don't know what the right numbers are. Right?
Max:But I'm saying 50, a 100, 200, 500, 1000, 2,000. Like, what's what's that evolution really being, like, maturity? You know? Like, oh, we deployed Okta at this size, but we really should have done it at this size, or it should have been this other size system. Like, Workday, we got our you know, we we switched to our PEO at this size, but after we did it, maybe we should have waited, we should have done sooner.
Max:Like, how would you think about that in terms of growth, like, these checkpoints?
Neil:It always starts around a 1000000. And I say that because that's typically what full time IT comes in, where I'm sure you have your basic desktop support coming in, but can you want to mature the stack from an IT perspective where it's like, oh, we have Okta, but this is doing SAML. This is doing double auth because it's only through a little workspace and then back to Okta and then say, why are the Samuels like this? Right? So I think that's the in my opinion, that's prime the primary piece, the the IDP Workday coming much later from that at HRIS.
Neil:But I know there's it's like like a rippling where it's kind of paired together to try to automate that from being here. I love the idea now, but I think it was just kind of this inflection going to going from, say, active directory or over to over to to an op.
Max:As you took over more of, like, the security estate, when you talk about, like, the implications of SOC and audit, these different things, I mean, I guess we could talk about RBAC and ABAC at this point. We could also talk about IDP. We could talk about MFA. What do
Neil:you think would be the most interesting to kinda dig into it? Say IDP and MFA. Okay. Because, like, once you have the IDP in place, that kind of gives you your foundation. It's like all these things are sound and really becomes a pair of ones.
Neil:You do that initial auditor assessment right of way. Oh, it shut off this person's Okta, so I know this under my application. So whatever you've disabled the account for whatever app underneath it, it's only true for thing SSO on those applications, you know, that that checks the box and should get into the RBAC and ABAC, again, couch not horizontal movement within an organization or use case that someone's been at a company for 5 to 6 years, they just get permission to everything. Right? How do we back that up?
Max:Very delicately. Right? Very. Very delicately. I mean, like, MFA.
Max:Like, real MFA for me is, like, the number one no brainer thing that a company should implement as soon as possible. You know, we can argue about, like, all the other acronyms. We can argue about EDR and when you do it, or, like, you know, offensive versus defensive security postures. I am shocked, like, how complicated it is for companies to actually implement MFA and roll MFA out to their to their users. Like, it's like a like, both from a I mean, not even a cost, but, like, just a resistance, like, the inertia to it.
Neil:I'm like, let's go do this. It surprised me as well. And, you know, when I founded me and most effective way was find the application that someone wants to roll on, like, for Workday, and if it has PII and Emblay. Oh, everyone has to log in to this. Here's your chance to enroll them into it.
Neil:Right? If you pick a Salesforce or something, becomes a little different. Obviously, on IT and DevOps and engineering sides, a lot of things. It's a different prompt, so it's easier to get them on board, and there are those aspects. It's like, hey.
Neil:We're rolling on board, and, actually, it's like, oh, just turn this feature off toward this and kind of package it in there. And then from there, we're to our p the other apps.
Max:I love Hubert Keys. I love hardware keys. It adds a cert I mean, I'm not saying, like, friction, but, like, it adds a layer. Right? You know?
Max:Now you have to have a physical device. I mean, you have to ship a physical device out to a person when they're onboarding. It has to get there at the right time. It has to go through an enrollment process. They have to have it.
Max:They have to plug it in. They have to do something with it. Right?
Neil:Okay. Which users should have it?
Max:I mean, why not? Right? Sure. You know, so, like, rolling that out to an org when it starts and people are coming into the company just, like, this is the way we do it. Much different from just going back in time and saying, okay, now we're gonna roll this thing out, and I gotta use this.
Max:Did you have problems with that when you saw
Neil:it with Workday? Not really because I think it just got to that point where the the awareness, security awareness training, how they're another thing that add to to the list, like, it it would Nonetheless. It it works. Right? Because no one wants to be that person that we each risk 4.
Neil:And if you're gonna create that fear factor, which is even that fear factor and let you know what I'm saying? It's like, mean, you don't wanna be that guy.
Max:Nobody wants to be that guy. Nobody wants to be that guy. But I mean, so this is like okay. Security awareness training has become required, like like, element. Like, you just you have to have it.
Max:It's just one of those things. Like, if you go through any insurance process, like, are you running SAP? Right? But, you know, I have such mixed feelings with SAP because what's happening to take advantage of a person are so sophisticated. You know?
Max:Should I just accept SAP for what it is and it's just that we have to do it? And, like, you know, training is better than no training, just so there's awareness. But, like, I've seen some really sophisticated people, like, in the industry get phished, and they know what they're doing. Like, how you know, like, is is SAP like you know, I wonder what's what's what I'm looking for. Right?
Max:Like, is SAT a distraction prop for security for a modern enterprise?
Neil:I would say yes and no, but I think it's a good distraction because we ended up creating a culture where we're going to simulate it with phishing. Slack general chat got, got pretty active during these times. No one no one wanted to you know, there were the constant questions. It's like, well, actually, they opened the sling plate. Did I fail?
Neil:So it's like in in my mind, it's like, it's it's work. But to your point, you know, they are getting more and more sophisticated where it's just like, you know, what are their control you're gonna have with into place for? Secure mail case. Right? But just keeps the security pieces, just keeps building and and building.
Max:A lot of the, you know, identify, detect, you know, protect, respond, react, you know, like, these these, like, frameworks around cyber security. I think anybody that does this full time as a practitioner, it feels like you're finding something that's an eventuality to a certain point. Right? Like, it it's just a matter of time before something bad happens. This is, like, the I think the hardest part around selling when I say selling, like, convincing budget allocation for cybersecurity of the organization because there's no guarantees with it.
Max:Right? You know, like, I I look at it in terms of can you block as much as you can block just because you have basic, you know, you have basic stuff in place. Right? You've got training with people, you know, general awareness, and you've got some tool. But then it becomes more like a when something does happen, how quickly can you respond to it?
Max:Or do you or do you know that something bad has happened and you can, you know, limit your damage with it? Right? I hadn't really figured out a good way to, like, verbalize that or explain that, you know, and how do you sell this to somebody that's not buying it. Right? Because, you know, you need an EDR.
Max:Right? Like, EDRs are good. But, like, what's the value in an EDR if you've never run an EDR or experienced an issue with your desktops before? Right? Like, you guys ended up with an EDR because you had a SOC control that pushed the EDR.
Max:Was it actually was a SOC control, or was it
Neil:a part control? Combination of both. You know? Probably start initial, kind of, third party audit. That's how it was built in blocks.
Neil:Security acronyms too. That that keeps and the added the exploit. You know, from my side of the thing, if something were to happen, it's like, it's a negligence. Right? I think that's the fine line today.
Neil:Who wants to be responsible if something happens? And once you start having that conversation, and who are those people? Pretty quick things become necessary in the budget. I think
Max:the line that you actually used was we have a require what was what was the line? I'll never forget it. It was something along the lines of, like, I wanted the exact phrasing, but how do we ensure that corporate owned data or client data is not on non corporate owned equipment? I remember this. I remember this coming across like one of these first like here's a revenue requirement in order to go out and get revenue which then became this like technical requirement instantaneously and now let's go out and figure out how to solve this for the organization right and it became this like laundry list of like we do this?
Max:Do we do this? Do we do this third thing? Like, what else can we shove into here because now is a good time to get it as well? Like, how I mean, you were on the inside of that conversation, which became this revenue driver, which then drove a lot of changes for the organization and and I think positive. I mean, this isn't, like, a bad thing of, like, let's go out and spend money in garbage or get nothing here just because we feel like it's been money.
Max:But I've always reflected on that moment around, like, you know, here it is. Like, here's here's, like, the secret. Like, you know, is this the secret unlock? Was that the secret unlock for you?
Neil:There's definitely a big part of it. It's like, again, that was the reverting driver to and attach something to it. It's like, hey, if we don't do this, you know, we lose this partnership or, you know, data flow or what what have you. Right? And that's really where it shifts back to the tone.
Neil:And I know you went through tons of different solutions for us, but I think, you know, you can start off small. It's like it was really levels of how much can we control and enforce this. We usually say like, hey, we have our MDM and blocking these app names for for us. Yeah. Good.
Neil:Something. But is it gonna really stop someone from going through this? Right? Pop on Google and the full browser. Right?
Neil:You know, really smart engineers, like there's a way that they'll find a way.
Max:Nature finds a way, engineers find a way.
Neil:But it's just tearing up with like, you know, with that it got to an extent to, I think it ended up getting into like DLP, right? Well, you have to have DLP. I push back the others like, do you want us to be able to do our jobs? And where does that line like, the business doesn't give and take that. Right?
Neil:So risk tolerance.
Max:Around that point also becomes this big shift into a BYOD. Right? Like, are you allowed to use your own laptop or use your own phone or use your own best of need? That's a pretty big shift in terms of, you know, going from enablement to, like, restriction also for a company. You know?
Max:And and and I've I've seen a lot of organizations where that happens, and then IT gets this role, like, the booby gang. All of a sudden you're, like, Darth Vader, like, just say no. And, like, my job is to say no, and you hate me because all I'm telling you is no all the time. How do you manage that when you're when you're making these I mean, not everybody understands, like, like your salesperson. Your average, like, ranking let me I'm not put saying sales, like, as a negative.
Max:This is Marcus, everything. Right? Like your accountant. Your accountant is looking at, like, they have to do their job. Right?
Max:They have a job to do. And you say, no, you can't do x, y, and z anymore because this other thing is now dictated that you can't do that thing anymore, and you have to do your job differently. I mean, it's not a great conversation have.
Neil:Yes. That's it. So it's not like tough. And I think that's where a lot of cross collaboration like discovery of how people are are doing things and, you know, I think that's also what then unlocks areas where like, hey, we can do this more efficiently and help you, move like repetitive tasks too. So that's kinda became this like value add where it's like, yes, this is troublesome at first, but I think we can, kinda shift this to both of our benefits.
Max:You elevated it to a role where now you were running teams. How are you going out and finding recruiting, identifying talent, and then, you know, doing development. You know? Like and this is part of it's your your career track. Right?
Max:Like, hey. You start with desktop support. Not a lot of people are building PCs. Right? Like, there's people aren't building networks in their houses.
Max:There's a very different kind
Neil:of Well, it doesn't have an Ubiquiti stack or something.
Max:No. I mean, even Ubiquiti. Right? Like how many people are consoling into it at this point, you know? Like, it's a very different skills, you know, like the skills gap has changed a lot, you know, with now it's I mean, a lot of times it's good, but, like, trying to explain that things are actually magic and you can't just walk into an office, like, have everything work, you know.
Max:You know, hiring into that into this the space is different.
Neil:You know, I think there there were a lot of there's there's a lot of key indicators in my opinion. If you see experience with Okta and a slew of various apps, once you start having like I would say like 15 to 30 minutes, you can tell if someone understands the capabilities. Definitely a lot of conversations too where you're talking about, what's your experience about the tip wild type? You know, I had this app and SAML and, you know, follow the guidance and everything. But when you start having that conversation and triggering like, well, you know, it can go this way or we can do it this way is where I found value and success with, people on the team.
Neil:But I think the depth of that too is, like, you know, there's there's still that underlying it's called, like, computer skills, like, understanding and networking. And and I think a lot of it just comes from experience. Right? It's, like, it's tough to cover all those areas, but as in my experience, like, if I hadn't gone out and set up, you know, more rocky networks, multiple offices, have it become like a rinse and repeat, then I feel like I'd be I'd be struggling in certain areas.
Max:That's a pretty big skills gap because you talk about an MSP. An MSP is supporting organizations that are too small typically to have IT teams, probably not running Okta if you're not running your own IT team. Right? So going the MSP route of of saying that, like, generalized customer service experience, IT experience, it's gonna get you experience with an end user. It's gonna get you experience with desktops.
Max:It's gonna get you experience with networks to a certain degree. There are probably lots of different variety of of, you know, like, enterprise gear at different sizes. Right? Probably not one really like high in enterprise. Palo Alto is if you're working for
Neil:an ESP. Support. ASAs. Oh my goodness.
Max:Star cards of VPN configuration on ASAs. What
Neil:would you do?
Max:Watch. Watch cards. Watch cards. I have, on my dad, I have my on my bookshelf and all my half. That's all the firewalls.
Max:I have this I have, like, books of firewalls. The only ones I like, you know, net screens and and it's, little 5, you know, 505 e pix. But, you know, but, like, there's a transition. Right? There's a transition between, like, I know how to build a network, and I know how to, like, take care of a desktop, maintain a user, and do active directory, or do, you know, basically, like, that basic, you know, small authentication into the enterprise realm.
Max:And, you know, if somebody has a lot of experience in that MSP space, how do they get the opportunity to then move into that enterprise space because they haven't touched Okta. They haven't touched what I mean, all these things, like, they wouldn't have seen. It's not, you know, it's not in the sphere of experience.
Neil:Yeah. And I think a lot of it was I wanna say it's like Okta is like the new word too. So it's kinda had to let me backtrack a little bit too. Trying to think back of how I got involved into the Okta world. And when I think back to it, it was another IDP.
Neil:I don't even remember if it was like one long or ping identity or something like that. But it was the shift from, hey, we don't want to use active directory and LDAP and those type of functions to satisfy authentication. And it for instance became very simple. It started with SAML and, it took care of those pieces. Okta has LDAP connector into it.
Neil:So you can get our network devices into it. It just kind of prove from there. It's an interesting question. I don't know how to answer
Max:that. Right. I mean, this is
Neil:this is just kinda happened. Right?
Max:But, like, how do you you know, this is this is like I think about this a lot. I actually think about this a lot. I think I think about 2 things a lot. I think about is there a way to help I don't wanna say it like like as a derogatory, you know, like rank and file IT. And this can be all the way up like VP levels.
Max:You know, that transition into, like, how do you talk to your CFO in a way that's actually productive? You know? Like, what does the CRO actually care about that they're gonna when you have a conversation with them, like, you both get what you want. Right? Like, CRO isn't gonna care at all about an EDR.
Max:And I mean, not I mean, they will, but like they care about it in different terminology. Right? They care about it in terms of like, hey, you know, if we have an incident and it's public because we have to disclose it, like it's gonna affect your ability to go out and close deals with customers because now they're gonna have to associate with us with a different risk profile. So how do we figure out what our appropriate level of yeah. You have to use this annoying two factor authentication that we've selected, but it's actually good for you because then you don't have to worry about, like, you know, selling into a hostile sales cycle.
Max:If you haven't been on the receiving end of one of these events yet, like ransomware, like, you don't really understand what that's like getting out of these walls.
Neil:It's interesting because you're always when you're looking at that budget, right, it's Something that keeps going to what are we defending against? Right. And I think that's the hard thing.
Max:What value are we getting out of this money?
Neil:Why? Exactly. Which is often some very hard conversation like the listen to it one together podcasting. The ROI on security today, it's probably not a good metric to use. Right?
Max:I don't think so. But, I mean, I don't know. Right? Right. How do you put in ROIs on cybersecurity?
Max:I mean, maybe some people do it because, you know, if you've got runaway insurance premiums and you can deploy tooling that then drive down your insurance premiums or make you actually insurable, like, that's a positive ROI on cybersecurity. Right? Like, so some people have that event. You know, you've talked about it in sense of, like, we had to go out and do certain things in order to get revenue. There's an attached ROI on cybersecurity.
Max:Right? Like, you know, we in order to get a dollar, we had to go spend, you know, 50¢ like, well, you know, whatever thing was. Probably we less than that, which is what's scary about it.
Neil:I think it all also goes down that track though. Here, we have a little team internally. It's like if you want to be on top of our security and we're looking at 247 coverage, well, how many how many employees is that? And now you get that number. 7 per shift.
Neil:Yep. And you get into that number and say, oh, well, we can outsource this, put it in damn one, and have much more coverage and comfort for insanity for both my team and the company. So we get a win win situation at that swag.
Max:I find friction with this also. Right? Because I think there's a lot of inherent value of selectively outsourcing. Right? You know, leveraging the service provider that has expertise in that domain.
Max:Not like, let's go out and hire a 300, $400 an hour consultant, but actually, here's an organization that has 500 people, all they do is this thing so they can do it more efficiently. And we can do it. Like, I'm a fan of that type of outsourcing. Like, you know, can we displace all the annoying stuff that we don't want to deal with day to day to somebody else, and then they have to deal with it and filter it and give it to us. Right?
Max:But it's a I think the other half of it that I've seen a lot, it's when something bad happens, who gets fired? Part of the conversation that I think is still not discussed a lot. It's like this it's like this weird, like, unsaid thing. I was having a conversation with the director of security for a company, small team, I mean, 1,000 plus employees. So, you know, big war.
Max:The cyber team is, like, 3 or 4 people, you know, dedicated to this function. And they're in the conversation was basically I am well paid to be fired. Was was I mean, like, that really, like, kinda, like, shortened it to, like, a really kind of brief point was, like, I'm well paid to be fired. And no, I can't get the budget I need to do the stuff I want and the next person will get the budget that I was trying to get in order to do these other things. So I mean, what in the meantime, I'm well paid to be fired.
Max:It's pretty depressing.
Neil:100%. I think that's where, it's like we're transference. Mhmm. Becomes in the and at least from all our discussions, it's always been most more cost effective to do that. At the end of the day, you know, it was a revenue requirement.
Neil:So it's like, no matter what, we're gonna have to do this, which way are we gonna? If there we go.
Max:It wasn't a revenue requirement, do you think you would have ended up with half of the staff that you
Neil:I would say probably over over half. There were just a lot of efficiencies in it that brought right. I think where like visibility, I think areas where, say, in Okta, where dealing with the logs for, like, 6 months or 12 months or along those lines. And if we're given this third party audit, it says, say, it took SOC 2 out of it. But I'm sure whatever security questionnaires that would come through, they're still looking to acquire some sort of evidence for it.
Max:But that's still revenue connect. Right?
Neil:So Yeah. Right. I think the basic ones when I say basic, yeah, the MFA, the the ER tech. We really have to drive those internal. It's not with small teams.
Neil:It's like, oh, we're on your side today to sell this.
Max:Right? Right. Right. What's your executive support above you and and is somebody actually helping drive that at the right level? Now we call it UEM for some reason.
Max:But MDM, mobile device management, unified endpoint management, whatever. Right? We have a tool that now can configure and manage our fleet of devices. And you can do a lot of other stuff with it, but this is a basic model. Right?
Max:Like, we can you push software to it, and we can deactivate it if necessary. I mean, if you wanna run a lean team, like, this is essential stuff. Right? Like, you have to have it. I've seen pushback from organizations that were in the process of rolling out in DM and UEM platforms where people, like, have literally said that they thought it was, like, spyware being pushed by corporate IT so that way they could be, like, monitored.
Max:Right?
Neil:They still think that.
Max:What's so funny to me about this whole conversation is, like, nobody has the time or cares. Like, maybe, you know, like I mean, out of a 1000 people, I'm sure somebody's done something bad. Right? But, like like, the average IT person, like, doesn't have the time to care to, like, like Right. I mean, that's a good point.
Max:Right? Like, the amount of trust that comes out of it, it's a very I don't know. Like, it's it's primitive for most companies. Most companies still look at IT in a very, like, primitive function. It's, like, janitorial function.
Max:And you say, okay. You've access to everything. I mean, maybe you've got prop or role based access controls in different platforms now, and you've moved into different systems, and you can limit access to data if you've turned that on. But, like, somebody with administrative access is making those decisions to turn on those features in order to limit access to people. Right?
Max:I mean, that creates a certain amount of conflict and friction.
Neil:100%. And just back to the MDM, I think where it really became apparent was when during that few months of hiring 20 people a week. So you have the hiring managers asking, oh, is my new hire gonna be able to be productive within this week or 3 days or today? If you take the software side of it, make sure you have your SaaS apps and that's what we covering on Okta part, but probably more apparent than, like, developer and developer productivity. Right?
Neil:Do they need to speed up an environment and things like that. And I think that's really where the importance of it comes into play.
Max:Do you think that's about communicating the value of the system and then getting stakeholder buy in? Or then or is it, you know, leverage those stakeholders to then communicate, you know, to to go out and acquire the tool that gets the value to the stakeholder? Does that make sense? Like, in terms of, like, are you proactively going out to stakeholders and saying hey takes us on average 4 days to get a laptop ready for your developer. I'd like to make that one day.
Max:Would that is that interesting to you? You know like or is it the other side where you like waiting somebody's screaming in the hallway of like they can't get their 10 developers working. You're like okay I can solve this but we need some we need some budget.
Neil:I think it depends on where you are in that growth and the points of let's say like tooling maturity. Right? When I first started it fitting up, we were getting the laptops delivered to the office, opened it up, someone would install the software on it, just not scalable. So the initial pain is to just be removed from the IT team. But then when we don't have a knowledge of what exactly they're working on or what tools they need because it's localized to whatever team or or department, then that's where this kind of value add starts to come into play.
Max:That's also a big difference between saying, like, hey, here's your laptop now do everything anything you want with it into like now here's your laptop you can't do everything you want with it but you can do some stuff with it right? Like that's also part of that you know shift in let's say you know corporate policy like risk profiles right? I mean, you said a 100 people earlier. I find, like, crossing a 100 person is really good first Rubicon in terms of, like, it's efficient for you to go out and acquire an IDP or it's efficient to go out and, you know, bring an EDR into play. Right?
Max:Like like, the the cost per user at the underline is reasonable. Like, you've crossed, you know, in the M a dollar divide. You know, like, it's reasonable. Right? Like, it's a reasonable overhead.
Max:I've been toying with this idea of, like, classifying and cataloging companies more of, like, have you crossed into the enterprise license of Google Workspace or Office 365 yet?
Neil:5.
Max:Right. No. But but I mean, but think but I mean, tell me if I'm crazy about this. Right? Like, because, you know, there's the small business plans which force you, you know, you you 299 is your limit.
Max:Right? Or 300. Right? 300 people. You get forced into the E3 license.
Max:You get forced email gateways, especially with with Workspace. If you want journaling, you need API access. You only get that with the enterprise package. So you if you've gotten to the maturity level where you need to have this thing put into place, you have to go to an enterprise license. So maybe that happens to a 200, 250.
Max:But, like, I've kinda like I'm starting to put that more in like that, like, okay. We've crossed over. Like, the company is now, like, in a maturity line of, like, not a small business anymore. This is like a real it's a real like, we've now an SMB or define SMB up to a 1000 people. Like, I don't really get service A thousand?
Neil:A thousand?
Max:A 1000 people. I I look, there's there's some that are, like, revenue. I I do love Gartner. I'm talking about Gartner nonstop. Gartner's my friends.
Max:So is Forrester. But you know what I mean? Like, it's, you know, that shift between, like, the S and B mentality of the organization. Like like, no SMB has, you know, a GRC function. Like, you don't talk about governance and the risk management and compliance if you're an SMB.
Max:Like, what SMB in the world is care you know, cares about GRC. Right? The only people that care about GRC are the ones that are big enough that they're being forced to care about GRC. Right? And I don't think when you cross a 1,000 people, all of a sudden you're big, you know, now you're like SME, and you should be you should care about GRC.
Max:It's like And it's way earlier for companies depending on what they're doing.
Neil:And I think it also becomes important to say, do we just wanna check the box or do we wanna, you know, bring value to this? Is this There's that piece too. Right?
Max:People always talk talk trash about checking boxes. I don't know, like, maybe it's okay to check a box like EDR. Right? EDR for a lot of people is a checkbox. SAC is a checkbox.
Max:Right? Like, we have to go out now. I'm not advocating, like, when you have the ability to check that box to go buy garbage. Like, you should leverage that. Right?
Max:But Sure. But, like, you know, if you're sitting in your, you know well, I mean, now we send Acre Alberts, Starbucks, whatever it is, but, like, an organization comes and says, hey, our insurance isn't gonna renew us unless we have security awareness training or we have an EDR or we have, email gateway in place, like, we have to go get these things. Is that so terrible that somebody's forcing you to check a box to go get stuff that's actually good for the company in the 1st place?
Neil:I don't know. I mean, it's it's really much starts the conversation, 90% of the time in my opinion.
Max:Mia has a similar experience. You went to email gateway, impersonation management. Right? Security awareness training came along with that. EDR came pretty quickly
Neil:after that. VoiceBase Enterprise happens because of that. Right. Right? Yeah.
Max:And then, I mean, were you know, Okta was Okta already in place at that point, or is it like Okta just happened, you know, around that same time? Okta
Neil:was already in place, but basic functionality.
Max:Right.
Neil:But so
Max:the now you've crossed over to Google Enterprise, and now you've got SAML support within Okta. So you you start configuring, you know, SAML between Okta and Google Workspace, and you turn around and say, oh, shoot. We should put SAML on everything we're running. Right? Right.
Neil:Oh, back to the Google Workspace, like, you've never thought about it this time. I think this is a little details of just how I've seen others handle it because, so you have someone to just delete their mailbox. Typically, yeah. But if someone wants to access it for x amount of months, oh, we need this to forward. I think that's where cost conversation becomes into play because we keep this active mailbox.
Neil:Now we're just building our costs, right? But if you get into that our pricing, well, we can archive it for, you know, a few bucks a month or whatever it is. And I think that was, the driver. Obviously, there's other ways you can do it that I never recommend like just exporting. But that's what that's what happened in, you know, the initial days like, oh, well, let's export the mailbox.
Neil:We have PST, we'll throw it into this and archive it.
Max:Inbox format with Thunderbird, now you need Thunderbird. Well, there you go. We gotta roll with Thunderbird. You know? I understand how this happens and why people believe, like, let's keep their mailbox or let's forward their email.
Max:Like, I I get it. I know where it comes from. I don't know. Like, where do you fall on this line? Like, keeping email around and forwarding email.
Max:I'm like, oh, we need to be able to read, you know, go through and read all their I mean, like, you know, have you seen cases where, like, oh, we found something that we needed to know because we would this project would have dropped the ball. Like, what's the right way to offer?
Neil:In my opinion that we have found things, I would say more on sales side or accounting and finance. Engineering, probably not as much, but what I found to work is a 30 to 60 day where we phone the mailbox. After that, you know, here. And I still haven't figured this out with, say, like, Google Drive or OneDrive. You know, over time, things just start getting filtered up to the chain where you end up with some executive with huge amount of files.
Neil:Right? And it's like, how do you how do you get around that. And I think a lot of it is really classification. Is this document important? Being able to determine that, a lot of work behind it.
Neil:But I think funding in that that aspect is is very important because, at least in my long sense of the past 2 companies, it happens eventually. Right? Things can just filter the chain.
Max:I kinda wanna disable file sharing on an individual basis. Like, if you're in your personal drive or your personal your or whether it's a Google Drive or OneDrive. You cannot share a file with another person inside of your organization out of your personal drive because it forces you to put things into shared drives where they should live and then it's not like you've got this thing of like because I mean that's always a problem right like now you have to like okay we're gonna we're gonna copy all your data out of this drive and or give it access to this drive to another person and then they're like gonna go randomly like float through, you know, and do an archaeological dig through somebody's email of, like, looking for things. You know? And then determining is
Neil:is there sensitive data that probably shouldn't be shared in the Team Drive? So there's there's that aspect to it too.
Max:Yeah. I mean, okay. So is there sensitive data that shouldn't be shared in the team drive? Right? I I immediately go to HR and accounting with those things.
Max:Right? I mean, you have intellectual property that that gets filtered into sales and marketing orgs as well. Maybe you wanna get protected both, but, you know this that becomes an interesting dynamic as well of like sharing versus not sharing. You know what isn't is not you know like salesperson at this point predominantly uses their cell phones. I think the biggest argument I make with companies of trying to get them into a unified phone system It's like, what's the ownership of your accounts when that cell phone number, you know, leaves?
Max:And are you driving interactions off of a cell phone number or not? And do you have the ability to talk to your your customers? Right? Like, what happens there? And I've seen some bad things happen and drive change, but usually it's like, can we avoid the bad thing first?
Max:Like, how do how do we help you just avoid the bad thing?
Neil:Yeah. The mobile phones is it's a very tough topic. I made a
Max:note here. That's right. It's been a tough topic since Blackberry. Right? Because it was a status thing inside the company.
Max:Like, who had the Blackberry? Did you have the Blackberry? Did you have the Blackberry with your email on it? Like, were you important enough that you had the Blackberry? That's what's awesome, though.
Max:Yeah. That that worked great.
Neil:Yeah. No. Not the one who carry around 2 phones. Right? No.
Neil:Never. I don't mind it because I can put 1. It's like when I need to.
Max:I think you actually ever crossed over into doing eSIM with dual numbers on cell phones for people. We were doing a corporate corporate number as well as a personal number ourselves.
Neil:We deal with in that aspect. It was more of a central
Max:order
Neil:for how we type type to go forward.
Max:Yeah. The thing I've always enjoyed about this is there's no right answer. Right? Like, there's just this there's, like, some things you get into and you have already made a decision, you just don't realize the decision you made and, like, the implication of the decisions. Like, oh, we decided we're gonna use Google Workspace.
Max:Right? Like, well, you've made a whole slew of decisions just by that one decision. Right? Like like like a lot of stuff has already been signed for you, which, you know, includes, like, you're probably gonna run Slack and not, you know, chat and meeting spaces. Right?
Max:You know, I've yet to see a finance department successfully extract Slack from an organization yet by saying they can do, you know, spaces for free.
Neil:Yeah. And that that it's it's like that that goes back to the Google Workspace version Microsoft Office. You know, how many companies are out there? You can answer this question, I'm sure. How many companies have Google Workspace, but have Slack, but have Zoom?
Max:At every Google Workspace organization that I've come across is usually engineering internet company and they all have Slack and now what I have seen is organizations that were dominant Zoom you know so Zoom Meet where they're pulling back from Zoom Meet and going into Google Meet. Now with revenue org might stay at Zoom because they're using a tool like Gong or Chorus or, you know, whatever that has native in or integration with Zoom. So they stick with Zoom because when you go from, you know, multi 1,000 seats of Zoom for the entire org into just we're now Google Meet. So I've seen that change. That one was really surprised.
Max:I didn't expect the first time I saw that, I didn't I didn't think that was actually gonna happen, and it happened. But now that same organization is Slack in that spaces. So if I see that change happen, I think that I'll that'll be that'll be really impressive. Different with Microsoft because everybody wants Teams. You're on 365, You know, if you had Slack and 365, at the end of this point, Slack's like, I can't think of a single place that's still kept Slack.
Neil:Right. Right. I think, with that this hummingbirds, put away piece, I think what's important is the office footprint, the in person footprint too. It's much tougher to, at least, when I last looked at it, it was much tougher to manage Google Meet with, say, like 50 different conference groups talking about all hands, getting a crushed on program for for Google Meet and all that, beautiful stuff, webinars, what have you. But what I what I found was a nice balance, which is kinda what you said, the revenue.
Neil:But, I always like to call it like a license lasso management for Zoom. Oh, you haven't had a meeting over an hour, do you need a pro license
Max:for it?
Neil:And managed to automate some of those features. You know, Slackbot ping people after x amount of time, ask them if they get the license. And when you educate your users, you know, it's a cost saving solution for Beaumont. It worked surprisingly well.
Max:I actually think that might be a feature, not a not a bug. Right? Like, I've actually joked about, like, I wanna switch off a pro license and go into go back into the free license of Zoom V just so I can't have a Vee more than 40 minutes.
Neil:I don't know. Can
Max:you imagine? Like, you're just sitting there, but all of a sudden you get the countdown timer, you know, like, oh, you're done. Like, I mean, how wonderful would that be? The Crestron. I mean, we haven't even talked about a lot of stuff.
Max:Right? Like, it's I mean, that's another really good example of, like, you've made a decision without realizing you've made a decision and what that decision actually is. Right? Microsoft I mean, look, I was a professional Microsoft hater for a long time. Right?
Max:Like, I started with nt4mcsc I mean want to really get back into it you know controlling the team's experience across the devices gives them such a leg up when you start talking about conference or manage and it seems like such a benign thing until you actually are like hey we've got 15 conference rooms and 7 different offices that we have to have working devices at. Like and then you you catch your eye.
Neil:Maybe dedicated people to support it.
Max:Yeah. So then what do you do at that point? You just go back and just say, hey, we're not running this anymore. Write something else because this doesn't work.
Neil:A lot of it ended up being like, how do we manage this remotely? Would that be a remote PDU? You know, it's so basic it's a basic aspect to, you know, being able to Yeah. Upload into something and troubleshoot. Because again, it's like it becomes a tough conversation when seeing there's like a board meeting somewhere and you know, tied up in something else and the room is not working.
Max:Kind of important.
Neil:Exactly. It's like it's a lot of visibility into it. It's like like why is this not staffed? And sometimes it's a good conversation to have, but other times it's like, you know, we don't have to worry about that.
Max:We started off we touched on this briefly, like, you know, what's next? I mean, you've I don't wanna call it like a linear career progression, but, you know, I mean, most people, outsiders, would look at this to say, okay, desktop support, systems engineering, IT management, organizational input, m and a. Right? Like that, it feels like logical in terms of progression. And you've mentioned in the past, like, we've talked about it.
Max:We know people that decided to get out of management, go back into being ICs and just like, you know, focus on a specific domain. You know, what do you think is in your
Neil:future? Great question. I do see a lot of interest, in the security side of things constantly evolving and I just have something in it like leading into technology and staying on top of that. But at the same time, I think the enterprise tech will really keep awareness into operational efficiency. It's such more as overall operation too.
Neil:But the word operation, that's like security or IT, what have you. But, you know, I think there is expand that into like financial applications, revenue operations, what have you. I think there's a lot of value to be unlocked and opportunities for efficiency that may not be obvious to not as technical people, the capabilities that that are there.
Max:So you still need an org, probably 3, 4, 500 people, you know, like this isn't startup. Salesforce, I mean, people go out and buy Salesforce and then they get to a certain size and they realize they need to hire Salesforce administrators. You know, like, you have no software, but you still have to I mean, no. This like, you still have to manage it. And, you know, the cyber I see people go, like, part of it, you know I guess the other question is within the cyber, is it stay in the enterprise realm or is it going into the other side and then the service provider realm?
Max:It's like that's a big, you know, ship. Right.
Neil:Do you like manage security? Well,
Max:you know, I mean, pick your tech. Right? You know, you go to a EDR vendor and do EDR deployments Are you in a sales support role? Right? Like, lots of different opportunities in here that are still all related in in in this field.
Max:That's why I'm kind of curious. I mean, you go to DJing full time. Right?
Neil:Yeah. I'd love to have it probably right past that. Probably past that point. So great great hobby.
Max:Yeah.
Neil:What I've learned is to escape. Same same with like the turning wrenches. Right?
Max:I guess this goes back to an earlier part which is like the monotony, like, the perceived monotony of, like, the job in IT. Like, even with projects that you can see fulfillment on. Right? Like, it's not your building a physical structure. There's no building at the end of it.
Max:Right? Like, I've noticed that some people go like to burn out and, like, what I've noticed myself is without having, like, that project start stop, like these, like, really defined lines, what you really end up with is no defined lines unless you're talking about, like, I was at this company, I moved to this other company. Like, that transition or lack of transition gets very rare.
Neil:It's an interesting topic because, I felt like I was able to balance physical. Like, you always try to do it. It's like, why are you calling in these places and doing the the
Max:Yeah. Daniel, what are you doing? I'm on a plane to Singapore tomorrow. Why are you flying to Singapore, you crazy limited? Yes.
Max:There
Neil:Yeah. I think it is is a part of it where it's like it was an opportunity to to to get out to and, you know, get your get your hands dirty in that aspect. So it was my way to full to fulfill and keep that balance. I think personally, just I I have a difficult time just sticking to, keyboard stuff. But at the end of the day, it's like, I think I just had to to work on on that balance.
Max:I actually yes. Go to Singapore and go build up the office. Like, but my my question was really always a follow-up of, like, okay. Now you got an office at Singapore that you built out. Like, how do you support that office?
Max:You know, on, like, the day 2, the day 3, day 5, day 10. You know, it's it's kind of, you know, down the road. Like, you know, hey, something broke. You'll get back on a plane. Find New York and fix it.
Neil:Yeah. A lot of that office size, you know, how many how many users and it typically falls to the to the MSP. Right. Finding a local provider, you know, whether what what that would take or bug an hour or what have you much like and creating just SOPs for
Max:You have opened a lot of offices. You've closed offices. You've merged offices. WeWork changed the dynamic for a lot of companies. I'll use WeWork in terms of, like, just, like, the shared space and, like, the prevalence and availability and, like, it's culturally acceptable for you to be in one of these places.
Max:How office is open and you're gonna put 10 people in an office. It feels like that's kind of like the nucleus, like somewhere like 5, 10, you know, like maybe it's an executive that like really drives that. Like, we need a physical presence here. How do you think shared office space, like, the WeWorks, are gonna really overlay and impact companies going through these evolutions? Is it here to stay?
Max:Does it change? Do you think companies are gonna dip their toe in the water and then back out? How it's just a size thing. You know, does it has to be a nucleus that affects people? Because there's if you need an office, you need a conference room.
Max:You need a conference room device. You need a network. You need a firewall. You need a this. You need that.
Max:You need a printer. You know, like, there's a lot that goes into it. You need a lease. Right? Like, I'm curious what your experience has been with this.
Neil:I think it depends on, obviously, this is the size, but thing of the day, it becomes an OpEx and CapEx question. Right? If you're looking at carrying your own office space, like, what state is it? We always hear it's like, oh, the space is plugged in. It's never plugged in.
Neil:Everything from the circuit to whatever the convolution equipment, just like you mentioned, being that to put in at APs, etcetera. And I think that's why the model virtual becomes flexible. You have to shift from an office of 50 to a 100 and depending on, you know, what your lease looks like, a lot of that responsibility was pushed over. So I think it continues to exist, but I think the overall model of of does this become an office where someone's sitting at it 5 days a week? It's like, probably not.
Neil:You know, we had conversations of, oh, how can we find just, you know, work that we can only rule out the human book for Tuesday and Wednesday. I was like, yeah. I think we're a little early into that to figure out if that model actually works, but they just started becoming collaboration spaces. So having that functionality over paired with a lot of hotel guests. Make sure there's people who want to be on the in the office and in certain roles for full time.
Neil:I think that's where I think that's a model sells. But at the same time, the CapEx involved, you know, that space planning and everything like that. I say, how how much do we really want to put into this test, at least at this point. I mean,
Max:we work as expensive. You look at it like dollar to dollar, it's not cheap. And now you've got now another thing, which is if you're trying to maintain adherence to SOC 2, and you've got a physical security requirement coupled with a network security requirement and a device access requirement and access point requirement. Right? How much does that open up a can of worms for you if you have people going to a WeWork, getting on their network, and using their access points and accessing your corporate data?
Neil:I think that's why we, yeah, enable everything. It's just trust nothing. We could we want to go down that road. We're we're just zero trust at that point. I mean, for all I care, it could be at the office or a Starbucks thing.
Neil:Same thing.
Max:I think that's sort of the best thing that's happened to IT is that mentality shift of really eradicating the idea of a perimeter and, like, a safe spot, you know, within you know, you hear enough things about, like, fish tanks being exploited and then having something go out laterally. In that one, more than anything else, you just kinda throw your hands up there and say, what do you do? I'm trying to think what else I wanna talk to you about, and we talked about SAML. We talked about SCIM. We talked about deployment.
Max:We talked about evolution of companies, BYOD. What did I miss?
Neil:One thing that has been on my mind a lot, and I I'm starting to realize, like, it's almost it seems I don't wanna say early, but I think smaller companies are still getting into it. It's like the no code, low code stuff. I only say this because what, you know, the first couple years of videoing app, it's like I was utilizing and streaming Python source for everything. Right? But typical IT teams, they're not developers.
Neil:They're not shareable, pretty bashful, things like that for whatever. But I think the notebook stuff like a or what have you.
Max:Some of our missions on these platforms to do things for you.
Neil:Right. Exactly. With the ability to, you know, to audit, to this picture, touch and what they opt out, say, introduce something and life has to be change control. Right. Yeah.
Neil:I think I I wanted to get your thoughts on it. It's this is why I brought it up.
Max:I think after you've gone through a cell set of automation, like, it's hard to go backwards. Like, once you've seen it, you can't unwind it. Right? And then it it triggers this, like, other idea of, like, what else can we automate? Right?
Max:And is that automation of, data exchange between platforms? Like, we need to get data from NetSuite to Salesforce or from Salesforce to NetSuite. Right? Why? Because we need to do revenue recognition and we need to, you know, whatever how you know?
Max:Or are we running billing invoicing out or CRM or another platforms? Like, once you once you go down these paths, it's really hard to unwind. We talked a lot about it from, like, Workday managing, that function of, like, automation. But there's other platforms, and there's a lot of people I'm seeing a lot of, like, Zapier consultants because everybody knows an AJ. I was about
Neil:to say it's, like, that's typically where you find an opportunity to mature the automation platform. Right? It's like, why are there SAP your accounts all over the place? With data for people connecting and that they become personal accounts. When someone leaves, this breaks.
Neil:I know you're I'm hunting for these things. So I think that's what drove the conversation to, a funny platform that warts for us at at this stage.
Max:And you didn't find that Zapier was that gave you that, you know, tooling.
Neil:It did for certain things. Like, it was valuable for making Google Sheets interface. Okay. Right? But once we wanted to do things, you know, between a workday in Okta or workday Atlassian for user access reviews, you know, all the way down to say like a snowflake to do audit polls.
Neil:Right? Like, to to your point, you're in in the SOC teams, like, it's like it becomes very repetitive to to view this stuff, but you can show that this was an API call in the schedule that just does it every month. We're viewing it, it becomes much much easier.
Max:I love where you said Snowflake because, you know, what's going on in the world right now looks like that every Snowflake account has been compromised or maybe there has to be an assumption at this point. AT and T just came out and disclosed it, like, all call records for all customers forever. You know? It's a 3rd party cloud vendor. Yeah.
Max:But, I mean, the value of these tools is not just, like, the the control or the automation of the reporting. Right? It's it's also, like, the creation and the skipping of steps and not I feel like the part that makes people, like, the negative comes out with technologies, everybody's like, oh, you're coming for my jobs. Like, you know, like, no. No.
Max:I'm actually coming nobody no. That's not what's happened. The argument for bringing a service provider to do MDR for you, like, isn't because they're trying to take anybody's job out of the company. It's because, like, you well, like, you really wanna receive every single alert and sit there 247, do correlations for every single alert that you've ever received from this platform, and that's your job. You really want that to be your job, that's that job sucks.
Max:Go do a better job.
Neil:I think it's similar to comparing, you know, finding some software to use that patch match. Like, do you wanna go around and and then do this? Or, you know, you find a piece of software that that that is a story. Right? It's still repetitive, mundane tasks that you're moving to keep the job.
Neil:I enjoy a bit. Well, I think this is where the huge part of it comes.
Max:Do you think that patch management is, like, the most derided software purchase that a company can make? I mean, it feels like it's the red headed stepchild of, like, all IT purchases, patch management.
Neil:Better inventory.
Max:Inventory? Yes. Until until until you're like, wait, this exploit for for log4j just happened and now we need to know every every place in the planet this has log4j running until like wait a minute everything is running log4j was inventory management I mean, some of these things, like, I don't know. Maybe maybe if some of it, I'm just, like, jaded. What's you know, it's not it's like, oh, you know, we're we're doing a layoff and you get to keep your laptop.
Max:It's like, oh, yay. Get to keep your laptop. And I was like, no. It's because it was too complicated. Somebody had a meeting where they're like, we need to bring all these laptops back, and we need to wipe them and image them and redeploy them into the fleet.
Max:And it's like, here's the used laptop that somebody else had. Now you get to have it. Yeah. Let's just don't keep it.
Neil:Yeah. Good luck because then it becomes a conversation. It's like, It's gonna receive it back. I'm just gonna wipe it down. All these keys broken up.
Neil:You know, it's been repaired. So it's it's definitely a full life cycle and it's not on how you how you manage that successfully.
Max:And you guys you didn't end up deploying any Chromebooks.
Neil:We did. There's a lot of conversation around it where it's like, you need to make this disposable.
Max:Yeah. Right? I mean, your Google Workspace is kinda like it turns out this thing of like, dude, you just make it disposable.
Neil:Yeah. We never we never gotten into it. I think we touched on like VDI and that stuff too. It's like, how do you handle contractors? Are you shipping
Max:International contracts. That or, you know, are you
Neil:in CapEx to, ship to the new local contractors, right?
Max:Data. Let's ship MacBook Pros to our contractors in Columbia. By the way, customs is gonna hold these things for 4 weeks. Surprise. I'm getting signaled.
Max:It was actually a really effective signal. I mean, like, so many of these things, like I was having a conversation, like, with with a person in an unrelated industry, and it was kinda like the gist of it was avoid being yelled at. It's kinda like what their day to day job was like. It was like, okay, nobody wants to be the one that gets, like, noticed that gets yelled at. If this breaks, then I get yelled at.
Max:It's like, either make sure it doesn't break or make sure I don't get yelled at when it breaks. And in that dialogue, it came a lot of, like, the same things like IT. You're an IT. It's like you don't, you know, it's too expensive when it's working. Why do we need you?
Max:It's not working. Why do we need you? Balancing those 2 inside of a company until you're somehow attached to revenue feels like a really bad place to be or a really tricky place. Now you got yourself into a position where you accidentally got attached to revenue with a lot of projects. I know that was like excellent.
Max:Bad way. I mean, like, it happened. It's like a closing closing thought, like, thinking back, you know, MSP moving into corporate IT, moving into enterprise tech, what advice would you give yourself to, like, attaching yourself? Like, how would you attach yourself to revenue faster? And is that and is that the right answer?
Max:Is the right answer attaching yourself to revenue? And if so, like, how would you do it faster in the future? Cross
Neil:collaboration, understand exactly what certain departments you're using software for. And I think at first it was attributed to a little handle authentication like authorization to it. But you know, I think Jared, just like you said, you need your NetSuite admin. You still do NetSuite admin. You need your Salesforce admin.
Neil:What have you? But I think once, the automation piece got into play, that was when the conversation started getting deeper and or to provide that value for those departments. Otherwise, to your point like IT was just looked at as kind of like a blocker. Well, this is a revenue app. Much help from this.
Neil:So I think that's where a lot of it was driven by.
Max:So it's just a takeaway. Automate faster. So the best time with Zapier, get started, go to a different platform, make it easier for people to do what they need and get what they need faster.
Neil:Oil balancing that. I'm not trying to eliminate jobs.
Max:Of course not. Neil, thank you for doing this. Appreciate it. This is great. I obviously can talk about this stuff for hours and hours and hours.
Max:So enjoy it. Yeah. Closure.
