Tech Assistance Office Hour Focus on Bring Your Own PC Management

Show video

Michael Hernandez: Hello, everybody. Thanks for joining. No, you know. Always a busy day. Always lots of stuff to do. And Michael Hernandez: all the year end stuff so definitely appreciate the the time. I also know. You know, hard for people to Michael Hernandez: to join on time. I was a a minute late myself. For for this call. But yeah, I think a a really good topic that we have today. You know, I think even prior to Covid. You know, one of the challenges you know we've had as a community is, how how do we provide access to our organization's data for volunteers and interns. Right Michael Hernandez: prior to Covid, we had a lot of people coming into the office, so you know, it was a lot easier. Hey? Here's a desktop. Here's credentials. Login Michael Hernandez: but now, with with the hybrid environment you've got volunteers and interns working outside of the office. And you know. How? How do you? You know? Do you have equipment that you're able to provide everyone? And if you and if you don't you know, how are you? You know, keeping track of that data. How are you securing that data when they're accessing? You know email, your case management system.

Michael Hernandez: your files. You know your file system, whichever you know, you might be using. Well, if it's a file server, or, you know, sharepoint onedrive things like that, and you know absolutely, how do you keep control of that data when they leave? So they, you know, provide the help. You know, the great help that that volunteers and interns, you know, do for whatever period of time, and and that. Michael Hernandez: you know, is runs across the board right that that could be for a couple of weeks that could be for a couple of months. It could be for 6 months. It could be a year. You might have an attorney. Who you know who's doing pro bono work that, you know, works a a, you know one case quarter, or they they take one case at a time. And now they need access to the to the data and also save the data Michael Hernandez: in the organization. So II think this is a really great topic for the you know, for the community definitely appreciate. You know, everyone. Joining so we've we've got 2 different types of solutions which you know this is an informative. Michael Hernandez: you know session, you know. I think, that this is great. What what Ellison Tap is doing with. Look, this is to provide you information. It's the the takeaway supposed to be to have you think about. Maybe even some of the challenges that you you didn't necessarily think you had or if you did have it. Michael Hernandez: and you and you you did know. Here's some options that we could look into you know. So so veam veen, and and to your point, you know this. They're they're on gracefully, you know, willing to share information about you know their solutions, and and how they do things again. But this is really informative. Sessions, it's just a kind of.

Michael Hernandez: you know. Expose you to some options that are out there. And you know what you do with that information. You know whether you have more interest in them or or looking up other solutions, you know, completely, you know, completely up to you again. We we just wanna help with in informing you as a community as as what's out there. And again, I think, great Michael Hernandez: you know, for lsntap for Michael Hernandez: for doing this. So I'm gonna assume we're probably get. You know, some some more people on and you know we'll we'll let them in. But we're gonna get started with the presentation. And so the format will be so veen's gonna go first dan and you know. So he's gonna you know, review his solution, you know, 1015 min, and then we'll have a question and answer period. Michael Hernandez: you know, specifically on that solution. If if you had questions, then once that's over, you know, we're gonna hand it over to Joel at at tier point, and do the same thing, you know. He'll review his and then we'll have question and answers. Michael Hernandez: And then at the end, if there's still some time left, you know, we could just open it up to any additional questions. So with with that Dan, gonna hand it over to you, you know. Do you know, quick intro, you've got, you know, up to 15 min, and and before before the question and answer period. Dan Acquafredda: great Michael, thank you so much. II really appreciate it. And been looking forward to this meeting

Dan Acquafredda: quick introduction about myself. My name is Dan opera. I'm the senior account executive here at then. and on the call with me is Chris Johnson, and and he's one of our senior product managers, and he's gonna be helping us out with some technical questions. If you have him and you'd be walking us through a demo Dan Acquafredda: and just kind of quick background. How we got here, Mo. Mike, Michael found us a online for for salute you know, for a solution, for under the issue that that he just spoke about we had some time. We we did an introduction call. He learned a little bit about us, and he thought it'd be a great opportunity to speak other organizations here that may be dealing with some similar problems. So just want to say thank you to Michael, to who brought us in. Dan Acquafredda: and just a quick agenda of what I wanted to go through today. Just an introduction about then who you are as an organization. Dan Acquafredda: I'll kind of go over kind of why, then exists. And the solution that that we recognize or the problem that we recognize and and how we're kind of overcoming that solution for our clients. And then I'll introduce Chris, who will kind of walk us through a quick demo, and I think that'd be a great opportunity to get a visualization about what Ben does. Dan Acquafredda: So Dan Acquafredda: Ben was created over 2 decades ago, and out of over 700 clients of ours. A lot of them are in highly regulatory environment. So organizations like banks, financial institutions, really, any organization that is high compliance standards, either protected data or need to be compliant to things like Pci hipaa Gdpr. Dan Acquafredda: So Ben was really built for security minded organizations looking to simplify and reduce their costs around, delivering a secure workspace, but without the nightmare having to ship computers, or without something like a vdi.

Dan Acquafredda: So the conversation we had with so many of our clients is about this employee computing model that we're discussing today. And many organizations are still in the challenging model of buying and locking down Pcs. And insisting that people only do work on these machines. Dan Acquafredda: whoever, you know, since the pandemic and over the terms of last couple of years in terms of remote work, a line between business and personal start to get blurred. And the expectation people have a home office, a work computer, a personal computer and respect those boundaries really starts becoming unrealistic for both the employees as well as the organization. Dan Acquafredda: Not to mention that a lot of our customers are hiring people and building teams in more geographically dispersed areas than ever before. Dan Acquafredda: So client uses for many use cases. But it's really a big one in Mott, why, this model is becoming increasingly more challenging.

Dan Acquafredda: But at Ben we talk a lot about by Opc. And Byod, or bring your own device. And you know this been a hot topic for a lot of organizations over the last couple of years. The thing we like to remind our clients that Byd doesn't have to be wholesale right? Not everyone needs to bring their own computers a lot of different options and ways. This technology is being adopted Dan Acquafredda: really quite quickly for various types of use cases. So again, we're seeing our clients leverage Byod for independent contractors, interns, volunteers, all sorts, scenarios, mergers, and acquisitions. Dan Acquafredda: And you know at at then what we're currently doing right? We we literally live and breathe our technology. I'm working from my vyod device right now, and then, some instances will actually use a stipend to pay for an employee's laptop. So the organization themselves doesn't have to.

Dan Acquafredda: But the other thing to remember is that we don't need to say yes to every PC. Or even lockdown every PC, the same way, a lot of different ways. This technology can plug in Dan Acquafredda: the bottom line the ability to protect your data without having that block down a whole machine itself. Dan Acquafredda: So most of us here are probably familiar with with Mdm. Whether you know it or not. So a Nbm is essentially what allows you to have access to company data like email on your personal phone, right? Dan Acquafredda: So what Mdm. Gives. It gave us the ability to containerize the application itself on a personal device. And this is what Ben is doing today for laptops. Right? So almost think of us as Mdm. For laptops. If you're familiar with that. Dan Acquafredda: really, what is designed to do is basically, if your workspace for remote work, the data without having to lock down the whole machine or having to push people into a virtual desktop and type environment.

Dan Acquafredda: So the innovation here is a secure Enclave. That's going to go on the PC. Or the Mac. Dan Acquafredda: When you install that machine it sets up this secure output. That's where all the applications sit. Dan Acquafredda: All the work is being done inside that blue border, and the blue border is a visual indication around those specific windows. So if it's in blue, it's in business.

Dan Acquafredda: Everything inside that border is going to be controlled and administered by you. So, for example, what applications they can run and where your gang can go. This is how you're gonna be able to control for some of the compliance standards your company could be held to. Dan Acquafredda: So everything here regarding this is to be remotely white. Dan Acquafredda: Everything work related on the machine can be removed.

Dan Acquafredda: There's also a network component that's important. And that's all network traffic emanating within the secure Enclave and they go out of secure tunnel through a gateway IP space that you control. Dan Acquafredda: even though the network related outside the Enclave, it's just gonna go out the user default Internet connection. So how does it work? So then this is not a Vdi right? We do have some experience down that path. And some of you may be familiar with this as well. But this is different. Dan Acquafredda: This is a local computer locally installed applications. There's a software based solution. It's gonna put a virtual wrapper around an application that's running on the personal machine itself. Dan Acquafredda: So the wrapper is a blue border from the user's perspective.

Dan Acquafredda: from the it of the administrative perspective. Essentially a firewall here control, or what can go in out of an application. So can I copy and paste data. You know. Dan Acquafredda: I think a screenshot. No. Where am I able to save that file? All that stuff becomes policy configured by you, and we'll show you what that looks like in just a minute when I turn it over to Chris to walk through the demo. Dan Acquafredda: But just to summarize our objective. Your advent security is our North Star, and that is what we're providing to our clients.

Dan Acquafredda: Your company still gonna meet high compliance standard, but without the need for something like a Vdi or shipping computers. Dan Acquafredda: You're gonna be able to accomplish this now without hosting. So it's designed to be much less costly, much simpler primarily, because you don't need to add any additional infrastructure or data centers. We're using local computers. We're letting people work natively the way they want to work. However, we're giving you control of the applications, the data, remote session. In fact, we're not giving you control the whole PC, we're just giving you control of the Enclave. Dan Acquafredda: The last thing I'll say before I turn over to Chris, especially regards to deployment. Dan Acquafredda: it really is quite soon. It's a single install to the employees. You're gonna email, invite as you provision a user install, then ready to start working in about 5 6 min.

Dan Acquafredda: so I'll pause there for a second. I'll stop sharing my screen. I'm sure there'd be some questions that we have. But, Chris, I'll turn over to you first to walk through the demo, sir. Christopher Johnson: Sounds good. Christopher Johnson: Okay. My screen should be coming up here. Alright. So I'm gonna walk you through the typical end user experience on a windows device. Christopher Johnson: This is also supported on Mac Ios and Android. Christopher Johnson: So what you're seeing here is, I have a chrome window running inside the secure Enclave and logged into a sharepoint site. I have kind of your generic sales spreadsheet here open in excel.

Christopher Johnson: and a blank word document. Christopher Johnson: So the first thing that I want to reiterate is that these applications are directly installed on the computer. Right? There's this, not a second instance. We're leveraging the applications that are already installed here. Christopher Johnson: But for the end user, there's really no difference between the applications that are running inside the Enclave or outside, they function exactly the same. Christopher Johnson: The only thing I'll notice is that blue border surrounding them. That's gonna help me really identify the context that I'm in. This is my workspace. And you can see that any application that's brought into focus. You'll see this icon up here. We call this the badge. Christopher Johnson: Really the significance for me, the as the end user is, gonna tell me what I can and cannot do inside of the work environment. And these are highly configurable policies from the company level down to the user. And it's done through a Sas based admin console. So there's no infrastructure in far as managing the user. Christopher Johnson: So this user, I'm pretty much locked all the way down. I can't upload anything in the browser. I'm not able to move or paste any data outside of the secure Enclave.

Christopher Johnson: My network. Access is restricted and lockdown, and that's looting to the private company gateway, or that protected connection that Dan was talking about, not able to print anything that I'm trying to download or save has to stay within the Enclave, and I can only save to a location that an administrator would designate for me to save to, and I can only log into those accounts with an account that's authorized. Christopher Johnson: and I'm all allowed to share out my screen or take any screenshots. So really like, I mentioned working in these applications, there's really no difference, some in one moving to the other. The data moves back and forth just fine. And that's really expected, because all of these applications here Christopher Johnson: are running inside the Enclave. Now, if I were to open up another instance which I have over here of Excel, you'll notice this one is running outside the Enclave. It doesn't have that border. Christopher Johnson: If I do a right click here and try to go paste, you'll notice that it's as if there's nothing on the clipboard for me to paste. Christopher Johnson: And that's because there isn't. When you're working inside the Enclave we're actually running a separate instance. That clipboard so that none of that data can be exfiltrated out.

Christopher Johnson: But if I'm working on something outside need to bring it inside, no problem that works just fine. Christopher Johnson: So really, the general rule for me as an end user is, if it's in the blue, that's where it has to stay. Now. Christopher Johnson: most users, they're not trying to do anything maliciously, but they're just trying to work in different ways that they want to. So I wasn't able to copy that. I'll go ahead and try to hit screenshot here. Christopher Johnson: and you'll notice when I do that all of these windows are completely blacked out. Christopher Johnson: Now, this policy here that we're looking at is the screen sharing capture. It's very configurable, right? So we all do different personas. Some people are working with Pi, and you never want them to be able to share out, maybe have some users that never do. You can turn this off completely. Christopher Johnson: or in this case.

Christopher Johnson: think of this kind of persona, right doing presentations. But I want to be able to explicitly only share out what it is I want to share while making sure all the other screens are protected. So I have this option here. Christopher Johnson: I can go ahead and specify the reason for me doing this. And what's gonna happen when I click, share window is it's going to create an audit trail for the Admin to be able to look at. It's gonna tell me the goip location, the device, what I was sharing and why, and for that duration. And then, when I try to take that same screenshot, you'll notice that only the application that I gave explicit permission to is now visible, and the others remain blacked out. Christopher Johnson: and that'll stay that way until I either come back to that badge kind of stop sharing that screen. I close out the application completely, or I log out of them. Christopher Johnson: So there's really 3 components here that we're going to be talking about 3 pillars, if you will. One is the application, protection and isolation. Right? So that is how we are separating and isolating the applications from other interactions with the operating system.

Christopher Johnson: Now, the second component we're gonna discuss is how we're protecting data in that we're on a local device. Christopher Johnson: So I have 2 instances here of file explorer running side by side. The one on the right has that blue border. That's the one that's running inside of the secure. Enclave. Christopher Johnson: What I want to draw your attention to is, you'll notice this item called Vendisk on the right. Christopher Johnson: So Vendisc is our encrypted disk. Think of this as a profile store and not a file system. If you look on the left there in the other file explorer that's running out. Christopher Johnson: You see that that drive doesn't appear there. This drive is completely hidden and inaccessible to anything that's running outside of the Enclave. So the way this works is when a user logs in, they authenticate. They pass a series of device compliance checks that you can configure, such as making sure the operating system is up to date, and a virus is up to date. So on and so forth. We grab those decryption keys and we decrypt this drive, and it becomes accessible to any application that's running only inside of the Enclave.

Christopher Johnson: you'll notice that I have one drive here and Google drive the cloud file systems running inside of the secure Enclave. Christopher Johnson: So what we're able to do is, give the admin, the ability to specify the file systems that I use Christopher Johnson: specify the account that I can use to log in with. And then we're binding those file systems that the cash from those file systems to Vendis to ensure that anything that gets locally cached remains on this encrypted disk. Christopher Johnson: Now cloud file systems are going to operate exactly how you'd expect them to come through here and navigate. If I click on one of these files, it's gonna open the application inside of the Enclave. And I'm gonna save it. It's gonna sync back in real time.

Christopher Johnson: the other component of vendors, which is really great when we're think thinking about leveraging personal devices is traditional solutions. When you need to off board a user or devices stolen, that really the whole device has to be completely wiped. Christopher Johnson: What we're able to do here as an admin is simply locate my device in the admin console, select, wipe work, data. It will remove everything that is stored on this disk, and break any of those authentications into the file system without impacting the personal side at all. Christopher Johnson: Now I mentioned that this was an encrypted profile store. So I'm gonna show you what that kind of looks like in real time. You'll see that I have 2 instances of chrome here, side by side. One of them, the one on the left, is in the Enclave. The one on the right is not. Christopher Johnson: and you can see immediately. It's a completely different themes, completely different set of bookmarks even logged in with 2 separate accounts. Christopher Johnson: So what's happening the first time that you're launching an application via our application launcher. So you can think of these icons here, not as real physical applications, but just representations of the applications that you're allowing me to run in the Enclave Christopher Johnson: when I'm clicking it out for the first time from here Christopher Johnson: we're hooking into that application down at the very base of the operating system down at the kernel level, we're rendering that blue border. And then we're creating a brand new set of profile information

Christopher Johnson: 4. Christopher Johnson: These applications on vendors, and that allows me to customize my work environment for how I like to work Christopher Johnson: and without impacting the way I use it for personal use. Christopher Johnson: And finally, the third component is how we're protecting the network. Christopher Johnson: Now, out of the box each tenant comes with its own set of static static and dedicated IP addresses that Christopher Johnson: are only used when inside of secure Enclave. So all the traffic that's coming out of that secure Enclave is going over this encrypted connection. So think of this as any of your Sas application salesforce, or something like that on the left. We're go ahead and log in, and you can see my IP address here, and that's one of those IP addresses of the private company gateway. Christopher Johnson: So just think of this as kind of the split tunnel. VPN, now, I'm gonna try to go to that same website outside of the Enclave on the right. And you'll see I immediately get that access denied message.

Christopher Johnson: And my IP address is different, because that's using my local connection. Christopher Johnson: So it essentially, what you're doing here is you're encrypting and tunneling all the traffic that's emanating out of secure. Enclave, you're respecting my user privacy. Right? If I'm in my personal browser, none of that's being tracked and watched. Christopher Johnson: And then you're able to leverage conditional access rules to prevent access to company resources unless they're coming from these IP addresses. So to essentially, you're doing is funneling all users into. Then, in order to access Christopher Johnson: work. Christopher Johnson: Okay? So I'm gonna stop there. That is our general kind of overview of the solution. And we'll pause and see if there's any questions.

Michael Hernandez: Thank you, Dan. Thank you, Chris, that that was excellent. Really appreciate it. I'd I'd like to open it up if anyone has any questions, please. You know. Please don't be shy. If you could unmute yourself, or you know, feel free to to chat any any questions that you might have. Michael Hernandez: Okay, alright. So I'm gonna ask you a couple of questions that hopefully will provoke some some thought. Great! Thank thank you, Shelley, for that. Michael Hernandez: So on the it side, right? A couple of things that you think about when someone's using their personal device. Right? So, Chris, you mentioned one you know, making sure that the user has endpoint security. Installed. Michael Hernandez: Let let's say the the I guess is there Michael Hernandez: is there with your solution. Is that? An absolute requirement. Or the way it's set up. Yeah, it's best practice to have endpoint security set up. But if the user doesn't or they don't keep it updated the way that it's set up. It's not you know. It's not a huge risk.

Michael Hernandez: Say, right? It's it's hard to say there's never a risk, right? But you know. But you know, is, is it a huge risk? If the user doesn't have, you know something that's updated? Christopher Johnson: Yeah, absolutely. So that's a good point, Michael. There is no silver bullet right where what we're doing is reducing that attack surface tremendously. And you can implement a set of device compliance checks to prevent the user from from logging in. If they don't meet them and their basic hygiene things right? It's the like, I said, the antivirus installed. Is it running? Has it been updated? Is your operating system? Patch? Is your AV. Screaming? Hey? I'm do you know there's an infection there. Christopher Johnson: But if if that was something that we didn't want to enforce on the users, yes, this this solution has a a number of ways that it's protecting. Right? So for one that disk is a read only disk from the outside perspective, it's impossible for anything to write to that disk Christopher Johnson: we're protecting against common attacks like memory injection. So we're monitoring what's happening with that application cause. We're so far in the operating system. We're able to monitor all that and shut down anything if somebody's trying to attack the applications that way. So in in effect.

Christopher Johnson: if that computer gets ransomware, I mean, that's that's terrible for that user. But it's not going to impact work or work data in that. In that secure Enclave. Michael Hernandez: Great. Christopher Johnson: yeah, just another. Christopher Johnson: Even the key logger kind of scenario if somebody were to download. Get a key logger on their machine. Christopher Johnson: Okay? II mean, it's terrible. It's, gonna you know. Take their their banking information. But they're not able to record the keystrokes of any of the inputs, the applications that are inside the Enclave. Michael Hernandez: Yeah, no great point. So you stole my question, right? Cause on the It side. That's that's a concern, right? Someone with a personal computer.

Michael Hernandez: you it, whatever something malicious could have already happened right and could already be on there. And the common, you know, scenario is the key logger that's already on there. So now you know, you've got a a computer that's compromised with the key logger logging into our network. And now, you know, key logging all their you know, every what they're typing client information which could include their Michael Hernandez: address. So security number, you know, they're doing like intake or something like that. Michael Hernandez: you know their passwords. So with your solution. If that computer is already compromised with a key logger. It's it's not it's not a concern with your solution. Christopher Johnson: Correct? Michael Hernandez: Great.

Michael Hernandez: Okay? And any other questions Michael Hernandez: hopefully. You know my, my few questions. Michael Hernandez: made you think about some some things on on your end Michael Hernandez: again, you could use the chat if that works better for you. Christopher Johnson: I'll just throw out a couple of little tidbits until we see any of the the chats coming in. So one of the things to consider, too, is that we do have some things out of the box. Right? So if you're not, if you don't have an identity provider, we can provide that for you. We have our own built in identity management system. Christopher Johnson: Same thing with that private company gateway. So that's there out of the box same with, we have a proprietary file system. Now, we built this. So it's extremely flexible. We know most people Christopher Johnson: have best in breed. So you can actually integrate with octa azure. Another third party Idp, you can leverage a different file system. You can even turn off that private company gateway and insert your VPN solution in there.

Christopher Johnson: Right? So you have a lot of flexibility depending on how the environments are already set up. Michael Hernandez: Great great Michael Hernandez: Chris, Dan, thank you so much. This was this was great. I know, you know. So look, you know, some of these provoke thought after you know the webinar you know, on your way home you like. Oh, I you know II should have thought of of asking this right. It's just it's just kind of the the way it is. You know, we've got a great community Michael Hernandez: and a community of people that wear multiple hats. You know. Some have an in, you know, in house it department. Some have outsourced. Some have an attorney that's that's the it. Department. So you know, we we we help with?

Michael Hernandez: yeah, all different scenarios. And and you know the people on the call, could, you know, could be one of those scenarios and and wearing that hat. Michael Hernandez: so II think this was great. Thank you so much. Definitely appreciate you being on and you know as as shelly chatted. You know, we, this is recorded. This will be put on their Youtube channel. So you know, they've they've got hundreds of organizations. A part of Lsn tap. So you know, those that aren't able to join but but interested, they they definitely have access to view this Michael Hernandez: at a at a later time. So again, thank thank you so much. Really appreciate it. Dan Acquafredda: Thank thank you for the opportunity, Michael. We really appreciate it. And if any questions do come up on the drive home like Michael said, or if there's someone from your team, maybe season recording reached out to Michael, and I'm sure you could communicate the question to us, and we'd love to get an answer for you. But thank you for the opportunity Michael, and to everyone on the call. Michael Hernandez: thank you. Great. Thank you.

Michael Hernandez: Okay, I'm just Michael Hernandez: yup great thank you for that. Shelley. Michael Hernandez: okay, so I'm gonna turn it over to Joel at at to your point. Again. Pro, you know, providing another solution. You know, addressing an issue right? How do you control your data? When, when it's it? They're not using one of your devices. I mean, this is Michael Hernandez: This is not a a a problem that is going to go away. You know. I think any anytime soon. Especially with our community, with the need.

Michael Hernandez: you know, for volunteers and interns. And and look quite frankly. We have to worry about it with staff as well, too. Right, especially with the hybrid if you're in the office and your computer breaks down, chances are, you know, you have another desktop in the office or another laptop that you could hand them but now you have staff at home. They have an issue with their work assigned computer. Michael Hernandez: Are they gonna come to the office and get that fixed so they could continue to work or or do you know, if you have the option? Okay, while while we get your computer, you know, straightened out, you know, just if you have your own personal computer. Hey? You know, here's here's how you access all of your resources using your own personal computer. So, though I've I've kind of focused a little bit more. Talking about volunteers and interns. This this definitely, you know, helps address Michael Hernandez: you know, with with with staff Michael Hernandez: as as well. So okay. Enough for me. Rambling Joel. Thank you so much for for joining you know. Thanks in advance for your presentation, you know. Same scenario we've got, you know, 15 min to go through. You know your spiel, and then, you know we'll we'll leave it for some some questions after. Michael Hernandez: so if you are talking, you might oh, yeah, there we go. Can you hear me better? Hear me now? I can. Yes, thank you. Cool.

Joel DePree: Yeah. Okay. So let me jump into it. so yeah. Joel, the Pre, senior director of Channels with tier point. Michael, thanks for inviting us to to present. And Joel DePree: we are, gonna we we have a little bit of a different approach right? And somebody get into from an agenda standpoint who tearpoint is Joel DePree: we'll give you a high level overview of Vdi, and how that works, and how we're accomplishing that. Joel DePree: May we? We talked about this, too. Michael. Manage fits a little bit of that. So that's another kind of angle and part of the story, including security around email, and then a general security conversation as well, and a product we call clean IP that we use to help manage, you know, remote and multi site kind of situation. So those are kind of the talking points that we'll we'll chat through

Joel DePree: and again, I guess we'll have questions at the end. But if anything comes up or you guys have any questions, please please jump in. Joel DePree: So to your point. Again, we're a little bit different. Right? So we're a very large data center company. We own 45 data centers across the country. I think we're we would probably be considered these days the leader, when it comes to, you know, doing manage cloud doing. You know whether it's managing your aws, environment, azure environment. We build out, you know, private clouds. We do, Vdi, and we do a lot of this through our own data centers that we own and operate. So we're a little unique in the fact that we Joel DePree: own and operate a ton of data centers. But then we also have this super significant managed service portfolio. So we offer a ton of services out of the data centers, not just like your traditional Colo. And and you know, kind of providing space. We do a lot of services. And that's what kind of brings that story together. Joel DePree: you know, we're about a thousand employees, you know, 5,000 customers. Pretty substantial organization these days. There was a point about 8 9 years ago. We went through a big acquisition spree and bought up some of the leading data center companies around the country and you know they were one of the larger ones out there. So you know, there's some unique benefits to having a company that that does all these manage services that actually owns and operates the data centers

as well, gives you kind of that next level of security from an operation standpoint. So Joel DePree: manage virtual desktop. There's traditionally we've done this in a dedicated model, right? So when I say dedicated like a private model where we partnered with a company called Eutanics, and we did dedicated virtual desktops to our customers. Right? So that means you have your own private dedicated environment, which we still can do. Joel DePree: We have recently started working at me offering some Vdi stuff through the public cloud to azure specifically so that can bring costs down and and and allow us to do it in a more kind of scalable model, and, you know, offer it, you know, a more kind of competitive pricing standpoint. So there's a couple of different ways to kind of accomplish this.

you know, for us virtual desktop. You know what it means is Joel DePree: you get to, you know. Bring your own device, your computer, right? Your applications, your files. All of that stuff is in a secure data center elsewhere. Right? So you're kinda locking it all down, and you don't have all the risk and exposure of having Pcs. Out there, you know, files and all sorts of stuff that you kinda have no control over. So again, compared to the other solution, this is a little bit more of Joel DePree: tackling your entire it strategy, not just a single kind of solution that to manage that. You know, we empower employees to bring, you know, their own device, you know. Embrace the more kind of mobile work style, you know, and it reduces a ton of risk when when kind of rolling out a virtual desktop model Joel DePree: virtual desktop. Also, you know, from from our standpoint we're able to design this cause. You have to think I have to have access to all of my files, all the different applications. So our experts design build, you know, understand your existing environment, your existing id strategy. Where things are, most companies are operating in kind of a hybrid model. Right? So you have some applications that are maybe in the cloud. You have some stuff that's on Prem.

you know, stuff in a lot of different places. Again, a lot of where our value comes in is being able to understand that Joel DePree: and and build out a strategy to kind of take you from where you are to where you want to get to this often very hybrid and encompasses, you know some of the things you may already have in place today. Joel DePree: Client focus. So you know, our Vdi offering 24 7 skill technologists. Right? So part of what we're offering here includes things like help desk. So you have managed help desk it could be layered into the virtual desktop offering which you know is a whole nother set of issues that you may have. So you have somebody to call in. You have resources and support. There we do trending analysis and recommendations for optimization. You know, dependable sla's you have access to our team through a web based portal and also phone. So you can kind of manage tickets and your end users can go directly to us. So you're not having to manage these virtual desktops, you know. An ongoing help desk support. Joel DePree: So a lot of cool stuff there, you know. Incident change, request reports, things like that so very client-focused. Again, the help desk layering into the virtual desktop really adds a lot of value for for our clients

Joel DePree: security first. Right? So a holistic approach, I mean, everything's built in and built on. So I'll I'll get in a little bit around clean IP, and some of the next Gen. Security offerings that we have as well. That you can kind of layer into your vdi and we also have a thing called secure workforce that I'm gonna hit with. Joel DePree: But you know, that's that's kind of the the gist of of doing the virtual desktop right? I mean, it's it's part of your strategy. Again. We could do it in a very hybrid manner, and we can kinda understand where you are, where where your goals are and help you help you get there. I'm gonna jump into now. Any questions, Michael. Anything you'd wanna hit on on. Vdi. Michael Hernandez: I'll I'll save it for the the question and answer, Yeah, yeah. yeah, that makes sense. Let's kind of fly through. Okay. And I'm doing account time. Right? Yup.

Joel DePree: Yup, so, OO 365 is the other is the other kind of component right? So you think of your virtual desktop that links in with bunch of your other applications. We also do manage Office 3 65 and that includes delivering it in a managed model for you to consume. We also offer secure workforce. So that's basically managing all the security around your. Joel DePree: So a lot of time when you buy it comes with some security package stuff, but you have to manage and set all of that up. So we configure the best security policies and maxify maximize defenses against cyber threats and data loss around your. We also offer help desk around the. So again, if you don't want to be managing, you know, support tickets around just like with. Vdf, you don't want to be managing those support tickets. We have 24, 7 Us-based support team to help you manage tickets with. As well, you know, we can actually do all of the help desk around all this.

Joel DePree: and then, you know, we basic think about this where we basically have a different route in the Microsoft. So if we gotta escalate things, a lot of these things, we can handle ourselves right, we've been through them. And then, if we need to aspect the Microsoft, we have premier support and can get oftentimes, you know better access and quicker access to resolve problems. So you know, just kinda get kind of that premier access through us and get it delivered again in a in a kind of managed consumption model. Minimize licensing right? So we can move your existing licensing over clean all of that up. Simplify migration and administration. So Joel DePree: you know, setting everything up delivering it. You know all of those things. We can take off your plate and and provide you guys, Joel DePree: and then professional services. We can extend everything for professional services. And this is across the board, right? We talked about this with Vdi. You know, if you have servers, you want to move to the cloud. All of this gets tied together through professional services. And so again, you know, we can help you migrate. We can set environments up. We can do assessments, you know, manage migration. You know whether the assessments are around security or infrastructure. We do all of that. Joel DePree: So the third component is manage. We call it clean it. But it's basically next Gen. Firewall. So when you're kind of tying all this together, right? You're moving this infrastructure to the cloud.

Joel DePree: You know. The key, then is okay. Now, I need to manage security, you know, in terms of accessing the cloud, what's happening on? Prem, we we do next jump firewalls where we can manage a lot of this stuff through our manage. SIM and Sock are so basically, I manage security operation centers to do all sorts of different things around managing your security when accessing applications in the data center and and off Prem, and especially in a hybrid environment where stuff's going back and forth, and things are kind of all over the place, which is very common these days. We have a, you know, a hybrid kind of next Gen. Firewall capabilities that we can offer through clean IP Joel DePree: and you know again, no matter how sophisticated the environment, we can cover lots of different things, whether it's you know, Nat. Stuff, you know, managing the Vpns. You know. Deep packet inspections. You know. Intrusion, prevention, intrusion, detection. Ddos mitigation web content filtering, you know, full stack visibility, no matter where all the applications are Joel DePree: identity, user awareness, application, awareness, grain and control. You know, anti-virus management, you know device, availability, monitoring and alerting, leveraging external intelligence sources. Right? So there's a lot of different things we can do to manage your overall security stance in these kind of hybrid environments through through clean IP next to firewall offering. So that's kind of you know, ddos I mentioned in in web application firewalls. We do as well. That kind of rounds out. Joel DePree: You know the 3 kind of Joel DePree: things I wanted to focus on again. We're a leader in, you know, manage services across the board within our own data centers. So we can do a lot, you know, in terms of just building out, and and, you know, kind of evolving. You know your entire it strategy. But these 3 things right, managing the security, doing the virtual desktop doing manage. O, 3 I think really enable Joel DePree: you to have a strong kind of strategy around this ever changing. You know, workforce where you have a lot of people that are hybrid, and, you know, remote or coming into the office sometimes, and, you know, bring in their own devices. I mean, this is just that. That's something we can help design an entire strategy around. So yeah, I think that kind of wraps that up.

Michael Hernandez: Thank you, Joe. Really, appreciate that. So for for those who have Michael Hernandez: don't have vdi experience so could you talk a little bit about so you know, someone's working off their personal computer. And you talk a little bit about how they would be working. Michael Hernandez: You know. Is it a a a client on their desktop that they're opening up. Are they opening up a web browser you talk a little bit about. You're opening up a client on your yeah. You open up a client on your desktop and again, that there's 2 ways we're doing it right. So we can do it in a dedicated private deployment. Right? So we have a offering called utanics frame. And that's basically we go in. Let's say you have a hundred 50

Joel DePree: Pcs right? So we would go in and build out a dedicated. Joel DePree: essentially private Vdi cloud for 150 users that can scale. But it's dedicated right? So you might have a little bit of buffer room. You gotta add to it or we could do it in a public cloud like in azure, where it's very on demand. But yeah, either way, you're opening a client and everything, you know. Again, if it's in a dedicated model, everything is happening Joel DePree: in that private cloud that we built inside of one of our data centers. Right? So the security is getting managed there. The you know, the access to the data center all of that stuff in our data center. And then if we do it in azure, that's in Microsoft's Cloud. But yeah, both are through both ways. You do it. You just open up an agent. You could provide that to a new user. They can open up on their PC, and you know the inner, you know. That's kind of crazy, because you'll get

Joel DePree: like, let's say you're as long as you get connection to the the cloud, right to the to the Vdi. Joel DePree: Then when you're on the Vdi, your bandwidth, all of that stuff is happening out of the data center Michael Hernandez: 10, Meg, and then you're getting. Then you're getting 100, Meg, because that's what you have out of the data center. Right? So so that's a great point. Cause. So one of the challenges with hybrid work. Right? Is, we have you know, people working in areas where internet is not great. You know, it's it's a rural area. So what you're saying is Michael Hernandez: as long as they can make that connection to the environment. Now that environment's gonna take over and the speed and performance are based off of what you're you're supplying versus what they have at home.

Joel DePree: Yup, yeah. And so the bandwidth you know, they can have a you can. I mean you just you can get these, almost, you know, like very base kind of terminals that you know don't have a lot of compute don't have a lot of capacity, because all of that's happening on the Joel DePree: you know, again, in the data center, right in the cloud, right? Whether that's in a public cloud or in our dedicated private cloud, offering Michael Hernandez: great. Michael Hernandez: And I appreciate you bringing up the support information. Because with some organizations, sometimes make make decisions to not go a certain route because they don't have the internal, it support to be able to support a solution. So when support is available. You know, to, to, you know, help with you know, not just the implementation and walk away. Michael Hernandez: but the ongoing support. You know that that makes you know, and any solution more more attractive again, especially for organizations where you know they have very limited. It, staff or or no real it, staff, right? It's it's an attorney who's wearing an it hat Michael Hernandez: for them, so that you know that that you know ongoing support. Is definitely a good option. So II did wanna open it up. In case, you know, there's anyone has any questions again. You know you can mute, unmute, you know. Mute, you unmute yourself. Chat in us in the chat box. If there's any questions that you have for Joel. Michael Hernandez: Joe definitely, you know, appreciate that that presentation, the overview, and including some of the other. You know, security that ties into remote work. That, you know, we have to sort of factor in as well.

Michael Hernandez: Okay, I'm waiting for Shellie Reid, LSNTAP: no. Guess she's gonna say. Shellie Reid, LSNTAP: while we're waiting for questions from the audience. I would like to know? Obviously, a lot of our community is in the the legal aid space and in the nonprofit arena. So I wanted to hear? You know your company's experiences in working with those type of clients. Shellie Reid, LSNTAP: So open it up to both companies Michael Hernandez: so, Joe, and if you want, since you were just presenting. If you wanna go first and then I'll let you know, Dan, go after you. Joel DePree: Yeah, specifically, with legal. I got that right? Right? Because yeah, legal nonprofit. Yep, yep. I hear. Nonprofit. I'm like, okay, yeah. Yeah, no, we do. I mean, legal's been a big vertical for us. We have law firms and legal organizations of all sizes. As clients, I mean, are, you know, we're a Joel DePree: II we we get more focused on vertical. But what we do. Joel DePree: it's so. But you know, it's just solving. It challenges right across the board. So it it makes, I mean whether it's state and local, or finance, or healthcare or legal. We have tons and tons of customers across the board, but definitely, there's a you know, we have a strong, you know. Legal is a big vertical for us. We work with lots of different legal organizations and have tons and tons of experience there.

Michael Hernandez: Thank thank you, Joel. Dan or or Chris. Dan Acquafredda: Oh, you know, do the same right? We we're we're pretty much vertical, agnostic, right? We. We work with kind of all shapes and size of organizations. And I'm working a lot of legal companies, a lot of smaller ones as well. Right? And specifically, when it comes to organizations that are not profit, whether it may be healthcare. Dan Acquafredda: 1 one thing I think we do really well as well as from a support standpoint, especially with some smaller organizations, is being able to provide that additional support. There's, you know, training onboarding. And you know, we're we're with you. 24, 7 from the first day you start with us in in in the contract with us. So I think we're very well positioned for those nonprofit organizations as well.

Dan Acquafredda: Really, specifically, because how we kind of work with the contractors, the interns, the volunteers, and where there's a lot of people kind of coming in and out of the organization, you know. Sometimes it doesn't make sense to have that extra hardware on board or wanna pigeonhole yourself to just hiring in one specific location. So I do think we really help out with kind of increasing the the breadth of of who you're able to hire where you're able to hire them and be able to deliver assets securely and be popular, that your data will be protected Michael Hernandez: right? That, thank you, Dan, and actually you know again, just to help the audience with with thinking some things through. Dan, you just said something that that triggered the thought. Right? You know their contractors in addition. Right? That we work with that, you know. They might just be coming in on a specific, you know, short term project. It could be a long term project. So they're gonna need access, you know, depending upon what the project is. Your data as well. Michael Hernandez: so if you've got a solution in place. Michael Hernandez: right, they they fall under the same category. Right there they we come in. You know, handle the project, complete it, and you still have access to all of your data. It's not sitting anywhere else.

Michael Hernandez: When you know when they when they leave you know, I think, a lot of times where you know, contractors get a pass right? And they're like, Okay, well, you know, we we've got an nda with them and and different things. And yeah, they they could, you know, have all the security in place. But if you've got the the data locked down. It's it's just not something you even need to to worry about. So thanks for for bringing up the contract. Michael Hernandez: you know, area where it's you have to think about. You know what what's happening with that data? So we've got Cindy. Question, is there a mobile app for both of these solutions. so I'll I'll Dan, since you just spoke I'll just kick it back to you. Does your solution also work with with with mobile app, you know, mobile applications. Dan Acquafredda: Yes, it does. Yeah, we work with apple ios android and and we we sometimes we even have the ability to use that part of your 2 factor up. And then we can get into Ben's work. Space Dan Acquafredda: great. Yes. Michael Hernandez: great. Thank and send you great, great question Joel. With your with your solution. You know. Are you also handling? You could do it through a browser with the private cloud. I don't. With our new stuff through the public cloud, through the azure. I I'm not positive. Yeah, it's new. If if we'd have. We have an actual app that you can download. But you can access to a browser, too. Right? If you wanna get on a virtual desktop.

Michael Hernandez: Great. Michael Hernandez: Thank you. Yeah. I mean, look, it just emphasizes. You know, there, there's so much that needs to be covered. Right? You could access data from computers from tablets from smartphones. Now, you've got, you know, smart Tvs where you you could be using that as well. I mean, there's there's really just so much out there where you could be, you know, accessing Michael Hernandez: data. So you know it is is definitely a lot of lot of ground to to cover. Thank you, Cindy. That was a great question. Thank you for bringing that up Michael Hernandez: we've got. We've got a few more minutes.

Michael Hernandez: sure there's a few more questions out there. Michael Hernandez: Don't be shy again. You could. You could chat it as as well. Michael Hernandez: You know this is this is.

Michael Hernandez: I'll say this has been a concern. Michael Hernandez: you know, as as long as we've been using computers, right? You know, if if someone's not working in the office, but they need access right? How do we do that securely? So a lot of what's been covered today, or, you know, give you options to to help with that Michael Hernandez: with that. And and again, this is this is not something that's new, and it's not something that's gonna go. That's gonna go away. Michael Hernandez: you know. And II I think you know, especially the move to Mobile has increased. You know the the the cost of equipment. You know, I mean desktops. We, you know, able to get, for you know, a certain price. And and now, with the move to Mobile, you know, having laptops, and then do you do docking stations? And you know now, multiple monitors, I mean, you know the costs on.

Michael Hernandez: Keep going up and up. So when you know someone needs the ability to work outside of the office? You know, how, how are you? How are you doing that? You know. And so these are. These are some ways to allow you to to do that. Michael Hernandez: And you know, you might end up being, you know offsetting, you know, some or all of that costs if you don't have to provide you know, equipment for for someone that's, you know, has to work sort of outside of the office or working Michael Hernandez: with with a personal device. Michael Hernandez: And I think, II apologize. One of you mentioned about, you know. Sometimes you provide a stipend or something for you know, for a device. So you know, you you onboard a new you know staff person or a volunteer and and you know, you're providing, you know, potentially a a stipend to help, you know, cover that which typically going to be less than what you you'd end up paying to provide that that person a a computer. Dan Acquafredda: I know that. That's a great point. One other thing I'll I'll kind of piggyback on top of something you just mentioned about loss of computers, especially for short term employees. You know one thing that that we do with our clients all the time is develop in in roi right? And and what that looks like, and especially for nonprofits right, that sometimes have limited capital. Dan Acquafredda: We would kind of show the difference of you know our solution compared to having to buy ship. Sometimes the computers not get returned. It makes a lot of sense for our our organizations and saves them, you know. Pretty significant amount of money over the course of of the year. And anyone that that interested in kind of learning more about that. I want to show you what that would look like as well, since offline. But that's a great point that you just made, Michael. I just wanna piggyback off that a little bit.

Christopher Johnson: Yeah, I think just, you know, another added benefit of of being able to now kind of leverage, Byod and some of the things that we've encountered ourselves. I remember one of the very first users who got on the system Christopher Johnson: was so excited about it because it was a gamer. She built her machine a certain way. It was very much specked out. Christopher Johnson: and she wasn't relegated to company issue computers which you know, let's be honest, we can't buy sometimes the most top of the line, the best solution out there. So give some flexibility with within the workforce. If you're bringing on contractors that have spent a lot of time and money building up their own machine, they can leverage this in a way that's it's respecting their privacy and ensuring the data is secured while they're working on their device. Michael Hernandez: So recommendation from shelly you know. So any last you know thoughts on. You know what what should be considered on this issue, and you know it's in the chat as well again. If if you'd like to Michael Hernandez: to chat Michael Hernandez: any thoughts there. That would be. Michael Hernandez: That would be helpful.

Michael Hernandez: Okay, we we. We have a quiet crowd today, which which is fine. You know. Look it it it that happens. But I you know, I definitely hope. with the few minutes that we have left. You know that. You know you you come away with, some good information to you know. Think about take back to your team, take back to your organization, take back to management. Ii know this is a conversation that Michael Hernandez: either some of you or a lot of you have had when having to. Do, you know cyber insurance, or you know reading through what funders are requesting, you know. Ha! Y

2023-12-18

Show video