May 24, 2024

Episode 26: Not Your Father’s Network

Listen to the Podcast

Read the Transcript

Erick and Rich discuss the issues (hint: they mostly concern AI) making data security posture management a hot new revenue opportunity and how to turn local networking events into marketing goldmines. Then they’re joined by JB Fowler of Domotz for a look at how hybrid work and the Internet of Things are changing networks and network management. And finally, one last thing: How a Japanese village employed creative obstruction to get rid of obnoxious tourists.

 

Discussed in this episode:

Why “DSPM” Was the Acronym to Watch at This Year’s RSA Conference

To fend off tourists, a town in Japan is building a big screen blocking the view of Mount Fuji

Transcript:

Episode 26: Not Your Father’s Network

Rich: [00:00:00] And three, two, one, blast off, ladies and gentlemen, welcome to another episode of the MSP chat podcast, your weekly visit with two talking heads, talking with you about the services, strategies, and success tips you need to make it big and manage services. My name is Rich Freeman. I am chief content officer and channel analyst at Channel Master, the organization responsible for this podcast.

I am joined side by side as I am every week by your other co host, our chief strategist, my business partner and friend of many years, Erick Simpson. Erick, how are you and where are you?

Erick: I’m doing well, Rich, and I am in Phoenix, Arizona supporting a client’s event doing a couple of speaking sessions here.

And doing a little bit of a networking and just sharing some tips and tricks to help partners grow their business.

Rich: Awesome. Awesome. Fantastic stuff. Folks we we’re going to get into a story of the week in a moment here. Erick’s got his tip of the week. Stick around after that, we’re going to have an interview with JB Fowler evangelist at Domo.

It’s a network management vendor. We’re going to be talking about the changing face. Of network management and the current tech landscape, the implications of IOT for that really interesting conversation coming up. But first, Erick, let’s dive into our story of the week. And in fact, in the last episode of the show, I spoke about something that I first encountered at the RSA conference, the giant.

Cybersecurity conference in San Francisco. And the story of the week is another RSA story, actually, that I wrote about in Channelholic, my blog. And, I go to RSA every year. I look around, I’m always trying to spot the acronym of the year, basically. What’s the thing everybody wants to be in on?

A XDR. You couldn’t look that up. In any direction without seeing the letters xdr and somebody’s signage. I don’t know that we there was anything I saw this year That was quite as clearly the the winner this time around but there was something that I came across a lot that I decided to write about it’s the acronym is dspm.

I showed up in San Francisco, Erick I checked into my hotel. All of the doors to the hotel were plastered with with ads for a DSPM vendor. All the elevator doors were plastered with DSPM. The topic came up in interviews I did with a bunch of different vendors there, including Veeam among others.

What is it? DSPN stands for Data Security Posture Management. Now, data security clearly is nothing new in the realm of security. And in fact, data security is fundamental to what cyber security is. Most of the value is in the data. That’s why ransomware goes after, after data. It’s why hackers try to exfiltrate data.

MSPs in our audience have been responsible for safeguarding data for a long time. But data becomes especially important in the realm of AI. Large language models, Are useless basically without trading data and the accumulation of that training, the data, the distribution of it all of the use cases around data in AI.

Present a whole series of new risks and challenges that end users really haven’t encountered before, and that they are going to need help with from their technology partners, including their their MSPs. And yeah, just to give you a little piece of where the market is going right now, Gartner says that by 2026, not that far away 20 percent of organizations worldwide.

We’ll be using DSPM solutions and it’s only going to grow from there. You can assume in fact, that that prediction was one Gartner made a year ago. I’m sure it’s already that their prediction has already gone up from there. So what kind of things are we talking about here? A whole bunch of different challenges.

We’re all familiar with the risks associated with somebody. Putting sensitive information PII into chat GPT and not realizing that it could leak out into the model. That’s a relatively conventional data loss prevention kind of technology, at least if it involves text. If it involves images, a lot of DLP solutions aren’t necessarily ready for that.

Here is an interesting scenario that came up in an interview I did with Acronis. What if An attacker creates a list of social security numbers, goes to chat GPT or Claude or one of these models, Gemini, and says, show me some more stuff like this. Or maybe they’ve stolen a document, a legitimate document from some company, and they ask GPT for whatever.

What else you got that looks like this? Will the model be smart enough not to leak stuff that shouldn’t be in [00:05:00] there? Maybe not. Private models are not all that much more safe. I did an interview with one of the co founders of Ignite, a company that makes file management software.

And they’ve got very sophisticated governance and compliance and security tools in there that allow you to set file level permissions and control who can or can’t see a file. But they’re beginning to work with AI, and they will freely admit that. You can’t create those kinds of rules around a large language model.

All you can do is create what the model creators call guardrails, which are these kinds of rules that they’ll put in place, most famously keep people from generating racist content or learning how to build a bomb or something like that. But security researchers have repeatedly shown you can defeat these things pretty easily.

And that just, it creates this wildcard scenario essentially for the customers that you’re protecting. And then last but not least, there’s this phenomenon you probably heard of called data poisoning. I’m talking so far about keeping people from taking data out of an LLM that they shouldn’t have people putting data in that shouldn’t be there is an issue as well.

You can imagine a scenario where. A nation state actor, let’s just say China, for example wants to sabotage development of some weapons system here in the U. S. and they can go in to the LLM, if they can sneak in, inject some data there that ensures garbage in, garbage out. You could actually do this on a ransomed basis.

You can contact a business and say, I poisoned your AI, I can show you how and fix it. In exchange for X number of Bitcoin. So a whole bunch of new, interesting, weird, in some cases, data security issues Erick, there’s this class of tools rapidly coming online. These DSPM tools that are getting more and more focused on that particular set of use cases.

And it’s one of these ancillary opportunities. We’ve spoken a lot of times about the different ways that MSPs can monetize AI. Here is a very specific AI security kind of need that we’re going to see more and more in in the SMB customer base. And now is a good time as these tools are arriving and growing and getting more sophisticated.

To begin researching them and thinking about how you can maybe incorporate them into your stack.

Erick: Rich several months ago, you and I started talking more about AI on the program and, we had interviewed, several vendors over in the last few months that. Are trying to capitalize on the opportunity and trying to figure out how to introduce middleware integrated front ends powered by these backend LLMs to, to leverage day to day business operations with AI and things like that.

And. I remember very clearly you and I kind of scratching our heads going we’re not really sure yet how eventually AI will be monetized. What you’ve just reported on is really moving the ball down the field for me and identifying, now there’s this threat that AI presents and these DSPM solutions and services.

Are a way to help businesses guard against, the negatives. Would you say that DSPM wouldn’t be as far along in, in, in its growth, were it not for AI?

Rich: That’s a really interesting question because DSPM solutions predate. Generative AI. But yeah, I do think the popularity, the explosion of use of generative AI solutions.

Has definitely increased interest in that market segment. And I’m sure I can’t cite specific examples. But I feel pretty confident in saying this. There’s probably been some, venture capital, private equity capital that has flowed into DSPM products and companies specifically because they have something AI focused.

And people looking down the road can see there’s going to be a lot of need for that. Yeah,

Erick: I think it’s a very real concern what you just mentioned about these, these AIs being used in ways that may not be either Sanctioned or identified by businesses where users come in and start using these platforms and exposing them To internal company data and that’s how we get some of this potential leakage and things like that so is are these dspm solutions then you know from what you’ve understood so far from interviewing, these leaders Are they monitoring for the, behavior of the data and the data in transit?

Is that something on the roadmap? It seems to me like, my engineer brain is trying to fit it into, okay. Monitoring management, security we’ve got to understand where the [00:10:00] data lives. Who’s manipulating the data and where it’s being shared and things like that, is that kind of part of the the vision or the promise of some of these DS PM solutions or tools?

Rich: So that is a big part of it. So there, there are I think it’s fair to say two big broad buckets of functionality, and one is like vulnerability assessment. So you can go into an environment and look You know that the current landscape and see where there are risks basically see the current data security posture.

And then that obviously will lead to a series of steps you can take to increase the security of that A. I. Data. And then the second bucket would be okay. Now that you’ve done the best job you can do. Of protecting that information. You want to keep an eye on on the status of those security measures and make sure that, there isn’t configuration drift and all these things that could go wrong to undo the great work that you did earlier on.

Risk assessment early on and then ongoing monitoring and management after that.

Erick: Yeah, I, I agree with you that, DSPM has been around, before AI and all that. But all of a sudden I think AI. It, it’s touching everything and now it allows the true value of these DSPM solutions to be recognized because of AI and how it’s being used.

Like you use the term, guardrails like it’s the wild west right now, right? Nobody really knows how Ai is going to be governed. Anybody can sign up, for some of these, ai platforms for free and expose them to data that flies under the radar sometimes you know This is a larger conversation that I know we’re going to continue having as we move through the rest of the evolution of AI and cybersecurity and, data security, posture management, and everything else that’s going on.

I sit here and I wonder, Rich, how much can an MSP take advantage of in the midst of all the other things that they’re doing, right? So there’s, they’ve got to move to where. The puck is going to be right. Wayne Gretzky said, I’m going to skate to where the puck’s going to be.

And if we follow the data as we start disconnecting from these, legacy types of business models, where everything is on premise, we talk about this a lot, rich, we’re moving toward the cloud. We’ve got to secure the, the data in the cloud. We’ve got to secure the SAS applications.

Now we’ve got to secure the data, no matter where it lives, like hybrid, right? Some of it’s in cloud and SaaS applications, some of it’s locally stored still in, in devices on prem. And it’s like a moving target, right? It’s going to take a really mature MSP to sit back in my opinion, and re imagine.

What their true value proposition is for, today’s businesses and what’s important and how to secure all that it’s, it can it’s going to be an exercise that’ll take a while for new MSPs coming in to the channel to figure out where they can add the most value. And I believe where they decide not to play look, if we’re focusing on.

DSPM and data security and things like that, and, cloud and SAS and things like that, maybe MSP say we’re not going to deal with kind of the on premise maintenance and support, but we’re going to deal with data as a focus. And that may be a unique value proposition that allows them to, be more profitable and more efficient because they’re not really rolling trucks on prem and break fixing stuff.

On site the way we used to do it back in, the days when I had my MSP. It’s an interesting conversation

Rich: and i’ll just point out, because this in some ways it follows on Through the interview we did in the previous episode of the show with rob scott from monger in which he was talking about the inadequacies in a typical msp’s master services agreement right now holes in there Related to ai and his point wasn’t that makes ai dangerous.

Don’t do ai his point was Get your MSA ready for AI, and then by all means, jump in. And there’s a similar point maybe to be made around data security. I’ve pointed out a bunch of different issues and vulnerabilities. None of that should scare you away from getting into that market and beginning, To have that process, that conversation you’re talking about, Erick, about where you’re going to play and what your value proposition is going to be.

That’s a long term process, but making sure that you’re prepared to do whatever it is you’re going to do securely. Is a pretty good way to start. Address the legal issues, address the security issues. Get started maybe there. Now while you’re also exploring some of these new tools for vendors, like HATS AI, we’ve spoken about in the show before that can also help you not just secure AI, but.

Add value for your [00:15:00] clients with them. Okay. We we’re going to have a conversation with J. B. Fowler of Domo. It’s about networking. Surely Erick, but before we do, it’s time for your tip of the week, which has to do with a different kind of networking, absolutely

Erick: rich. This week’s tip is to attend local networking events regularly.

And, sometimes we. We find an event and we decide to attend it. And we really don’t have, a strategy beyond we’re going to try to find leads or prospects and things like that rich And I think we’re missing the point of or the overall value of not only You know you attending networking events regularly, but making sure that your team attends these networking events regularly Including your technicians and things like that.

Local networking events are a valuable tool, not only for business growth, when we can find those leads, but professional development and community engagement. So we’re being seen at these events and we are networking and we are building relationships, whether or not these are. We’re going to lead to, business or not, we’re increasing the visibility of our brand image.

Of course, if we generate a few leads along the way, that’s icing on the cake. But we’re gaining insights and we’re interacting with other business owners and we’re trying to understand and maybe even promote and foster conversations in areas like AI and data security and the cloud and SAS and be seen as more thought leaders.

And maybe if we can. Get a quick, 20 minute speaking slot where we’re delivering some real value from a perspective of what a business owner needs to think about in terms of their data, and I’m just going to key off of today’s conversation. So far, Ridge about AI and things like that.

We can not only deliver really key insights, but we’re enhancing our credibility by doing so. Thank you. And so the reason that I say, to participate in these regularly is because if we don’t do it on a regular basis, then it can, it doesn’t yield those benefits back to our organization that sometimes can supersede the value of a new lead, right?

That credibility awareness, that, that branding awareness and just getting our teams out there to push them outside of their comfort zones and to experience this, I don’t know about you rich, I know that in many situations, a business owner will trust a technical resource.

Opinion in a business, sometimes more than they will trust the salesperson’s opinion. In certain situations, so it’s a great way to get more of the team out there and especially if Your clients or prospects are attending these events as well It’s a great way to have them connect and engage With team members that they may not normally have the opportunity to engage with in real life IRL as we like to say so a couple of types of events that You know can be considered our chamber of commerce mixers Any kind of industry specific meetups.

So let’s say that we’re focusing on a specific vertical. If it’s a financial vertical, if it’s a legal vertical, if it’s a healthcare vertical, what are those meetups for those verticals and those attendees? Let’s put those on the list. Business breakfasts or lunch and learns things like that or more general in nature Unless there’s a specific topic or you can promote a topic that you’d like to speak on Again, reflecting your value as a industry expert as a thought leader and elevating your business’s brand professional associations are great ways to also expose yourself.

You can lobby and you can actually become members of professional associations where you really, don’t have an expertise. I know that there’s professional associations for legal for legal verticals for other types of verticals where you could become an associate member, have a booth there, speak, I always recommend try to speak.

And then just mix it up and engage and then even startup or entrepreneurial events where You know, these are meetups where folks that are like, you know They’re entrepreneurs or they’re new startups where they really don’t know What they might need to know from a technology perspective, from a cybersecurity perspective, from an AI perspective, where you can add value and kind of guide the conversation and get in there early and become one of those seven trusted advisors.

That these business owners, want to have a seat at their table as they’re building their [00:20:00] businesses, even from a, early startup stage,

Rich: a lot of really great stuff in there, Erick, that I totally want to endorse. For years and years, I talked to MSPs, what is the single most effective marketing tactic that you use?

And they’ll often talk about lunch and alerts. I go to the chamber of commerce, I do a lunch and alert. That is not the opportunity to do that is great and you should pursue it, but that’s not the only reason to get involved as you were saying there. And it’s an opportunity that is much, much likelier to come to you.

If you participate regularly in terms of the other kinds of benefits that you can enjoy. It’s interesting to me as I was listening to you talk, thinking about the parallels to social media marketing, which we’ve talked about before, where you’re just sharing. Thought leadership on LinkedIn or wherever it is.

And all you’re really trying to do is seed awareness of you as a person who knows, let’s say AI in this. situation so that when somebody has a question about it, they need help. The person they think to call is you that you’re the name, the one name they know to call because you’ve spent some time, invested some effort building up awareness in the chamber of commerce, let’s say as the person who actually knows a thing or two about AI.

I know an MSP, I won’t get into the specifics. This is somebody, as well, but. He developed a solution years back that was for veterinary offices and got involved in a local veterinary professional association and quickly discovered there are no other MSPs participating in local veterinary associations.

He just owned. That community of people, and as a result, as you were saying, he got introduced to the national organization, he got invited to speak, they gave him a booth, it became this huge money making marketing opportunity for him. So you might be surprised there isn’t a lot of competition for attention at the local meeting of the AmErickan Medical Association or AmErickan Bar Association, it’s worth trying out.

And then last but not least You and I are both introverts, Erick. Neither one of us is just itching for the opportunity to participate regularly in a meeting with strangers. But you gotta do it. And the benefits we’re talking about here, I hope make it clear to people, get out of that comfort zone.

It’s gonna it will be uncomfortable, but the rewards really will be worth it for you down the road.

Erick: Absolutely, Rich. And great feedback there. And yes, I. I know the the MSP you’re speaking of because he has been tremendously successful leveraging this specific tactic for the for the veterinary vertical, that’s a great example.

And, the other thing that I’ll share is, if you’re a smaller MSP and you generate the majority of your opportunities from word of mouth referrals, there’s no better way to boost that by leveraging this strategy, because it’s the people that you meet, that you talk to. They may not be a direct prospect for you, but as you exchange business cards and keep in touch with them they will remember you when talking to someone else that has a need that fits your capabilities.

Or, you’re the expert in AI, or you’re the expert in this or that, because they’ve seen you speak and they see you at these events. And those referrals will continue to flow again. It’s not as effective as doing Straight up marketing campaign that’s very consistent for lead generation things like that, but there are no better client opportunities Than referrals, right?

So those are very sticky. And again, you’re building these relationships with other people So that when you do reach out and thank them and ask them for referrals and things like that, they’re more likely to open your email and respond than if you’re just, doing cold email marketing and things like that.

Rich: Okay. Stuff for you to think about and start getting to work on, folks. Time for us to turn to the other kind of networking. So we’re going to take a quick break here when we come back on the other side. Erick and I are going to be joined by JB Fowler, evangelist at Domuts, network management vendor.

We’re going to look a little bit about how networking is changing now that IoT is actually beginning to get some traction. Now that we’re dealing with hybrid work and a bunch of other issues that have made or changed the networking requirements of SMB end users, stick around.

We’re going to get into all of that with JB right after this.

All right. Welcome back folks to the spotlight interview segment of this episode of the MSP chat podcast, which, as you can see, we are recording side by side live and in person at the Kaseya Connect Conference here in Las Vegas, Nevada. I’m and we are joined by the Donuts Evangelist from Donuts, a network management vendor named J.

B. Fowler. J. B., welcome to the show. I am excited to be here, Rich. Super excited. We are really excited to have you here as well. Just before we dive into things a little bit here, tell folks a little bit [00:25:00] about yourself.

JB Fowler: Myself personally, I live in Salt Lake city, but my family had two great boys.

Love them. One’s going to university of Utah doing great. They’re youths, the youths. Exactly right. He’s loving it there. We had another boy in high school enjoys mountain biking. I enjoy doing that with them. Enjoy doing scouting, being outdoors. That’s what life is about for us. That’s a little bit about me.

That’s awesome.

Rich: I love it. For those folks in our audience who are maybe new to to Delmotes, you are the Delmotes evangelist. Tell folks about that role, but also about Delmotes. What does Delmotes do?

JB Fowler: What does Delmotes do? That’s a great question. I’ve been around, I’ve been with Delmotes for about seven years.

The company is about nine years old. Really started out and doing a lot of product management, product definition of things, really focused in on customer success, helping our customers really understand what it is we do and how we do it. So then that brings the question, what is it? We’re an infrastructure monitoring tool.

Okay. So we are looking at the network infrastructure that service providers, I. T. Departments are deploying. In their with their customers and then the systems, and we’re making sure these things are working properly. We’re doing asset discovery, right? So understanding all the assets that have been deploying on the systems.

A lot of MSPs will say that’s what my RMM does, right? The truth of the matter is that the RMM is looking at all of the end points that they are managing. What they’re not aware of is what are all these other assets that are out there? In fact, Fred here in his keynote, it just pointed out that, Endpoints are becoming the smaller pieces of these systems, right?

Now you see 40, 50, 60 percent of the network devices are actually IOT, right? Things that the service providers are not understanding. They don’t know what to do with. DomeVotes provides that visibility of those systems and gives the MSP awareness. of what’s going on in that network. And then as we look at the network infrastructure the managed switches, the routers, the firewalls managed switches and labs, we can now interrogate those deeper and then build out a topology so you can see how all of these devices that are in the system are then connected to that network.

Erick: JB, MSPs are familiar with infrastructure management, and we’ve been there, done that. We’ve invested in tools and technology to manage the usual suspects of what’s in the network. But Domo’s brings a very unique perspective because what you do not only identify all of that stuff, what impresses me is your ability to identify everything else that’s connected to that network.

So how do you do that? And how do you provide the confidence in an MSP to say, Oh, Hey, Mr. And Mrs. Client, we’ve been doing this for you all along, but now you’re bringing in all this other stuff that needs to be managed as well. What can you say to those MSPs that, have thought about it, but really haven’t really taken the, the energy and effort?

To investigate the opportunity and the risk of them not doing that for

JB Fowler: their clients so many things to unpack there so so first of all, I can’t have questions. I can’t give you all my secret sauce, right? Gosh, how did we spend time on this? Oh, I will tell you how we discovered a lot of these devices, right?

Don’t give anything away, but just the

Erick: overall lightning how can an MSP appreciate it and why should they pay attention?

JB Fowler: Then that is definitely what I want to get to. We’re using all standards that are out there, right? And the networking world has been built on standards and we’re taking advantage of those.

Where we differentiate ourselves from other tools is that we actually do layer two discovery. So we’re looking for MAC addresses that are on the system. We’re taking those MAC addresses. We’re then enriching all that data with make, model, and type through technology that we invested in a while back.

But it’s helps us enrich that data. And that’s really what gives us a lot of the power that we have. So underneath all of this, we’re doing things like ARP requests. We’re doing ICMP requests, right? We’re getting all of the network based information and all of that out of the way. The user experience that we bring, I think is where we start to make it easier.

We want to take all the complexities of networking and simplify it. So the level one techs really have a good understanding of what’s going on in the system.

I

JB Fowler: think that’s where we start to bring an operational efficiency to these managed service providers to allow them to work smarter and not as hard.

You always hear that work smarter, not harder. And that’s what we’re trying to help. Now you unpacked another question there, which was about risk complexities and what we’re doing. We believe. That with the fact, like Fred stated, that there are so many new devices showing up on the network, it’s coming to the point where the MSP can’t really understand and manage all of these things without a tool like us, right?

We have to be able to discover the device, classify it, analyze it, tell you what it [00:30:00] is, and bring awareness. So when a new device does get plugged in. In fact, a guy on the show floor today just told me about how his CEO, Ended up getting a picture frame, talks to the cloud, however, but it needs to be connected to wifi.

This device gets plugged into a hospital network and all of a sudden, there’s this new vulnerability that’s showing up in these tools and it’s from the CEO of this hospital, right? The it department comes in and it’s I needed to understand, I needed to stop this device from being on there.

Leveraging a product or a solution, like Domotes, to be able to understand what was this device, where was it, when did it get plugged in, what can I do with it. That’s where we’re helping these guys know more about what’s on the network. Okay. And what’s going on in their systems. If they didn’t have a solution like this, that’s like buying those sources or those vulnerabilities, those potential risks, then the MSP is really in the door.

So we think that something like Domo or a solution like ours really helps them.

Erick: So if the customer is at risk. Then the MSP is at risk as well.

JB Fowler: Oh, that’s such a true statement. Yes. And I hope if MSPs take one message out of this, it’s that, right? Yes, they’re protecting the customer, but they have to realize they’re protecting themselves as well.

So minimizing risk understanding what’s going on there is a very critical part of their process.

Erick: JB on this podcast, we talk a lot about how MSPs can have that crucial conversation with their clients about enhancing their cybersecurity posture and things like that. And, I am of the opinion that the MSPs should leverage the client’s cyber liability insurance policy for guidance and to let the client know, hey, In order for you to not have a claim kicked back in case something happens, if you file a claim to cover the remediation costs and all the other things, we have to meet the requirements of that policy.

The policy says you have to change your passwords. You have to back up your data. You have to do all these things. So how can the conversation be leveraged about IOT devices playing this almost You know unthought of role because we don’t think about these and we don’t think about the cameras that are now on the wi fi we don’t think about the Mobile phones that are walking in and participating in the network and things like that, right?

That’s right So so how do you introduce that conversation without blowing the client’s mind to go? Oh my goodness I hadn’t thought about all this. Is it a Is that an easy conversation you think to have? And if so, how would you guide an MSP in having it?

JB Fowler: I am going to say that depending on the service provider, depending on the customer, there’s different ways of approaching the risks that are associated with IOT and how that affects the network.

There’s so many examples now where a device was put on a network that exposed a vulnerability or created a vulnerability. I think that The service provider and their sales team, somebody who’s talking with their customer, right? That’s their needs to have that honest conversation to say, Hey, this just happened in the news.

Let me tell you why this happened. And then further that with, let me tell you how I, as your service provider, want to protect you, right? These are the things that I’m doing. When we’re talking about cybersecurity, we have to talk about security frameworks. I can guarantee you that insurance companies are absolutely starting to talk about that.

There’s regulations that are now starting to come into play. Regardless of where you are in the world or what state you are in the United States, but regulations are going to happen. Okay. Who knows which framework it’s going to be based on, but let me tell you this. I think that the CIS controls that are out there are a very good basis for all of these frameworks.

Control number one is awareness of what’s on your network. Okay. And that’s not, I have to say this again, that’s not just the RMM. Okay. It’s not just the end points. That is every single device that is on that network. Whether it’s your Apple watch or your Google watch, or it’s the Alexa that somebody just brought in, or it’s that picture frame that the doctor brought in, right?

It can be anything that is connected to the network, right? If it has access to that network, it can be seen as a liability or a vulnerability. And therefore you need to know about, okay. I’ll go further to say that the network infrastructure is a critical part of the CIS controls as well. So knowing how the network is architected, knowing what’s connected to what, and how that’s all facilitated is an important part of CIS controls too.

Of course, you can go further into certain regulated markets or things like PCI compliance, where they have to deal with payment systems or point of sale systems in a retail environment. They also have specific requirements that follow along these CIS controls. So that’s how I like to [00:35:00] position the Need for understanding what’s on your network with customers.

Every service provider is going to handle this differently, but hopefully that’s a good start.

Rich: Where aware of all the IOT, all the devices on the network, being aware of that put you in a position to manage it, to secure it. You’re going to be safer. Your end user is going to be safer.

All of that is good. Is there also a business opportunity, a revenue opportunity for the MSP that comes from having visibility to everything that’s attached to that network and not just the stuff that the RMM is tracking? I absolutely

JB Fowler: believe that there is. Alright one of the things that Delmote’s does that’s extremely Good job of his understanding things like audio video systems, access control systems, building management systems.

The reason I say that is all of these systems are now getting connected to the network. Okay, the service providers, customers, whether it is a dentist office or doctor’s office, or it is a corporation as things like security cameras, those security cameras are connected to the network. Those security cameras aren’t just there for the fun of having them, they’re really there to protect the end client the end customer, whether it’s for insurance purposes, managing slip and fall, or whether it’s for things like loss prevention, as an example.

Access control systems, digital signage, those are all things that help that business do their business better, okay, whether it’s generating revenue or saving costs. I would argue and I would make a point that the service provider is in a position to be able to ensure that those technologies which are connected to his network or her network is working properly.

Okay, so therein lies a revenue generation opportunity for that service provider. If they can come in and say, hey, I’m going to help ensure that your security cameras are working. To the best of their abilities, they’re not only online, but they’re functioning. That is something that no moats can help with.

Same thing from a point of sale system. Same thing from a digital signage. If I can ensure that the screen and the controller that’s driving that screen is always popping up the menu or always popping up the information around how to get. To and from places that right there is I’m going to say beneficial to that client And there’s

Rich: value in that Erick was talking about having the conversation with the client without blowing their mind from a pricing and packaging standpoint, do you have any advice for msps about how to price and package?

IoT device management. It, and part of why I asked is if you are charging per device and you set up a product like DomeLabs or another one and discover 40 devices that suddenly, you know, that, that could be a sticker shot kind of issue. How do you tend to advise MSPs to, to price an IoT management security service without.

Terrifying. It’s so

JB Fowler: fun to terrify

people.

JB Fowler: So you’re opening up a little bit of a can of worms there. I will say it right. Because if I had, the ring that ruled all of those, the ant gave you all the answers to all those questions, it would be simple. But every market does things different.

Every service or industry that the service provider is dealing with. Does things different heads has different needs. So I don’t think I’m just going to preface this all with, I don’t think there’s one answer to all this. Okay. But I will say this service providers need to be thinking about three things.

If they’re going to invest in a solution like downloads or any other tool that fits into their tool stack, it better bring in twice the revenue. Or a better save. That cost or it better mitigate risk. Okay. We talked a little bit already about how we can do revenue generation opportunities, but there’s also this aspect of how can I make BMSP more efficient?

Okay. And how can I help make their level one techs more efficient or reduce the number of hours that a level three tech is doing versus a level one, right? If we can simplify their world, I think there’s advantages there. That being said, all right, with the mitigation of risk, the improving revenue, the increasing cost, I believe that the service provider has to talk with the customer and engage in a conversation to say, what’s important to you, right?

Do you, are you concerned about cyber risk? Do you deal with personal information? Do you deal with health information? Do you, are you in a regulated industry? Where you need to ensure cameras are running or that data is maintained secure. All of those conversations lead up to, I can manage that. Here’s how we value it.

Okay. So I don’t think it would be right for us to say, okay, downloads charges 35 per site. Therefore you should charge 70. That just doesn’t make sense. I really think you need to talk with customers and figure out. What does [00:40:00] it mean for me to keep your network secure? How important

Erick: is that to you?

That makes a lot of sense, JB. So it requires a level of maturity in the MSP to be successful. And we’ve talked about this on the show a lot too, is you have to start thinking about business outcomes rather than technology outcomes or security outcomes. What is it that is going to influence that decision maker to say, this is good for my business.

I need to invest in it. So are there any specific verticals where you see More opportunity than others from an IOT in the environment kind of perspective.

JB Fowler: I do. I do from a service provider perspective, we see anybody that’s willing to deal with, I have to use that phrase, right? Willing and regulated industries as being opportunistic.

We’re in Nevada, right? Right now, but California, right? Dealing with cannabis and things like that. Heavily regulated, we have use cases where service providers are monitoring their security cameras because that is such an important and critical part to the manufacturing of cannabis and how they handle that.

So that’s one area where IOT, right? Or security cameras were never even thought of. And the managed service provider space, but now here’s an opportunity. More and more devices in the AV world are getting connected to the network. There’s this convergence of audio video systems into the it world.

And I believe that service providers, especially in the world of remote communications or remote work where communications are needed over video conferencing now being able to manage the systems, monitor those systems alongside maybe an integrator. There are opportunities that I see there. So I think those are where I see a lot of the change.

I’m still going to say that just understanding when IOT devices are getting connected to the network is such an important part too. And a service provider has the ability now through the domo solution to say, okay, this device has been plugged in. I’m willing to accept that. And then they can monitor its performance and understand how is it affected.

If you put on a if you put on an IOT device that leverages video you’re going to see a lot more bandwidth consumption and being able to say, okay, what’s acceptable bandwidth, what’s acceptable, let’s say quality of service, or how can I limit those things are an important part of what a service provider can do now.

And because of that, therein lies opportunities to help their customer. Handle the data and the systems are getting put on their network.

Erick: So here’s my last question for you, jp. And this, me being the recovering M Ms PI, focusing , the recovering

JB Fowler: Ms. P, I appreciate that.

Erick: Focusing on the things that, I’m thinking about in that role.

If there is a checklist of devices that you would say, okay, MSPs, look out for these. Five devices right away because they are the ones that are predominantly in your customers infrastructures. What devices would those be? I would assume cameras. What about I know a lot of businesses have other types of monitoring solutions like the ring doorbell that is a camera really, but what else is, are there other devices that we don’t think about that are just ubiquitous and are the easy targets for us to go, Oh, you’ve got three of these for those six of these, we need to address this.

JB Fowler: I feel like it, I feel like it’s all over the place. You are correct. Security cameras are a big portion of it. I’m going to say anything with audio and video distribution should be looked at closely. Even the Echo Dots, the Google hubs, right? These things that will produce music are constantly communicating with their cloud and bringing data in and out of the network.

I think those need to be looked at and listening all the time because they’re listening for the trigger phrase to get them to do something right. Exactly. Monitoring those things and understanding how they’re affecting your network is an important part. I will say because of the, Because of what we do and the discovery of assets, there’s many times when service providers will go to a customer, the customer will say, yes, I have 10 printers and I got 50 devices and 10 switches.

What they don’t realize is all those other devices that are on the network, like the cameras, like the Alexis, like the mobile phones, that may or may not be on the guest network. Okay. I think having that information and awareness of what’s going on there is a critical part of what the service provider does.

Needs to know when they’re walking into a job or when they’re working with their clients to tell you exactly, you know These are the top five devices It’s hard to do. I will say that this again, another audio [00:45:00] video thing, but smart displays, everybody has going to led panels, but they’re all smart.

They’re all intelligent because they give us a lot of benefits. Those are on your network. Those are taking data. Those are consuming bandwidth that may be critical for other systems. Awareness of that is important. Yeah,

Erick: no, that I didn’t even think about that. So everybody’s got led panels. Absolutely. TVs in the conference room, that are smart displays.

Yep.

JB Fowler: Yeah. Interesting. Those are getting connected to Wi Fi. Or they’re getting connected to the Ethernet. When it’s on Wi Fi, that can be a real problem for a lot of especially larger corporations where they’re dealing with laptops and everybody’s mobile because now all of a sudden that stuff is consuming that bandwidth that could be utilized for, more important systems.

Rich: We had an executive from Enable on the show a couple of episodes ago talking to us about tabletop exercises which quickly emerged as one of these things that a lot of MSPs probably aren’t doing, but really can’t afford not to do if they want to be prepared for security issues that are inevitable.

Inevitably going to happen. This is a very similar kind of thing. There are probably a lot of people out there not doing IOT management security. And it really is one of those things that you can’t afford not to do given all those devices on the network and the risk attached to that. So important stuff.

J. B. Fowler, Domotes Evandros, thank you so much for joining us on the show here. For folks in the audience who want to learn more about you, learn about more learn more about Domotes, where should they go?

Yeah,

JB Fowler: come to me. JB at domotes. com. Happy to talk to you guys. Super simple, right? But if you want to reach out to our team, sales at domotes.

com is there D O M O T E, or my shirt, domotes. com is where you can find us and we would be happy to talk to you guys.

Rich: All right, fantastic. Thank you very much. Folks, we are going to take a quick little break when we come back on the other side. Erick and I, who will still be here at Kaseya Connect, even though that’s a little bit Behind us in time when you are consuming this podcast Erick and I are going to come back after the break Talk a little bit more about our conversation with jb.

Maybe have a little fun wrap up the show stick around We are going to be right back.

All right. And welcome back to part three of this episode of the MSP chat podcast. As I’m sure folks could see, Erick we recorded that onsite with JB at the Kaseya Connect conference a few weeks back, it was great to have that opportunity with so rare, we actually get to sit down with the interview set subjects.

And that was really nice. And it was a really. Interesting conversation. I’ve been doing writing on and off again about this topic both about the IOT angle there, but just about how things like SASE and hybrid work and the rise of software as a service and, that need for North South networking versus East, it’s really changing.

The importance and the nature of network management. And it was just great to pick JB’s brain a little bit about what he’s seeing with that.

Erick: Yeah. Speaking with JB and, Delmote’s being the, an early pioneer in IOT, they come from the consumer side of the house where the, their services are all about making sure that they can identify these IOT devices and then provide some sort of a management layer, to them and then bringing that to, the MSP channel and allowing MSPs to have, deeper conversations with clients like, we never thought to have in the past, it’s whatever, walks in through the door and connects to the network.

Really traditionally, as the recovering MSP that I am rich back in the day, it’s we manage the stuff that’s in this box. That is our statement of work and we’re manage your servers your desktops, your laptops, your router switches, firewalls. Maybe we started managing phones a little bit later, but, by the time.

This huge explosion of other devices that are connecting to the network started happening. We had sold our MSP practice and I can tell you, Rich, that, there are tons and tons of devices just like we learned from JB that are participating in these networks. And sometimes, users are bringing their own equipment in and connecting to the corporate network and creating You know threat vectors and vulnerabilities and things like that.

I’ll share with you, an interesting statistic that blows me away. I’m, I’m a geek at heart, right? So I’m an engineer. I love fiddling with stuff. I do a lot of home automation at the house. So we’ve got, so many devices, including cameras, doorbells, smart TVs.

Streaming boxes, phones, tablets, laptops, desktops, printers. There’s over 70 devices on my home network at any given time to give you an idea. And some of these are on and off. We have guest networks, so we have people come and they can connect to our guest network, which I manage and control.

Just it’s a [00:50:00] business. They don’t have any access to any, anything other we’re throttling. Their throughput and things like that. They can’t get to any files and not that we share files internally either, but just to give you an idea, and there’s probably, I’d say north of 40, active devices that participate in our, wifi in our network on a regular basis.

And that is just stuff that just, and even the watches that we’re wearing, if you think about everything that we carry around with us you’ve probably got four or five devices right now. And if you’ve got a. A car that connects to, the wireless for updates right in the garage, that’s participating in your network when you really start identifying and going into your router and seeing all the IP addresses that are being handed out, it’s pretty mind blowing.

So imagine that times, whatever multiple in a business with, dozens or hundreds of people at a time or thousands of people, that is a huge opportunity for MSPs. To identify these IOT devices and have a conversation with clients about it and put a plan together on, what’s acceptable use, what’s allowed, what’s not allowed, what can we manage and even to the point where, you know, some of these first generation devices rich that had basically no security, like these were the things that were being controlled.

If you remember the stories where, you know, the refrigerators, were being accessed by threat actors or cameras and things like that when there wasn’t any security and you can identify some of these things and talk to your client and say, Hey, we need to replace these cameras or we need to replace this, replace that because the security level is so low.

We can’t manage it properly. So I think it’s an interesting discussion when we’re talking about all the value that we can bring to our client relationships to, to include everything that connects to the wifi and whether we’re managing it through, corporate side or whether it’s a guest. But there has to be a plan for it because the threats just keep, getting greater and greater.

Rich: And that’s the thing is that ultimately it comes down to doing right by your client. You’ve got to help them inventory and secure the stuff that they’re using but that is difficult and necessary work and you can and should make money doing that as well. So I often say it’s both an offensive and a defensive opportunity for an MSP and offensive in the sense of.

Growing the business in defense of in the sense of protecting your business and your client’s business by making sure they don’t get breached by something you are looking after. That leaves us with time, folks, for just one last thing, and this is it comes to us from Japan a village in Japan, big long name that I know I will mispronounce, I am not going to attempt to do but it is well known, apparently, because they have a really great viewpoint, a great perspective on Mt.

Fuji. And people go to Japan. They want to see and take pictures of Mount Fuji and pictures of themselves in front of Mount Fuji to, to see Mount Fuji is considered good luck in Japan. It’s a big deal. And this is a great place to go to take photos. And apparently are some of the tourists who show up there to do this.

Aren’t maybe the best mannered it’s, it sounds like it’s a drag to have all these foreigners flooding in to take pictures of the mountain there, even if they’re bringing money with them. And so this village came up with a creative solution to the problem. I guess this qualifies as creative.

They’re in the process, Erika, of putting up a giant black curtain that will make it impossible to see the mountain from the vantage point where people typically go to take their pictures. So nothing to see here, folks move along.

Erick: That’s quite an extreme response. So I can only imagine.

The grief and turmoil that these tourists have caused and created for the town to basically elect, To put up, a barrier from the beautiful view of Mount Fuji that not only will prevent the tourists from seeing it, but I’m sure prevents, the folks that live in the town from enjoying that, that majestic view as well.

Rich: And on behalf of ill behaved AmErickan tourists, let me just say to this village, we apologize. Sorry about that. But you figured it out, so good for you. All right, folks. That is all the time we’ve got this week for you on the MSP chat podcast. Thank you so much for joining us. We’re going to be back again with another episode coming up real soon.

Until then we are both an audio and a video podcast. So if you are watching the video version on YouTube, good for you. But if you’re into audio podcasts, go to wherever it is. You get your audio podcast. You’re going to find us there too. If you’re listening to us audio, but you’d like to check us out on YouTube.

Look us up, MSP chat, either way. Please subscribe, rate, review. It’s going to help other people discover the program and enjoy it. Just like you do. This show is produced by the great Russ Johns, part of the team with us here at Channel Mastered. He can produce a show for you too. If you like, if you want to learn more about Russ, you want to learn more about Channel Mastered and the work that we do with our clients and the vendor community, check us out at www.

[00:55:00] channelmastered. com. We have a sister organization called MSP Mastered that works directly with MSPs as opposed to vendors and you can learn about the services they provide at www. mspmastered. com. So once again, we thank you for joining us on the show. We’re going to see you again soon. Until then folks, please remember you can’t spell channel without M S P.