Justin shares his experiences and insights from a recent training event, emphasizing the importance of getting out of the everyday office environment to think strategically about business improvements. The hosts explore how MSPs can leverage Apple’s Platform SSO for seamless identity management and discuss the benefits of integrating Microsoft Defender for endpoint protection on Macs.
The episode also covers the latest in compliance requirements, highlighting why MSPs must adopt robust security measures, including device encryption, password management, and firewall activation. Justin and Eric provide practical advice on implementing these measures efficiently, ensuring that MSPs can meet growing regulatory demands while maintaining operational effectiveness.
Whether you’re an MSP owner, a technician, or someone passionate about the industry, this episode provides valuable insights into the tools and strategies that can help you stay ahead in the ever-changing world of managed IT services. Tune in to learn how to enhance your MSP’s security posture, streamline compliance processes, and deliver exceptional value to your clients.
Listen to "All Things MSP" on Your IT Podcasts!
Eric Anthony (00:07):
Data migrations are complex and irritating, creating days of frustration from setup to cutover. Move bot was built from the ground up to fix that move. Bot is the simplest, fastest tool for moving files and emails that there is fully hosted with no infrastructure, no virtual machines, none of that craziness. Sign up, connect, scan and you'll be moving data in minutes. Move data like a pro at Atsp link slash move Bott.
Justin Esgar (00:36):
So I was on the subway for the first time in five years. Yesterday in New York City. I was in a city checking a class. We'll talk about that later. But I had to go up time to go to a client and I have not been in the since Covid, I've been in the city maybe eight times in total. And I took the training for the first time these last three days, and I had to go to a client up in Harlem and I was like, oh crap, I have to take the subway.
(01:05):
They've really improved the New York City subway. I mean it's still disgusting and dirty, but the signage was a lot better. I used my watch to pay for the MTA piece, I think a swipe card, the subway cars themselves, which threw me for a bit because the subway car was a 4,000 series, not a 9,000 series, but it had LED signage and even ads in it that were led D and NICE maps and all this other stuff. And then I got on and then I held on to the subway pole because I had to. And then I realized that's how you get covid.
(01:44):
Immediately when I was coming back from the client, I got to the client, I immediately washed my hands and then was coming back from the client. I had to take the subway back to Penn Station, which if anyone knows you don't go to the bathroom in Penn Station. So I basically held on with one hand the whole ride down and then I kind of just did this and walked around with my handout the entire time for the rest of the day until I got on my train home, sat on the train with my hand up like this, got home and then immediately watch this thing.
Eric Anthony (02:14):
I'm pretty sure that it's something like that. Probably because I flew through Atlanta for Channel Con, so I'm pretty sure that's where I got Covid. It wasn't actually at Channel Con, it was in the subway in Atlanta for the
Justin Esgar (02:30):
Airport. Yeah, that's what it always is. So I was a little nervous, but kudos to you MTA for getting your ish a little bit together during the one time that no one was riding. You
Eric Anthony (02:50):
Level up your domain security and email deliverability achieve peace of mind, reduce ransomware, reduce business email compromise, reduce email phishing and other attacks. Make DACA new revenue stream for your MSP. Becoming a managed service provider partner with Easy DAC is an excellent opportunity for your business to boost sales and increase revenue your customers need DAC, although they might not realize it yet, your job is to let them know that their email infrastructure might be at risk of email spoofing and phishing attacks and that you can offer them a simple solution. Email authentication. Become the dmar C expert your client's need with EZDA. Find out more today at ATP link slash Easy Dmar.
Justin Esgar (03:39):
What's up everybody? Welcome to the All Things MSP podcast. I'm your host Justin Escar. With me always is my good friend, podcast producer extraordinaire. And today we're only doing blue because of reasons. Eric Anthony, what's up buddy?
Eric Anthony (03:51):
I could start seeing singing the I'm So Blue song from Veggie Tails, but I won't,
Justin Esgar (03:59):
Don't do it. That's a different podcast altogether.
Eric Anthony (04:02):
Literally just because that's what color they were when I turned them on and I didn't have time to change.
Justin Esgar (04:08):
You can't really see mine. I have two down there and I have another one over there, which I can tell Lady in the box, set my hues to blue. So that does it because whenever there's a power outage, they always reset to white because Phillips is Philips. I don't know what to tell you what's going on. Everything good. It's been a while. For those who are paying attention, you may or may not have realized that the last couple of episodes seemed like Eric and I were in a mood and that they may or may not have been consecutive. And the truth of the matter is, and I'm pulled back the curtain, Eric and I haven't seen each other in two weeks. We had to get some stuff done. I went on vacation and then I had training and Eric had to go to do some con or whatever it is. And I don't mean a bad way, I mean another
Eric Anthony (04:55):
Channel. Well, we don't talk about that side of my life.
Justin Esgar (05:00):
No, yet again, that's the third podcast. And so we haven't really seen each other. So me legit asking you how are you is a legit ask of how are
Eric Anthony (05:08):
You? Yeah, so just busy. It seems like things have ramped up. Kids have gone back to school. Not my kids of course, but Well, one of 'em. I keep forgetting you
Justin Esgar (05:19):
Can't keep track of the rules.
Eric Anthony (05:20):
We still do have one in university, so it doesn't live here. So I don't keep track as much. All I, although the clue should have been, I did have to fill out his financial aid form, so that happened. But yeah, no, it's busy, but good kind of busy. So I'm happy about that.
Justin Esgar (05:42):
Over here in New York, New Jersey, the kids don't go back to school until after Labor Day. So hint, hint of when we're recording this. So next week will be so much better for me. You remember how towards the beginning of the summer after we come off of ACEs, I had discussed that we were going to do these audits and I was going to run through these audits and then we got through about a month, month and a half of them and then I learned about this compliance module, which we'll talk about later. But then I was like, we're going to do more auditing because of this. And I wanted to get into today's topic, which is the stuff that I had learned at this event that I was at the last couple of days. And it was about security and it was about identity and it was about compliance.
(06:22):
And one of the things that I miss about going to events, I don't really go to a lot of events. I really don't. Not that I'm sheltered in any way, shape or form. I just don't go and I really should because what happens is every time I go to any event with the exception of ACEs, because at that point I'm running around a chicken with a head cut off, but anyone else's events, I come back with pages of notes and it's not even necessarily notes that are relevant to the topic that is going on is that I'm able to get out of my space, I'm able to get out of my head, I'm able to get away from the kids and the dogs and the whatever and the slack and ding bang, boom and the ding and the dong and the ladies and the boxes and the whatever and get a free meal and think about things holistically.
(07:19):
So now I've come back from a two and a half day event and it was a very small event. There was not a lot of people, there was only 10 people there and I have eight pages of notes from the event and six pages of things that we have to do for customers and we have to do for ourselves. And I've been trying to figure out, and we'll get into the topic of what they are in one second, I promise you, but I've categorized it into three buckets I guess things we have to do ourselves, things we have to do for customers and things we have to do for ourselves, but marketing only. So we learned a lot about security and compliance and identity, but I need to figure out how to explain that to customers. We can do that. I have to build a whole new page on our website and I have to write some marketing on it. I got to get graphics and do all this other stuff. So I'm putting that in that third bucket. That's why the third bucket is separate from what we have to do internally, which is like everyone needs to turn on file vault or everyone needs to turn on firewall or whatever.
(08:21):
And I love coming back and what's funny is go through, I go back all the way to, so by Southwest Venture to Venture, which was, oh geez, I don't know, 20 12, 20 13, I'd have to look it up the first or second one and I still have notes in my notes app from then that I refer back to on things. It's such a great way to get out of the space and I think so many people go to events and they just go, I need to learn everything I can about the thing that's going on. I'm like, you need to listen with half an ear.
Eric Anthony (08:55):
So I mean that is one of the reasons why I always promote that MSPs should go to events. Now the flip side of that, especially the last couple of years is there's a lot of events out there. I mean I talked to some of the MSPs who are going to events more than one a month. Okay, that's a lot. But this is where you just need to be very selective about the events that you go to. There's plenty of forums out there where you can ask about this event or the other event and there's a lot of good events out there and I don't know that there's necessarily, in my opinion, that many bad events out there. And of course we're not going to name names, we don't do that on the show, but most of them are good events, but not all of them are for you. So make sure you're picking the right events to go to because like Justin said, I mean if you go to the right sessions at the right shows, you are going to take a lot of notes. And Justin, you mentioned something else that I think is really important there and it gets you out of your day-to-Day mindset. Physically picking up and moving locations to a different place is going to open up your mind in different ways than just watching a virtual event in your office
Justin Esgar (10:21):
And it's powerful. Yeah, a hundred percent, a hundred percent, a hundred percent. The reason I wanted to bring this up though was because I said that we had done the audits and then we did, we were doing the SOX two audits. The next thing is now I'm taking next week now I've been away for a week. I was at training this week. Next week I've blocked off the entire week and I marked everything as busy because I'm going to go through my notes and I'm literally going to implement so much of the stuff that we've done or that I've learned and go through and just really, because I came home from one of the days of the conference and I was talking to my wife about it and I was like, oh, there's just so much I wish I can do, but I just don't have the time.
(11:11):
There's so many, I'm like between the kids and the dogs. She's like, what are you talking about? The kids have only been home for two weeks. Our son has been in sleep boy camp for seven weeks and our daughter, you drop her off in the morning, you pick her up at night, you have all day. I'm like, yeah, but I feel like there's, there's things that are always getting in the way. So what I've done was for next week blocked off the exception the calendar events that were already on there and the meetings that I couldn't move because I'm not going to do that every other minute is blocked off as busy weeks. And I am telling my team, I'm like, you don't get to bother me. I'm not taking tickets. I'm not going to be bothered on Slack. I may actually quit Slack for a week, which would be really weird for me and I'm going to go through and pick a thing and I'm just going to do it.
(11:54):
The only one who knows whether that's good or bad for the company, and I know some people might be cringing. Oh my God, you're changing models and doing all these things. I'm not going to do something that's going to, I'm not moving us from Google to Microsoft for email. It's not like that kind of thing. These are things like setting policies and writing documents. We want to federate Apple is the thing, an Apple business manager where you can federate Apple business manager to a company's email provider. So Google, sorry, not email, but identity provider. So you can Google Workspace, you can do entra, you can do Okta through third party and if you're doing Apple School Manager, you can tie it to an SIS. We know we want to have all of our clients do this before the end of the year. We also know it's a massive hiccup and we also know we don't have any documentation written to support any of it.
(12:45):
So I'm going to reverse it and say, I'm going to compose the email, not send it. I'm going to write all the documentation we need and publish it internally so we can check it. Then when we're ready, let's send it. You know what I mean? I'm doing that stuff. So all of these ideas came from this two and a half day. I do want to talk about today about the first two days of it, which was security and identity because I think there's a lot out there, especially in the identity part that would help all of the listeners because one of the big things that always comes up for us is the Mac versus PC argument. How do we manage the Mac better? How do we do this, how do we do that, whatever. And I think there's a really elegant solution that we'll talk about that Apple has introduced called platform SSO. So let's go backwards. Let's do identity. We're already, let's give
Eric Anthony (13:43):
A little more background about what identity management is first.
Justin Esgar (13:49):
So when it comes to identity management, we're talking about is we're having a source of truth of your users. We're also talking about a source of truth of your devices. So there's two different aspects of this. Many of you who are listening are probably thinking identity management. It's just active directory. Cool. Active directory is not a thing anymore. I hate to break it to you. It is, but it's not right? Because you shouldn't do active directory on-prem. It should be in the cloud and it was Azure and now it's ra, which is just Azure backwards, wait for it. See every time using back in the day back in Mac OS ten six, we used to have this thing called the golden triangle. And what it was was you had active directory on-prem and you had Max in a lab and you wanted to have the max use active directory as, but the problem was active directory didn't have all of the fields needed for a Mac to work.
(14:58):
So you had to add at the time Apple had the exer running Mac OS server, Mac OS 10 server and you had that was running open directory. So active directory, open directory and the client machine created this beautiful little triangle called the golden triangle. Apple got rid of server, apple got rid of the exerts, everybody cried. And there has been no good way to have Max in a corporate environment that can do identity against an active directory server. You could bind a Mac to an active directory, but that inevitably always fails. Two examples for that. One, my wife works for Fortune 500 and she's bound to the active directory and when Covid happened, she had to update her password because the actor had already said 90 day password. Well, the only way she can do that was if she was on-prem on the network. So she had to go to the office to plug in to do it because actor directory isn't meant for remote. The other case of that is we had a client a long time ago who the IT company, they were a bigger company. They had it in another country that was setting the rules. We were just doing the max in New York, but the IT company in England said if you want to connect to the wifi, you have to put in your active directory credentials. Well overnight your active directory credentials hit that 90 day mark and you couldn't change your password, you couldn't get on the wifi to get to the active directory server.
(16:30):
So these stupid problems would keep coming up.
Eric Anthony (16:33):
Well, you always set up a guest network in addition to the corporate network
Justin Esgar (16:40):
In an office. But the problem with that is that on a Mac, on a Mac, as soon as you connect to the guest network, the guest network which worked will become the preferred network. So when you come in the next day, it'll just default to the guest network, which
Eric Anthony (16:52):
Is a problem in of itself. Yes, I get it.
Justin Esgar (16:55):
So there's some hiccup, whatever, it doesn't matter. They're not my client anymore and I don't think they're in business. Who cares? So the cool thing that they have now, apple has been introduced and everyone who's A-P-C-M-S-P who has a couple of Macs in your environment should be going and reading up on this. It's called platform SSO Platform. SSO. What it does, it's a built-in technology. You use your mobile device management tool like Intune or Jamf or agy and you can push a configuration. You take the Mac. Now this is where it's annoying. You have to be an admin, you have to have at least one local admin to sign into the on system. But then from there it's pretty much automated. You can't do a Mac out of the box to do this, but you sign in with it doesn't have to be the first user admin has to have an account on the computer to do this.
(17:57):
They sign in with credentials and then that device is what they call ized. It creates a curb roast ticket and that device is now signed in and any user can sit down at that computer, click the other user option, type in their username and password from their entra and sign in and have an account right away. No problems. And even cooler than that is depending on how your MDM is set up, that user can then go to office.com and click the sign in button and not be prompted for a username and password or two factor or anything. It just signs in because it's a ized sign in. So as long as your time servers are in place and your DNS is in place, all of this will work. Number one reason anything with kros breaks your time, servers are off by five minutes. See, what I'm really loving about talking about this is that all the listeners are going, holy shit.
(18:49):
Justin actually does know technical stuff. He's not just a flapping head of bullshit. Yeah, I've passed tests on this, but it was really cool because as in this class, they had an ENTRA set up for us. They had usernames and passwords. I don't know what kind of account you would need with office or whatever it is, but we signed in with the office based email and these were even on Microsoft. These weren't even legit domain. It was like user at test center dot on microsoft.com had the password and it signed in and it worked. It just worked and it was so just like gorgeous.
Eric Anthony (19:35):
Well, and that's fundamentally why we're driving identity management is for security number one, but also so that can security, even though in my mind kind of breaks the zero trust model a little bit because now you're propagating trust across multiple areas, but done correctly, I think it definitely makes it more secure and more convenient at the same time versus not having it.
Justin Esgar (20:15):
Yeah, it was funny because I was having a conversation with a client the other day about whether or not single sign-on is a good technology or not because they're like, well, we tell people not to have the same password for everything. And I had to basically explain to 'em that single, the same password for everything. It's one password for one thing and that thing uses APIs to talk to all of those other things. So it's not like my Okta password is the same as my office password. No, if I go to office, I get thrown back to Okta to do stuff. And so having that conversation and you can see the motor moving at that point being like, oh, that makes a lot more sense to get that working. And so taking it a step further using platform SSO allows us to do SSO to the computer. Now, this is not out yet, but apparently it's going to be in because it works in the beta, so I can talk about this. This is public beta file Vault will work with platform SSO in an upcoming os, which will probably be out in the fall. So if you're listening to this when this comes out, you got to wait. If you're listening to this in 2026, like you're listening to everything else we've talked about in the past, this already exists.
(21:37):
So there's some cool stuff around that. Now in the class we looked at Okta as well as an identity provider and I have a lot of clients that are on Okta. I like Okta. I think it's great. And with our MZM Adige, we can use something called agy identity to allow users to sign in with Okta because there is no native or I think they may have just released a new Native Mac login tool. On the PC side, there's a product oddly enough called techniques, not the same techniques as the audio brand, but another techniques that you can install an agent. And it does the same thing as ADA G identity. Okta doesn't have platform sso, it's not coming. But there were some cool things about Okta where you have your Okta sign in and you have your push notifications. You can say, yes, it's me.
(22:28):
But what I didn't know and I learned about was you can install the Okta Verify app on the computer and by doing that, what you're doing is once the user has approve, the Okta verifying gone through and actually had to two-factor against their phone, the computer itself is then verified to Okta. So if the user does anything in Okta, they don't get prompted for two-factor. Why? Because the computer has been attested to be proven that it is okay with Okta and if the computer is logged out, that attestation goes away. The user still has the two-factor to get in to let that attestation happen again. So there was really cool ways to think about this because one of the things that kept coming up was we think of identity of who we are, what we have and what we know. I did that backwards, sorry, but who we are is our username. What we know is our password and what we have is our multifactor authentication tool. But what if we didn't have to do that? What if it wasn't that? Because a human being, someone can murder me and steal my phone and get into my one password or get into my Okta Verify or whatever, and if they knew my password, then they're now me, right?
(23:53):
But if the device itself had to attest and they didn't murder me, they just stole the computer. In this regard, the device has no way to attest itself against the system. And so you can do certificate based attestation, I think it's called acme, automated certificate machine enrollment. I look forward to your tweets and emails where you can do this and now the device gets to prove who you are. So going back to zero trust networking, it's a little bit of that because if the device is saying who it is, and it doesn't matter who the user is or what the user has, its user limits, but the device is allowing for things to happen as opposed to it happening from the user perspective, which I thought was a really interesting change in dynamic of how to think about things.
Eric Anthony (24:42):
And I mean I guess I'm okay with it if I still have to two factor to get into the device before the device then can be used to automatically get into those
Justin Esgar (24:56):
Things. A hundred percent right? Not the idea is that these things build on one another and it allows you to do this stuff. Now the other thing that I learned about, and I kind of knew about this, I'm not going to lie, I'm not that dumb, but it was, what's the word I'm thinking of here? Reintroduce to me about just pc. MSPs are going to hate me for this one if you don't already. I'm sorry, it was reintroduced just how secure a Mac laptop and I'm talking about Apple silicon specific and kind of T two intel just how secure a Mac laptop is out of the box because there are things that we can talk about compliance, which we'll get into in our next episode. By the way, everyone, I don't know if we said this earlier, this is a two parter, so buckle up.
(26:00):
There are things that Apple does to secure parts of the computer to prove that the computer is the computer. So going back to the device attestation part, right? There are things in the secure enclave that if you tried to inject into, not only would they not work, but if they did work would fail down the line to prove that that computer is not that computer. So great example, right? Remember the hack and to, yep, we were all building those back in the day I had a Dell Mini nine that I had forced Mac os something on. I remember an
Eric Anthony (26:39):
AC
Justin Esgar (26:40):
Mini hundreds of dollars. I had to buy those very special hard drives to make it work or whatever. Yeah, I put a Mac OS on it. But however that Mac OS doesn't have secure enclave, therefore it doesn't have the specific device controls and certificate building tools to be able to prove to system that it is what it says. So there's some really cool stuff that Apple has been working on and all of this, by the way, all of this is legitimately available for anyone to download or look at. I'm going to take a hot second to look up the URL
Eric Anthony (27:18):
And we will of course include it in the show notes.
Justin Esgar (27:22):
No,
(27:28):
Here it is. Apple platform security. I think it's just apple.com/security. But the long one is support apple.com/guide/security/welcome/web. And in there they talk about right off the cover hardware security system security encryption and data protection, app security and services security. And it was just really interesting about figuring how to build off of these things. So that was a lot of that stuff. And then one of the big ones that I learned about that was really cool. Well, sorry, there's two that I learned about that was cool equal, again, for Windows folks, putting Ms. Defender for endpoint on a Mac. I never even thought about this.
(28:13):
We put Ms. Defender endpoint on a Mac and ran it as our malware tool and it was fast. We actually, there's a guy from, there's a conference called Objective by the Sea, it takes place in Hawaii and he has written a lot of programs and if you go to his GitHub, he has fake malwares that you can download to test with and we put endpoint protection on the Mac, we pushed it out through MZM and it caught things so fast quarantined them and gave great reporting and things like that. And I never even thought about because I always just use Malwarebytes, I was like, because Malwarebytes has always been for Mac, right? But I never even thought about Ms. Defender for endpoint for the Mac. So again, if you're a Windows shop and you have a couple of Macs that are in your office, especially a CEO or C-suite or the design department, these are things that you probably already have and you can push out probably through Intune. This way you don't have to get into a Mac MDM like jam for attitude, but you can push out endpoint protection for the Mac, you can do platform SSO, and it makes your life as an admin so much easier.
Eric Anthony (29:30):
And there are companies, I just talked to one, I think it was just yesterday actually, that are building interfaces and tools that work on top of Intune to make it easier to use and more efficient. The name of that one happens to be DI device, but I think there are some other ones as well. And so they're actually taking, because Intune can be a little bit weird to use in terms of the interface and a lot of people tried to use it in the beginning and it was not as helpful as they maybe thought it was going to be or it was harder to adopt. And so now there are these tools that you can lay on top that actually look like they're doing a pretty good job.
Justin Esgar (30:16):
The people who are running the program did say that Microsoft is leading the way with platform SSO. So I thought that was kind of interesting to even hear that like, oh, Microsoft leading the way with something. The other big one that we learned about was, and this is if you're a Mac consultant and you're looking to do things, a program called Santa, I thought this program was really cool. The reason it's called Santa is because it tells whether or not apps are naughty or nice. It says it on their webpage. And what you can do with Santa is you can block apps based on their name, their bundle id, the team UID, which is a developer part of it, and just tell the user no end of story. So you can block. I know a lot of clients who don't want Spotify being running on their network.
(31:17):
You use Santa, you have a centralized repository and you say don't allow Spotify. And if they try to launch, it just doesn't work. And all of these conversations that we were having about security got me thinking about, okay, and going back to that, we're doing our own SOC two audit. Do we have file vault? Do we have encryption on all of the computers that we're using? Does everyone in my organization use a work-based computer? Because when you start as an MSP, a lot of us just use our personal devices as work devices or we hire our first person and we ask them if they have a computer or things like that. It's not uncommon. I know it sounds ridiculous, but it's not uncommon for that to be the case.
(32:05):
Do we have the right protections in place? So do we have our own malware? Do we have a password manager? Do we have legit SOC two is asking, is the device encrypted? Does the device have an owner? Does the device have client data on it? Does the device have antivirus and malware? Which for whatever reason is not picking up Malwarebytes? Does the device have a password manager on it and does the device have sleep settings turned on? Because that's another big one for both security and compliance is like, does the computer go to sleep and does it require a password? And it's such a simple innocuous thing and I'm like, oh man, it really takes you back and hits you with the fact that these are things you have to do internally as well as pitch on your clients. Because again, one thing that MSPs never do is we never eat our own dog food.
(32:55):
I wouldn't say never, but it's very to find people who don't. Yeah, so that's the thing. So that was my thing about security and identity. There was a lot there that was really cool to see come out from the people who are putting this out there. And obviously there's a lot coming and there's a lot on this securities platform thing that this is based on to really figure out positioning to figure out the device attestation, to figure out the telemetry of the device to figure out whether or not the device is secure or not secure based on these different things. And if you're in a mixed environment, like stop hating on the max or stop hating on the PCs and find the right tools because you have to look at it from a very holistic top down level. It might be annoying that you have to deploy two security tools or you have to deploy two MDMs or you have to deploy two encryption tools.
(34:05):
What is it on the pc? You use BitLocker, right? BitLocker on the PC and F Vault on the Mac. Like, alright, I'm terribly sorry that you have to escrow two types of keys but do right by your client. And especially, here's another thing, let's flip this to a sales thing because talking about that as that third bucket, one of the things I'm working on next week is composing the email that I'm going to send to my client saying, listen, it's now 2024. The world is very different than it was 10 years ago, let alone three years ago. And next year there's going to be even more regulatory and more security and more compliance and more crap that you, which I know you don't want to deal with, you have to deal with. So here are the things we're going to do and some of these will be free and some of these you're going to pay for because it's time or you can do it, I don't care, but you have to do it.
(34:59):
And if you don't do it, ta TA for now. And that includes enabling encryption or MAC firewall. I learned something interesting that I didn't know about the built-in Mac firewall. You can turn it on immediately and it will work. It will not stop any Apple signed services. That was the reason I never turned it on for a lot of clients because I was like, I know a lot of 'em use iCloud, whatever. You can just turn it on. Cool. We're just going to turn it on. It doesn't cost anything. We're going to turn it on. We'll push out with a profile and turn on dumb. But the ones that we've talked about, like SPFD, Kim and Dmar for security for email or writing up security documentation, these are things that you as an MSP can charge for. And a lot of the times, a lot of the times a good amount of it is copy and paste.
Eric Anthony (35:53):
Yeah, I mean I think there's a lot to what you said in terms of there's just more and more compliance coming. Security is becoming more and more of a thing and addressing security on a device by device or application by application or even cloud application to cloud application is becoming more and more difficult to do it. And so that's where identity management matters because if you can create an identity that has those three factors that you talked about and then you can use that to operate in the world that you need to operate in, whether it's the device you're logging into, the application you're using on that device or the cloud application that you're logging into that is going to be in the long run easier for the client and also more secure.
Justin Esgar (36:51):
A hundred percent be secure. Lock it up from Wedding Crashers. You lock it up. But yeah, I mean like I said, you go to an event like this and that was just the security and identity were just two of the two and a half days and I was just like, oh, oh, oh, I have to do all of it. It's good. It's bad, but it's good. But you know what I'm saying, it's like eating hot wings. They're not good for you. They're delicious. It's like
Eric Anthony (37:27):
That except the opposite, right? Because it's harder upfront to put these things into place, but they will make your life and the life of your clients easier in the long run.
Justin Esgar (37:38):
But if it's a hot wing thing, I was going to say it's a lot like the long, long run of the hot wing is also not that great, if you know what I'm saying. Yeah. Now that we've gotten to poop jokes, I think it's time to end the show. Yes, I promise we'll do better next time. Tell us what you're doing about security and what your plans are for the rest of the year. Hit us up facebook.com/group/all things msp. Follow us at youtube.com/at all things MSP like and subscribe. We need those numbers. We want you to be one of those numbers. Tell us what numbers you are, send us a DM at our Facebook group, let us know what YouTube subscriber you are. Then we will know you're a true fan, true fans patreon.com/all things msb.
Eric Anthony (38:19):
Something like that. Mark,
Justin Esgar (38:22):
Something like that. We'll find it. Also follow us on all of your favorite podcasting tools. That's Eric. I am locked down Justin. Bye.
Eric Anthony (38:31):
Thanks for listening and don't forget to subscribe to us on your favorite podcast platform. You can also follow us on Facebook, but better yet, go ahead and join the Facebook group. You can also follow us on Instagram if that's your thing. And make sure you subscribe to our YouTube channel at all things MSP to catch us in all of our video glory. And last but certainly not least, if LinkedIn is your thing, you can follow us there as well. And a special thank you to our premier sponsors, super Ops Move bot go into Easy DM A RC and comtech. And we also want to thank our vendor sponsors. The All Things MSP podcast is a Biz Pal LLC production.