Listen to "All Things MSP" on Your IT Podcasts!
[00:00:07] Growing up, my dad was always just like, you can pick anything with duct tape and solder. And I was like, yeah, how about feelings? And he's like, I just ended that conversation.
[00:00:18] I've met your dad.
[00:00:22] And you know, I'm not wrong is the best. Yeah, he's that kind of guy.
[00:00:28] Apple released a whole bunch. They had a they had a obviously this is going out after this week.
[00:00:34] But this past week, Apple released a whole bunch of new stuff this week.
[00:00:39] Monday was the new iMac, which was the same as the old iMac, but Tuesday they released the new Mac minis, which are now smaller and more powerful.
[00:00:48] And they have Thunderbolt 5 in them.
[00:00:51] And when I mentioned this to my team, Luke goes for whatever reason, that makes me feel old.
[00:01:01] Well, yeah, kind of because it Thunderbolt hasn't been a thing for I get.
[00:01:08] Well, I guess it has been.
[00:01:09] I guess I am old.
[00:01:11] But Thunderbolt wanted to lasted a very long time.
[00:01:15] And now we're like churning out new versions of Thunderbolt every year.
[00:01:19] And let's be honest, it's just USB.
[00:01:23] Um, and then on Wednesday, they released the new M for Mac book pro, which is the same as the old M three Mac book pro 14.
[00:01:34] So the Mac mini I think was the big one that and Apple intelligence is now available, which I don't know if you heard about this.
[00:01:41] And I got this third party.
[00:01:42] I haven't read the article, but apparently there was a reporter who is doing a beta of Apple intelligence.
[00:01:48] And what's nice about Apple intelligence is that will actually give you like if you get a group of text messages in a row, Apple intelligence instead of instead of your phone showing you all those texts, Apple intelligence will give you like a summary, like as the top notification.
[00:02:02] Right.
[00:02:03] Apparently this reporter went through a breakup over text and Apple intelligence just wrote like, after you got a bunch of texts, it just wrote like, uh, Kelly is leaving and wants her stuff back or something like that.
[00:02:17] We'll see if it was truly intelligent, it would say, dude, I'm so sorry.
[00:02:22] Right.
[00:02:22] There was another one where like, apparently somebody's mom went hiking and then almost, and like got hurt and she almost died or whatever it is.
[00:02:32] And Apple intelligence just said, like, um, I try to commit.
[00:02:38] And it's like, come on.
[00:02:39] Like, it did not.
[00:02:40] Oh my gosh.
[00:02:42] Because, because like, think about this, like you always hear those stories about people who go hiking and then disappear, which is like such a, it's also such a trope for TV shows.
[00:02:50] Um, well, you know, although it does happen, like, you know, funny story because you and I haven't chatted since the weekend.
[00:02:58] And while Amy and I were in Virginia last weekend, we came back down the Blue Ridge Parkway and we had stopped at one of those places where you can stop and take pictures and whatnot.
[00:03:08] And there was this helicopter flying overhead and it lands on the road, like just on the other side of the fence from us.
[00:03:17] And turns out, yeah, somebody was hiking and fell and had to be airlifted out.
[00:03:23] And yeah, crazy.
[00:03:25] Good Apple intelligence things that if you go hiking and, and then you get hurt, you try to off yourself.
[00:03:32] Good job.
[00:03:33] No, no, no, no.
[00:03:34] You should not be hiking.
[00:03:35] No, no, no.
[00:03:36] It's yeah.
[00:03:37] Also, if my mom ever wrote, I went for a hike, I'd be like, this is it.
[00:03:40] My mom.
[00:03:40] Stop trying to scam me.
[00:03:42] Let's be honest.
[00:03:43] We all know what's going on here.
[00:03:45] Ah, so AI needs some work.
[00:03:49] Bottom line.
[00:03:52] You said it once we've said it a million times.
[00:03:55] AI is a C plus student.
[00:03:58] Today's episode is brought to you by ThoroughPass, your end to end compliance partner.
[00:04:02] If your business is navigating the complex compliance frameworks like SOC 2, ISO 27001 or HIPAA, ThoroughPass simplifies the process by combining automation with in-house expertise.
[00:04:16] They streamline everything from evidence collection to audit completion, helping you achieve and maintain certifications for your clients without the stress.
[00:04:25] ThoroughPass is here to make compliance accessible, efficient and hassle free for growing businesses.
[00:04:31] A big thank you to ThoroughPass for sponsoring today's episode and supporting our community of IT service providers.
[00:04:44] What's up, everybody?
[00:04:45] Welcome to the All Things MSP Podcast.
[00:04:47] I'm your host, Justin Oskar.
[00:04:48] With me always is my good friend, podcast producer extraordinaire, and the man who understands how ads need to be longer than 30 seconds so you can't skip them, Mr. Eric Anthony.
[00:05:01] Oh, boy.
[00:05:03] Look, I've been told that you're a genius for doing this because, you know, the default, especially for Apple Podcasts is 10 seconds backwards or 15 seconds back and 30 seconds forward.
[00:05:13] But if the ads are 35 seconds, you hit 30 seconds and you still get the tail end of the URL.
[00:05:18] If you hit another 30 seconds, now you've missed my amazing intro.
[00:05:24] Well, I will make sure that I plan better even to get them in the right timing.
[00:05:30] The URLs need to be in the last eight seconds.
[00:05:33] So we have to do 38 seconds because it takes about eight seconds to say URL.
[00:05:36] So we do 38 second ads in the last eight seconds.
[00:05:39] This way they just have to hear all things MSP.link.
[00:05:42] You know what I really love?
[00:05:44] Not AI.
[00:05:46] No.
[00:05:46] I hate AI.
[00:05:47] But I do love it when we have a guest because it makes my life a lot easier, which is great because we have a guest today.
[00:05:52] Let's bring her up.
[00:05:53] It's Rochelle Weiss, service partner manager over at ThoroughPass.
[00:05:58] Rochelle, and that's going to be the last time I say your name in this episode.
[00:06:00] How are you?
[00:06:01] Thanks for being here.
[00:06:03] Hey, guys.
[00:06:04] How's it going?
[00:06:05] Good.
[00:06:06] So for those who don't know, give everybody like a two-minute spiel.
[00:06:09] Who are you and what is ThoroughPass?
[00:06:12] Awesome.
[00:06:13] Well, I am Rochelle Weiss.
[00:06:14] I'm not going to make you say my name because I know if I try to make you say it, you're going to say it wrong.
[00:06:18] You've already said it wrong like four times.
[00:06:20] But I am the service partner manager over at ThoroughPass.
[00:06:23] So I work with all of our reseller and referral partners.
[00:06:27] And ThoroughPass is a compliance automation tool.
[00:06:30] But we don't just have a platform to help make compliance easier like your SOC 2, ISO 27001, HIPAA, HITRUST.
[00:06:38] But we also do the audit as well, which is our main differentiator in the space.
[00:06:42] So we bookend it.
[00:06:43] We do the readiness platform and we do the audit.
[00:06:46] That's awesome.
[00:06:47] Yeah, because a lot of the competitors only do the readiness, right?
[00:06:52] They help you get through everything.
[00:06:53] And then when it comes time for the actual audit, they either send you to a third party or they tell you to go find somebody in the yellow pages.
[00:07:02] At which point, I'll tell you, if you told me to go find an auditor in the yellow pages, I'm going to ask for all of my money back from your service provider.
[00:07:09] When's the last time you opened the yellow pages?
[00:07:11] That's a good question.
[00:07:42] I love the position this time.
[00:07:42] We have to approach all of your clients and the client buys you back the top part of it with your procurement process.
[00:07:43] Because we're going to be that readiness and we're going to do a high quality audit.
[00:07:46] it i guarantee you there's people who are listening right now going there's different
[00:07:49] types of rollers yes there are people don't realize it people don't realize this actually
[00:07:54] when you said this i was like oh my god this is so true because there's like levels of like
[00:07:58] how much hair comes off of the rollers exactly and you will totally see if you start in the corner
[00:08:04] like you want to start in an inconspicuous spot because you will end up with hairs all in the
[00:08:09] corner and you don't want anyone to see it you're gonna go to somebody's house and you're gonna look
[00:08:13] now if everyone goes to youtube.com at all things msp you can watch just how shocked eric is by this
[00:08:18] because he clearly did not know this well no because you know if you're actually a nerd about
[00:08:25] this kind of stuff you know that the proper term is nap for the roller it's the oh all right well
[00:08:32] this show just took a turn eric just showed us up like we thought we were on it all right well let's
[00:08:41] let's get into thorough pass here um okay so we've talked a lot about compliancy on the show
[00:08:48] um for msps right i am now on the boat of msps themselves should be going through some sort of
[00:08:58] compliance framework but i want to take this another step further because i think i've kind of
[00:09:03] driven that to to death really how can msps use something like thorough pass to help get their
[00:09:11] clients in some sort of compliance and i'm gonna book i'm gonna i'm gonna corner that one with even if
[00:09:19] the client doesn't need compliance because like a lot of my clients are graphic design firms right they
[00:09:25] don't they don't care anything about compliance so what can i do with thorough pass to one get them into
[00:09:31] compliance and to help sell them on the idea that they should be compliant yeah so i like to think
[00:09:37] of msps working with their end customers of you're a trusted advisor right like you are giving them
[00:09:43] best practices you're setting them up for success um and i love the example of but like you msps have
[00:09:51] probably worked with an organization where they tell them you need to have mfa put in on all your
[00:09:57] devices right and the ceo will look at and be like yeah that sounds like a really great idea but don't
[00:10:03] do it on me like you do it on everybody else but don't do it on me and they're like you're probably at
[00:10:08] the most risk you need to do this right and so they're advising these end companies of this is what
[00:10:15] you need to do these are best practices and this is where compliance can come into play and they the msp
[00:10:21] can be the advisor to their end organizations and say this is best practice this is what you need to
[00:10:27] do to really set yourselves up for success when you are going to scale your organization it's going
[00:10:33] to play a role in your sales procurement it's going to play a role in making sure that your business
[00:10:38] practices are set up to work in bigger markets they're set up to work with your vendor procurement
[00:10:43] and everything like this is the best practice for you and from like that's looking at it from
[00:10:49] like i'm talking to my clients and i'm telling you this is what you should do for a best business
[00:10:54] practice but from the msp perspective i'm thinking this is a layer of stickiness this is one more element
[00:11:02] of how i can work with you and how i can support you and be your advisor to make sure that you're going
[00:11:07] to continue to work with me year over year yeah and obviously stickiness is i think one of the things we're
[00:11:13] always looking for and just thinking about the fact like we're going through a sock to ourselves
[00:11:18] internally the amount of documentation that we're writing internally like even if you're not
[00:11:25] as the msp even if you're not a compliance writer there are tools out there we won't mention the
[00:11:31] two letters that make it because pre-show we decided that we all hate ai um but like there are ways to
[00:11:37] write some of that stuff and things like a bdcr business disaster continuity right uh recovery and an
[00:11:43] irp incident response plan are places where you as the msp can insert yourself and those are documents
[00:11:51] that are needed for compliance yep yep and you are helping the organizations be set up for success
[00:11:58] moving forward um and what a lot of people don't think about with compliance is it plays a role across
[00:12:04] the organization there's hr components that there's a like your um like business discover disaster
[00:12:11] recovery there's a um security sides of it um there's also what like app development and how what
[00:12:19] you handle like your coding processes and who's involved like it crosses the entire organization and
[00:12:24] it's making sure that there are policies and procedures in place that are just general good business
[00:12:30] practices um and some people just think that security is related to um but like just the tech security and
[00:12:38] that's really not it like sock two and iso 27001 really think about data as a whole in the organization
[00:12:44] um and it's helping the organizations grow and think about the future you brought something up that
[00:12:50] that itches my brain a little bit which is coding right because i think when we started our sock two
[00:12:57] adventure to it's basically a choose your own adventure book there were so many items that were
[00:13:04] related to coding and whilst virtua my company has some coding things as we sell some small apps or
[00:13:11] whatever it is most msps don't do coding at all and i know there was it was so much in regards to
[00:13:18] how we do things in github and and our repos and backups and all this other stuff like yep but with
[00:13:26] most msps not doing that most msps are just providing tech support and microsoft licenses how does that fall into
[00:13:32] play like are they going to have to start spinning up things that they don't need to be compliant with
[00:13:37] these rules are there ways around it like how does how does somebody who's like a two-person organization
[00:13:42] who's let's say top line revenue is two three hundred thousand dollars and they're just helping people in
[00:13:46] the middle of like boise idaho like fit into the realm i don't boys it's boys it's been on my mind lately
[00:13:52] don't ask uh but how do they fit into the realm of something like this okay so i know i had a whole
[00:13:58] conversation earlier this week with someone from idaho and do you guys associate idaho with potatoes
[00:14:03] because i still do this from middle school i don't know why it's a whole thing wait i'm gonna say yes
[00:14:08] because the people i was talking to real quick were technologists and they were talking about how idaho
[00:14:13] is becoming the new hot spot for sas companies and i literally called it silicon potato and they lost
[00:14:20] their word i had a whole conversation about this a couple days ago um that they used to be known for
[00:14:27] potato chips but now they're known for silicon chips um it's it's a whole thing side note i can
[00:14:32] get derailed really fast um but but your numbers or your question originally was that about msps and
[00:14:39] like they may not have code and they like that may not be applicable so if you're looking at an msp
[00:14:44] doing their own compliance um this is where there can be exceptions in the report and you have to think
[00:14:51] about what's actually in scope when they go to do their own report and this is where working with an
[00:14:57] organization like thoroughpass having the auditors in house where we can help with the scoping
[00:15:02] initially and really advise of this is what's in scope this is what's out of scope these controls
[00:15:07] don't apply to you you don't have to worry about this it's a huge benefit of working with a company
[00:15:12] like thoroughpass because i like to relate to the analogy of like selling your house where i could go
[00:15:20] online and i could look up all of the requirements of a sock too um and me who has no compliance background
[00:15:26] i probably could figure it out it would be a pain in the ass but i could figure it out um and i could
[00:15:33] find all the requirements i could do it i could go find an auditor and i could have them audit me but
[00:15:37] they're probably going to be like hey you shouldn't have done this or this didn't apply to you and i
[00:15:41] probably put in way too much work i didn't have to do but relate that to what like selling a house
[00:15:46] i could do the same thing with selling a house i could go online i could find all the paperwork
[00:15:50] requirements everything to sell my house by myself i could list it i could do everything or i could make
[00:15:57] my life easier and i could work with a realtor and a realtor could make my life so much simpler
[00:16:01] getting everything listed doing all the paperwork for me guiding me of what i should list it at doing
[00:16:06] all the finer details that's what it's like doing compliance with thoroughpass we are the experts so that
[00:16:12] that msp doesn't have to be the experts we can be that realtor and we can help guide uh but you have the
[00:16:18] auditor in-house we have experts that can say this is in scope this is out of scope this is what applies
[00:16:23] to you this is what doesn't apply to you so what that's like for their own compliance but then you
[00:16:29] think about the trickle down effect of working with your clients when it comes to compliance and if
[00:16:35] the msps are trying to guide like if i have a client who's going to go through their sock to
[00:16:39] and they do have an app and they do have to put the coding process into play um this is where we have
[00:16:46] the controls and we actually wrote it for the end customer who doesn't have a compliance background
[00:16:52] we really tried to write out that project plan and that implementation for someone who doesn't have
[00:16:58] a compliance background because we do sell direct to end customers as well and we they can get into
[00:17:04] the platform and they can navigate through all those controls and understand what to do
[00:17:08] so if the msp wants to take on that role to help advise they should be able to navigate through but
[00:17:15] then we also have the auditors and the csms in-house to help guide them if necessary to help those msps
[00:17:22] become that expert to help their end customers because we ultimately want them to be able to grow a book
[00:17:28] of business um and become that trusted advisor for their end clients that's where we're a team together
[00:17:34] and that's ultimately like i work in the partnership side of things these are my co-workers is these msps
[00:17:39] we want you to be enabled we want you to have the knowledge and that role you want to play so if you want to be
[00:17:45] hands-on in that let's figure out what knowledge you need to have to play that hands-on role that's
[00:17:50] awesome and i know you know a lot about playing with teams because on a side note i know you're roller
[00:17:54] derby right i do play roller derby yes that is a crazy team sport we could talk about on our other
[00:18:01] show all things not msp um where do we see this going though right because i feel like and maybe
[00:18:11] it's just because my eyes have been open to compliance in the last couple of months but
[00:18:16] i feel like compliance within the msp industry itself is becoming that another one of those hot
[00:18:22] buzz terms yeah right for a long time i had a client who's a non-profit and they would always collect so
[00:18:29] they would always the cfo always wanted sock two reports from all of our vendors that we brought
[00:18:33] in but they never asked from us which i thought was nice and like we're going for it now because i
[00:18:38] know that it'll make us more sticky with the new cfo there but it was only around the time that i
[00:18:44] decided that i wanted to go all of a sudden now i'm seeing it everywhere and maybe again maybe it's
[00:18:47] that thing where like you never thought about buying a red hyundai and now you do you all you see is
[00:18:52] red hyundai's all over the place right so is is the is the idea of compliance or msps really just
[00:19:00] the new marketing buzz or is it something that is going that that has been around maybe i've just
[00:19:07] been blind to and that or is this like the initial big phase of it and that things are going to change
[00:19:14] so drastically over the next let's say three to five years um i think that the need for it has always
[00:19:21] been there and msps has always had a role in security with their clients um but but they there are now
[00:19:30] tools that allow msps to play a more active role in helping their clients achieve their sock two or iso
[00:19:39] 27001 just like thoroughpass and so it allows those msp to have more of a hands-on role with their clients
[00:19:47] in their compliance efforts so i think that's where it's kind of like that red hyundai it becomes more
[00:19:53] aware to them and more of a possibility then because it is there is more of a mindset just with the
[00:20:01] the landscape of cyber security in general uh but sock two like in the us is becoming table stakes
[00:20:06] if you're if companies are wanting to move up market and they're wanting to secure bigger contracts
[00:20:11] you you have to have it like it's not something that's optional anymore where previously it was oh
[00:20:17] do you have a sock two and they're like no let me fill out this ddq instead as a replacement for it now
[00:20:23] they're saying no that's not going to work i have to have a sock two and if i don't have a sock two i need
[00:20:29] to have a bridge letter that you are pursuing a sock two and so i think that's been a shift as well that's
[00:20:34] pushed it um and because that shift is happening in the sales procurement side with end customers msps are now
[00:20:41] noticing this is a business opportunity for me that i'm just leaving on the table if i don't pursue
[00:20:46] this with my end customers and help them if they're going to do it on their own anyway why am i not being
[00:20:51] an advisor with them and adding this to the tech stack that i'm already supporting them right i like that
[00:20:57] because yeah the idea of like not being involved because one thing every msp wants to be is have
[00:21:02] a seat at the table and like this is a great way to do that do we think that the idea because like for
[00:21:10] us at least as an apple consultant there's not many apple consultants who are sock two compliant
[00:21:14] and so for one of the reasons we're doing it not only for my client is because i think it'll make
[00:21:18] us it'll be a differentiator however if your statement of like we should all be doing this
[00:21:24] it's no longer to get now it's now it's no longer a market differentiator now it's a necessity
[00:21:31] right is there something better that we should be going for to like be ahead of like
[00:21:36] if if five msps in boise idaho all wanted to get compliance and one of them wants to stand out from
[00:21:41] the other four and a train is going leaving chicago 45 miles an hour what sorry what's with you in
[00:21:49] boise idaho we're talking about that we're talking about them earlier i'm keeping it in the realm
[00:21:52] okay uh big big hearts up boise i've never been there uh if there's five msps are all in the same
[00:21:59] geographical area right if they're all going for sock two market differential is gone is there something
[00:22:05] better from a compliance standpoint that maybe an msp who wants to stand out who has the the i'll put
[00:22:15] levels in quotes to be at that they should be going for as opposed to a sock two great question so what
[00:22:23] what compliance that an organization goes after is really generally determined by the market that you
[00:22:30] sell to and what you're being asked for and so what i anytime i work with of our partner program and we
[00:22:38] talk to end customers and they say like which program or which compliance program should i go for i generally
[00:22:44] will say what are you being asked for because sometimes it is a bit of overkill if it's like
[00:22:48] well i only need to do a sock two do i want to go through all these five other things well you could
[00:22:54] but are you really going to get the roi on it is it necessary um and that's where i'm just realistic
[00:22:58] on that of i mean does it make me a super good salesperson probably not but at the same time like
[00:23:03] i want to be realistic of what are you actually being asked for um and so when it comes to compliance
[00:23:08] at this point we really are at just table stakes like where do you want to hit the table stakes and
[00:23:12] it's driven by the market that you sell to so what when you think about um certain industries so or
[00:23:18] industries and locations play a role so like us sock two is your table stakes if you're thinking at the
[00:23:25] amia market iso 27001 that's your table stakes if you are in healthcare then you get into hipaa and
[00:23:32] high trust those are going to play a big role um in high trust there's different levels you have e1 i1
[00:23:38] then r2 and so what those that like progressing through those levels and showing that you are expanding
[00:23:45] your security posture like that's going to play a role and it's your organizations that you're handing
[00:23:50] those reports to are going to evaluate those um so it's really going to be driven by the market that
[00:23:57] you sell to and who are you delivering those reports to um in that like on the flip side of that i can
[00:24:03] think of like thorough pass ourselves we are in the world of compliance right we have to eat our own dog
[00:24:08] food we have all of the different certifications because they all like if we are going to put other
[00:24:15] organizations through we have to comply with all of them so like our trust center is massive because
[00:24:20] we want to make sure that we are following all the standards that we put all of our end customers and
[00:24:26] our partners through the trust center is an important part of this right because that's the listing of
[00:24:31] all of the policies and frameworks you've gone through yep as well as all the upstream providers
[00:24:36] that you work with we tend to see reports where you know uh so in some company change part of their
[00:24:43] compliance requirement or their upstream because they're changing with providers we've all seen
[00:24:47] emails like that i have a question because you know in the original stuff that we were sent you know we
[00:24:54] were talking about automation and you know on your linkedin profile it says you know you're really
[00:25:00] passionate personally about automation so how does thorough pass and automation intersect to make it better
[00:25:08] for the msp or the msp's client yeah uh so those are actually are kind of parallel lines um they i mean
[00:25:16] they cross in theory but how my version of automation and that the automation within thoroughpass um are a
[00:25:25] little bit different so thoroughpass automation when it comes to msps is because we are the readiness and
[00:25:31] we are the audit provider um we have thoroughpass is not a standalone platform we connect to the tech stack
[00:25:38] of the end organization so we can automatically pull in some evidence so when you are like implementing
[00:25:46] a policy that like give mfa enabled on all of your users well we can have an integration that's basically
[00:25:52] going to prove that and we can deliver that evidence automatically to the auditors instead of you
[00:25:58] having to screenshot and deliver that evidence to the auditors so that's the automation that's going to
[00:26:03] streamline that so it's going to make it easier for the end customer you as the msp and supporting them
[00:26:08] and easier for our auditors as well so that's the automation that comes into play within thoroughpass
[00:26:13] um whereas for me personally i'm a big automation person um because i'm the only service partner person
[00:26:19] right now here at thoroughpass um i started here about two years ago and manage a whole portfolio of partners
[00:26:25] partners and to be able to manage that it doesn't happen with one person without automation and so
[00:26:31] early on uh i i have a background in kind of building programs from the ground up and thinking
[00:26:38] through what are the most repeatable tasks that are um i don't have to do over and over and over and
[00:26:44] how can i streamline those to make the best use of my time so i can really invest my time in what
[00:26:49] really matters um and so i have always started to automate a lot of my processes whenever i enter in
[00:26:56] a new organization um and that that has made me more efficient so that i can basically do more with less
[00:27:04] and it's a big passion of mine that doesn't just uh fall into work it also goes into personal life as
[00:27:10] well um but like i even automate like birthday cards for my friends and family um but like when i need to
[00:27:18] send everything like i get a notification of like hey you need to say or there's birthdays this month
[00:27:24] that like plan for these birthday cards you need to send this on monday to make sure it gets there like
[00:27:28] i have all of that all automated for me because it's stuff i don't have to think about and i can still
[00:27:32] like make sure i stay on top of everything in my life because i have a lot of things going on and a lot of
[00:27:38] hobbies um and i would not be able to keep track without that so what it's a that the mindset i
[00:27:46] guess the overall thread if i were to connect the thread between them it is how do you drive efficiency
[00:27:51] so you can spend time on what really matters to you so like in thoroughpass how do we drive
[00:27:56] efficiencies on mundane stuff like taking screenshots that just take time um but where we can drive
[00:28:01] efficiencies in really guiding organizations on best practices um and knowing what's in scope versus out
[00:28:08] of scope and um delivering high quality reports whereas but we can't automate a hundred percent of
[00:28:14] compliance if we automate a hundred percent of compliance that means i don't have a job and we
[00:28:17] would all be sad um but so we can't do that but we can automate a lot of the redundancies because that's
[00:28:24] where we can then focus our time on the high quality work yeah and one of the things it does in my
[00:28:31] opinion because i i'm also an automation nerd as well and it drives not only efficiency um but it also
[00:28:39] drives experience and so by leaning on that automation to do the mundane like you talked about
[00:28:47] you're actually creating a better partner experience for your msp partners because you're able to handle
[00:28:53] all of that work in a way that makes it efficient but also makes it you know highly relevant for them
[00:29:00] yeah um and you still have to put a level of personality into it like that's a big piece of
[00:29:05] how i approach partnerships is i want to know you i want to know like what your goals are as an
[00:29:12] individual and as an organization because my job is to help enable that and like not just as a vendor i
[00:29:19] just want to be a vendor um and so in the automation i kind of figure out how to do that with a little
[00:29:25] bit of style um and i'll have some partners that will like reply to something that was automated then
[00:29:30] they're like i don't know if this was automated or not and like they're like i know you so i'm pretty
[00:29:35] sure this is automated and i'm like you'll never know and but the you want to be able to still balance
[00:29:42] like that human touch side of the automation where i still have to make the most of my bandwidth
[00:29:47] but at the same time how what do we service to produce the end goals i'm i'm betting that one
[00:29:56] of the automations you have is to ask your clients when their birthdays are this way you can just lay
[00:30:02] those out actually okay so i probably cut out the part where i said i forgot my question but i do
[00:30:06] remember a question now which is when it comes to some of these because this kind of falls into the
[00:30:12] automation with connecting to some of those services we talked about right so many msps
[00:30:17] are every everything's cloud now right all this is what i was talking about earlier about the the
[00:30:23] upstream providers and such right like i don't have client data i don't store passwords i don't
[00:30:30] have this i don't have that everything's in google and dropbox and microsoft and and and insert other
[00:30:36] file share companies that we can't talk about here what
[00:30:41] do i still need to get a sock to report because like google has one and microsoft has one and
[00:30:47] slack has one can i just use theirs and call it a day that's what i want to get it uh great question
[00:30:52] so i actually had a call today um where i met someone at a partnership or local partnership meeting
[00:30:59] um they actually have a tool that i want to use and so i was like oh let's talk about this that
[00:31:05] actually seems really cool um and i was like do you have a sock too and they're like no actually
[00:31:09] i this vendor i use their sock too you know i don't have to have one i was like ah you do um i actually
[00:31:16] can't work with you without one and so now we're exploring like let's get you a sock too because i
[00:31:22] think you tricked them i think that's a trick i think you just turned them into a sale and if that vendor is
[00:31:26] listening you're sorry you have to apologize i did not um but it is like i can't work with them without
[00:31:32] a sock too but we had to explain like and they even admitted that they've really been relying on well
[00:31:38] it's not me i can just go to all my vendors right like i don't need one and so we had a whole
[00:31:42] conversation uh but a sock two is not just based on your tech stack it's actually based on your
[00:31:48] organization as a whole and so like there's hr components of do you do background checks on all of
[00:31:54] your employees um at how do you manage your onboarding your offboarding your access reviews
[00:31:58] everything like there is more holistically about your organization than your tech stack
[00:32:03] so yes those play a role um but it is not you can't just rely on them if they are out of scope
[00:32:11] or in scope and they are going to have an influence on your sock too um but it you can't
[00:32:17] just exclusively rely on them at some point you are going to need your own right well that's awesome
[00:32:23] uh i think we're running short on time here so is there anything at the end here you want to tell
[00:32:29] everybody about thoroughpass that maybe we didn't cover yet um really the major things is that they're
[00:32:37] when it comes to compliance compliance is a great opportunity to explore as an msp um if you are not
[00:32:43] already exploring it it is a line of business that adds a layer of stickiness to your end customers um
[00:32:50] it already fits into things you are doing um and really puts a pretty bow on a lot of what you are
[00:32:57] already integrated with with end customers um and tools like thoroughpass can help you do that super
[00:33:02] efficiently um i'd love to talk to any msps who are interested in the partnership side of things
[00:33:07] uh the obviously you can find me on linkedin you're probably gonna spell my name wrong which is
[00:33:13] totally fine uh because justin can't even say it right which is okay but the uh you can find me on
[00:33:20] linkedin you can also go to thoroughpass.com we have a become a partner tab um and reach out to me
[00:33:26] there i will also be at it nation next week um and i would love to talk to you guys there as well
[00:33:31] and explore what a partnership would look like so unfortunately due to timey wimey wibbly wobbly
[00:33:36] it nation was probably insert some random time ago before this episode drops um so if you were at it
[00:33:42] nation and you saw rochelle gotta write this up uh make sure that you let us know in the show notes
[00:33:46] uh eric anything to finish off before we say goodbye to the folks at home yeah um not to correct you but
[00:33:53] uh this podcast because you know we talked about thoroughpass in advance about this will actually
[00:34:00] drop the day before it nation starts so
[00:34:08] our goal is just to prove justin wrong in this whole thing here for the folks at home that was not in the
[00:34:14] email list of things i had to talk about tonight on the episode you know what like i said before we'll
[00:34:21] do better next time maybe maybe uh check this out at facebook.com group slash all things msp youtube.com
[00:34:29] at all things msp to watch all of this in high def glory follow us on your favorite podcasting apps
[00:34:34] you're already using one and don't forget to uh tell us in the group do you love this show you do love
[00:34:39] the show tell us we want to hear and leave a review uh for everybody thanks for listening that's
[00:34:44] rochelle that's eric i'm justin bye thanks for tuning in to today's episode and a big shout out
[00:34:49] to thoroughpass for their support if you're ready to take the headache out of compliance and let
[00:34:54] automation do the heavy lifting thoroughpass has the tools and expertise to make it happen
[00:34:59] check them out at thoroughpass.com that's t-h-o-r-o-p-a-s-s.com to see how they can simplify
[00:35:07] compliance for your business thanks again to thoroughpass and make sure you check out thoroughpass.com