Mastering MSP Cybersecurity with OpenText (EP 941)

Hello, friends. Uncle Marv here with another episode of the IT Business Podcast, recording once again from Orlando, Florida at IT Nation, continuing with Day 2. First, let me give a shout out to our friends, Thread. They are the presenting sponsor for this.

They are the 2023 PitchIT Winner, and that was a fantastic competition, and they provide service magic for your service desk. All right, folks. Coming up next here, many of you know that I am a big AppRiver fan that is owned and operated by Open Text, and I've got a couple of gentlemen here, and I have with me, first, I'm going to pronounce his name absolutely correctly, Mike DePalma.

There you go. Nailed it. Nailed it.

Been calling him another name for years and didn't correct me until a few months ago, and also joining us, Jason Myers, Cybersecurity Strategist over at Open Text. Yeah, thanks for having us. So, guys, welcome.

Thank you. So, first question is, how are we enjoying IT Nation? All good? For me, I mean, I came to probably seven or eight consecutive IT Nations, and then the last three years, we didn't sponsor, so this is my first one since 2022, and it's good to see that the community and the energy is still here. It's been awesome to be here so far.

How can it not be here? It's Orlando. I know. I know. 

We're good to go. So, it's been so far, I mean, it's been fantastic. Yeah, it's been great. 

This is my first IT Nation, believe it or not, because I was in product and engineering for about 20, 25 years. They didn't let you guys out of the room? No. All of a sudden, someone discovered that I could actually talk to people, and so they pulled me out of the basement and let me out in public.

So, yeah, it's been great. The weather's been awesome. All right, Jason, well, let me ask your history.

I know, Mike, your history, you were an engineer? Like, you coded and stuff? Yeah, I started my career as a software engineer, did that for about 10 years, and then kind of went out and rolled the dice and tried my hand at a few startups, chased that dragon for a while. I was basically in cybersecurity, DNS. You know, I joke around and say since the late 1900s I've been doing this.

But came over to OpenText about almost a year and a half ago, and then when Mike joined in March, I joined his team, and we've kind of been out on the road evangelizing OpenText. So, it was Mike that plucked you out of the… He did, yeah. It was me. 

Yeah, you can blame me. All right. Let me ask this, because I'm trying to remember, OpenText has been doing a lot of stuff, a lot of acquisitions and all of that.

Has there been anything new, Mike, since the last time you and I were on it? So, the last time we talked, we were just starting to roll out ADR. And so now it's officially released. Obviously, we're here at IT Nation.

It's available for folks using ConnectWise, RMM, all the major RMM vendors you can buy through there. Or buy directly from us. So, that's been probably the biggest thing, and that's been most of the conversation we've had at the booth.

Yeah, and I think one of the advantages of being under OpenText, which has the enterprise side as well, a lot of that technology is trickling down to us now. So, one of the big ones is Aviator, which is OpenText AI, and that's making its way into our cybersecurity products right now. Most notably right now, EDR and MDR.

So, using AI to triage alerts and prioritize things. So, there's kind of something new coming all the time. Right.

Because we have that enterprise umbrella over us. Okay. Well, let me ask this.

Because, yes, we did talk about the EDR real quick. I kind of glossed over it because I've already got it with my other products. But because, like most MSPs, we're looking at trying to consolidate.

I've got too many things on my stack right now. What would be the benefit of looking at EDR and OpenText as opposed to keeping it where I have it now? Yeah, I'll let Jason handle it in a minute. But just on a higher level, the way we define EDR, we've got the endpoint sensor, we've got a full-blown SIM, and then we have a SOAR, so Security Orchestration Automated Response.

Right. Being out on the road and talking about it, that tends to be the piece that people aren't utilizing right now, and it's been a differentiator for us. So, this allows you to automate a lot of the common issues that you might have, and it's literally as easy as just dropping different tasks in there.

And we've got a lot of pre-built automations in there, but it's essentially, hey, malware is detected. All right, what do you want to automatically happen? All right, well, we want to quarantine that file, right? And then what's the next step? All right, if it looks good, then we're going to send out emails. If there seems to be more things we've got to do, okay, we're going to isolate this machine.

So, that automation piece, that orchestration piece, really for us has been the kind of differentiator. When people talk about our EDR, that's what they want to talk about. But, Jason, that's his baby.

He comes from the other side of the house. You hit the nail on the head, right? But with our EDR, having a SIM and a SOAR included with that is something I think is pretty unique to the SMB and MSP world, right? So, when I'm in a boardroom or a breakout session, I'm like, how many of you have a SIM, right? And maybe half the people in the room raise their hands. Well, how many of you have a SOAR? You maybe get one hand.

So, that's pretty unique. Our EDR is kind of the we're handing all the tools to you to build your own SOC, but we've got other flavors as well, right? We have an MDR solution, which is sort of a co-managed, somewhere-in-the-middle type solution, and we've got fully managed as well. So, we've got whatever flavor of detection and response that you could possibly want.

Yeah, I'm sitting here thinking with my EDR. It's like, okay, I know stuff gets flagged, but then I've got to go in and mess with it myself, and there is no automation at all. So, interesting.

Now, is that going to require an endpoint agent? It does require an agent, yes. Lightweight, takes up virtually no resources. I had a customer that was running it on a Windows 2008 server with scarce resources.

Stop it. Stop it. I'm not going to call anybody out.

I'm not going to throw anybody under the bus, but they were stuck with 2008 server. It had virtually no memory, no resources. They installed it.

It still ran just fine without messing anything up. I'm only laughing because I just had a conversation last week at another event. Well, actually, it was a person at the other event.

They contacted me afterwards to evaluate a network they were looking at with 2012 servers, and they were like all up in arms. Who's still running 2012? I'm like, a lot of people. I had not known that 2008 was still out there.

I'll scare you even more. I've heard now that the support for Windows 10 is going away, that people are rolling back to 7. There's been a trend of people going back to Windows 7. I need to work with an MSB. Exactly. 

Case in point, right? Okay, so what else is going on there? I'm trying to think of all the other stuff. You've got the 365 copilot stuff going. You've got the cloud.

Is it secure cloud going? How's all that rolling? Yeah, you know, it's been great. On the Microsoft side, we're seeing a lot of good traction. We talked last time.

The big differentiator for us is our support. We've got a whole team of former Microsoft folks that are in there. We handle all the support tickets.

98.7% are first-call resolution. The rest of them, we work directly with Microsoft. So that's been a good point.

And the ability to, you mentioned secure cloud, so that's our platform where all of these products live. And so to have that, your Microsoft licenses alongside our security product line, makes it very easy to manage. And so we're trying to be the easiest vendor to work with.

And we've released some bundles as well. Oh, that's the word. Yeah, I know.

I know, but if you're going to have a platform, you've got to do it. You've got to have a bundle. But you know what's interesting? I'll say this.

We did a study with Canalys, and we talked it to the channel. And what came back was, yes, vendor sprawl was a problem, and people were looking to consolidate. But they weren't looking to go from 20 to 1. The sweet spot, actually, in that study was between 7 and 10 vendors.

And I think that kind of resonates. So people will say, of course, you survey them, yeah, I need to consolidate. But it doesn't mean they want to consolidate completely.

So that's why we give you the option. If you want a bundle, sure. You want an a la carte, sure.

We're no contracts, free trial, so it makes it easy. Because I think when some vendors try to pigeonhole every MSP, this is what MSPs need, this is what MSPs want, it kind of shows you don't know the channel. Because the beauty of the channel is the flexibility of you guys building your own stack, right? Well, yeah.

So I did a count, and I thought it was 28 things in my stack. It's actually more. So, yeah, I am looking at a little bit of consolidation.

Yeah. So that's been a real big talk. We keep talking, you know, the kind of not rebrand, but the messaging is like open text, open ecosystem, right? Play nice with everybody.

Allow you to, you know, you want to buy through your RMM? Sure. You want to buy through PAX 8, which clearly we compete with on the Microsoft side? Sure. We sell through PAX 8. Buy directly from us? Sure.

I think that's what the – all of these studies, that's what they're telling the vendors to do. So we're trying to listen and meet the MSPs where they want to be met. Okay.

So here's a question. In terms of – so it's a no-brainer for me to recommend, you know, AppRiver open text in a lot of situations. I had somebody that tried to set up their own 365 tenant through that Jeep company, and I was like, ugh.

And then they called me and they're like, I should have called you first. I said, well, I would have told you to call. I think one of the things, though, is we're so reactive when it comes to selling.

And I know that you guys have a platform that helps us be better at selling solutions. But what is the way that we can get that information out to MSPs to say, hey, look, open text can help you sell your products, especially in this 365 climate we're in now. What are you guys saying about that? Yeah, I mean, look, that team that we have that will actually not just train you on the technology itself but how to go to market is outstanding.

We do monthly in-person meetings where we do that. We do constant webinars. That team, we have open office hours.

I think that is really, when we look at Microsoft, we don't want to be the place you just go buy your Microsoft. We want to be the ones that actually help you sell it. And it's become our kind of mantra of, hey, you're not going to become rich selling Microsoft or Copilot, but if you could show the end user what Copilot can do, now you're a consultant.

Now you're saying, yeah, I'm going to put this tool in. It becomes a bigger part of your stack. Yeah, you know, you talk about selling solutions, and Mike and I are on the road all the time talking about this evolution of the MSP, right? You know, starting with a break fix 20 years ago.

You know, you're building servers. You're maybe laying phone cable and phone systems, fixing computers. And then that moved into the cloud model, right? Now you're selling licenses and software, the cloud model.

But now we're seeing the margins on those kind of shrink, right? Now we're moving into the new era. You know, some people say MSP 3.0. No, no, no, it's MIP. Well, MIP? No, ours is BSP, business solution provider.

It rolls off the tongue much better, and that's what you're doing. You're providing business outcomes. Business solution provider.

MIP is a minor in possession. I'm going to have Rob on here. We debated.

I said we should do a panel together because I still talk to Rob all the time. Doesn't it blow off? Business solution provider. Well, the BIP actually sounds more like the song.

Yeah. You said MIP, which is minor in possession, I thought when I was in college. So we might want to get a different acronym for that.

We weren't going to bring up past histories. But, yeah, I mean, I think the point is, though, we're moving into solving business problems. Yes.

Not selling solutions, right? And I think that's going to be the turning point with AI. Selling copilot licenses isn't going to transform a business but showing businesses how they can solve real business problems with it, I think that's where the key is going to be. Oh, speak of the devil.

We were just talking about Rob Rae. He's probably next. Get out of my booth.

Pull up a chair. Well, you know, I think it shows that Pax8's looking at the same data that we're looking at and interpreting the same way. We have different acronyms for it.

But if you look at what they're saying, what we're saying, it's pretty much the same thing. So there is, I mean, the term MSB is going to slowly become antiquated. Yes.

Because you're doing much more than managed services. So whatever you want to use, at the end of the day, it's what the business outcomes you're providing for your clients. James, let me, before Rob tries to commandeer this booth, let me ask you about cybersecurity selling solutions through open text.

Because it's not just the EDR. I mean, there's other things in there with, you know, the mail protection and all of that stuff. What are the things that we can tell people about selling cybersecurity? Well, I mean, you've got to cover all the threat vectors, right? And I always say we've got something to cover every threat vector, whether it's left, center, right, or boom, right? Because at the end of the day, you know, all we're really trying to do is minimize the chances of a security incident happening, reduce the blast radius if something does happen, and then we also give you the tools to respond and recover quickly if something does go down, to be able to business continuity, be able to get back in business if something does happen, because eventually it will.

It doesn't matter how many cybersecurity products you have. Eventually, you're going to face an incident. I was waiting for more.

Uh-oh. Well, and it does. You know, another thing, too, that we really haven't touched on, we have a professional services team, too.

So, you know, we can do penetration testing, vulnerability assessments, digital forensics and incident response. So if something does go down, we can jump in. Okay, I don't see that when I log into my portal.

So right now, those are coming inside of SecureCloud. I think the pen testing and vulnerability assessment is coming in the short term. Digital forensics is usually on a retainer-type basis.

That's probably going to come later. And that's the thing about, you know, what our professional services team does and why it's hard to get into the SecureCloud portal is that none of these are automated. This is a team of people.

So you're actually scoping out a pen test. So we can get people on the ground trying to get into the building, trying to get to the gatekeeper, throwing USB sticks on the ground. This is a full-blown pen test.

So it's not just a check-off-the-box pen test. This is to let me show you if somebody could actually infiltrate your building. Same thing with digital forensics.

You know, we've got a team of folks that can, you know, go testify in court, go, you know, stand up to the feds, those type of things. So it is separate. Again, to Jason's earlier point, you know, we have this big enterprise company.

We're able to pull resources down to provide them to our partners to work with them at SMBs. I think that's a huge differentiator. When we go do boardrooms at Exchange, that's another slide that people sit on and ask a ton of questions because, yeah, you know, there's automated tools.

Same with vulnerability assessment. This is not an automated tool. This is a team of people doing it, right? So it's that extra layer that we're providing from the enterprise level, you know? All right.

See, I learned something because I just farmed out a pen test to somebody else. So I'm going to get in touch with you guys more often. That's been the biggest struggle with us.

I always say, you know, chances are we do what you're asking. And a lot of times I do hear people, I didn't know you did that. I wish I knew you did that.

Well, I think here's the thing. So I do know that when OpenText took over, Zix AppRiver, all of that stuff, I knew that there was enterprise stuff there. But in my mind, that's enterprise.

I'm not looking over in that direction. But you did make a comment earlier that a lot of that stuff is starting to slow, I don't want to say trickle down. That's not the right word.

But it's starting to become accessible to us. Yes. So that is good.

I just need to figure out where to go when I enter the portal and find it or call my rep. Yeah. When you get to those, it is a, you know, contact your rep type thing, and they can pull those, read that professional services team.

You know, there's a lot of MSPs using them. But, again, the way it's structured, it's not really made for like a, hey, go create a quote because you really do need to scope it out. The things that Jason is saying, I mean, we've got these products that are available, and we could sell you anything, right? But those products aren't made for the lens of an MSP.

So what we're doing now, and what I love about OpenText is we are doing it in a really regimented way, not rushing the market with it, is, hey, we want to bring these down and be able to put it in that secure cloud portal. So it's manageable the way that MSPs want to manage it, multi-tenant, the way you want to procure it. So it takes some time.

But we're getting feedback from the MSPs of, like, all right, here's all the products in the enterprise. What should we bring down? You know, because for us, it's always that debate. Like, is this something that MSPs want? Or is it something that's cool for us to stand on stage and say, hey, we do this, but nobody adopts it, what's the point? Right, right.

Well, I guess the first thing is let us know if it's available and then let us figure it out. Yeah. So, all right, since we know Rob is next.

Oh, yeah, I've warmed up the C form. What's a question that I should ask him that you think would really stump him? Oh, man, a Rob Rae question. Stay away from the Blue Jays.

It's still too early. Yeah, way too soon. Way too soon.

Did you see my post I put on the Facebook after that loss? I put on there, can somebody do a safety check on Rob Rae? Yeah, I actually was going to go up because he's only about 20 minutes from me. And Matt Scully, who a lot of people know, went up to watch it with him. And I watched it from home, and I was like, at the end of the day, I'm glad I wasn't up there.

I was pulling for the Blue Jays. That was a heart string puller. One of the best World Series of all time.

It was good. For somebody that doesn't watch baseball that often, and I didn't think I'd have any real interest in this, except for, you know, America, Canada sort of a thing. But it was interesting seeing people that I know and their interest in it.

When I was at ASCII last week with Rob, and everybody's down in the lobby watching and stuff, and I'm like, all right, let's see what happens. Yeah, yeah, it got to be really cool. It doesn't matter what sport it is, man.

A Game 7 is a Game 7. A Game 7 is a Game 7. In terms of a question for Rob, and I would be curious, I've never really asked him, he ran DattoCon for over a decade. We had all these celebrities. We got Gary Sinise here.

I would love to know which celebrity he liked the most, whether it's on stage or, you know, just to deal with. Some of them were prickly. Some of them were really cool.

I have my favorites. I would love to see who Rob thinks was his favorite celebrity because he was the handler. He was the one.

Okay, but are we keeping it to the ones that he brought in to his events? Oh, we could expand it out. We could expand it out to any event that he's gone to. Because every event is trying to get something that's a draw, right? Is it a Pete Manning, which is cool, or is it a nerdy tech who has all this stuff? Is it a futurist? So it would be good to know because every, you know, they spend a lot of money on these folks.

It better be something good. So I'm going to ask you because I haven't asked him yet. I've been waiting how to ask him.

Did you get any feedback on Snoop Dogg at PAX 8 Beyond last year? So the feedback, you know, was interesting because we had the Snoop Dogg. We had him in 2019, and it was such a surprise and everything. The thing was, it kind of leaked out.

The beauty of those surprise guests is that nobody knows who it's going to be. However, it leaked out, and I knew who it was. I think we all knew.

Everybody knew. So it lost a little bit of that pizazz, but it was still so cool for him to go. He basically DJed it.

And he was in Colorado, so he had the liberty of lighting them up. He lit one up on stage. So that topped San Diego a little bit.

So that was the only thing. I wish the secret was so cool the first time. I just wish it hadn't gotten leaked out.

Okay. All right. One last question since we're on the topic of events.

When is OpenText going to have their big user partner party? Where is it going to be? Very interesting. So we do have OpenText World, which is an MSP focus. It's actually coming up pretty soon.

So OpenText World is a large enterprise event. So there's talks, and one of the things when I came in is, should we have an MSP track in that, or should we put on our own event? Now, my initial response was, I don't necessarily think the industry needs another big event. There's a lot going on.

There is. But the flip side of that is it will allow us, to your point, to really display all of the things that we have. So part of my job right now is to start doing some analysis on it, figure out whether it's feasible, figure out where it would be.

This is going to be 18 months at the earliest. It takes a while to find a venue and all that, and then to get a gauge of how many people can we pull. You don't know.

Is it going to be, for a shot, 1,000 people, or is it going to be 200 people? You don't want to rent out a big venue and 200 people are there. You also don't want to say, I've got to turn this off and I could add the possibility. So there's a lot.

And luckily, I am very close friends with somebody who's put on some of the biggest events who's going to come up after me. So that's the conversation I'm going to have at the lobby bar to figure out the feasibility of it. So I'll lean on Rob for that.

And to kind of piggyback on that, where we shine, I think, is Open Text Cybersecurity on our own, is doing roadshows. We have a lot of success with those. We do hands-on workshops.

You've got a couple down by me. The roadshows are fine. And the peer groups.

The peer groups are fantastic. We've got one coming up in Nashville here in a couple weeks. Yeah, we've got Savannah next week.

I'm sorry, Savannah, right. So that's kind of where we are. It is feasible.

And I'll ask you, I mean, what do you think? I mean, every vendor now is putting on their events. Some of them are great. Some of them, you've seen how DattoCon is going.

I probably shouldn't say my comments on air. Okay, all right. I thought this was uncensored.

I mean, okay, I did take a summer off because it was just too many damn events. That's what I hear all the time, and that's my trepidation. I've known for 10 years that we're staples at DattoCon.

We're at DattoCon this year. And I just get burned out. It is.

There's too many, and they're overlapping now. So even if there are two good ones that I want to go to and if they're in the same week, I've got to pick one. And at the same time, I do like good quality events.

So as long as they're good and quality, I think I'm going to uncensored. We're here at a big event that this one, I may not normally come to. If I were just coming as an MSP, probably not.

I'm here as a podcaster. When it's just a pure partner fest, maybe every other year or something like that, just because if I'm already a partner, I'm not there for the dog and pony show. Exactly.

That's the dance that everybody's got to do, provide educational content, but also return ROI to pay for the event by showing all the things that you can do. So there's people, to your point, want to know what we do, but then if you do all Open Tech stuff, people are going to leave and say, oh, it's just a sales machine for Open Tech. It's tough. 

I get it. But that's why I ask the questions and not answer them. Like you said, you could go to an event every day of the year if you wanted to.

When I started working for Mike, he's like, be careful, man. You could be in an event every day. Stop saying yes.

Stop saying yes. When I joined Rob's team, I said yes to everything. And eventually I learned you can't say yes to everybody.

You cannot say yes. The power of saying no is huge. Huge.

All right, guys. Well, thank you very much. And I think we've dipped into Rob's time.

I love it. Let's keep chatting. Yeah, let's squeeze him out.

So thank you very much here. Appreciate it. And we will learn more from Open Text, Mike DePalma and Jason Myers.

Thanks a lot, guys. I really appreciate it. All right, folks.

Obviously you know we'll be right back with Rob Rae. See you then. Holla.