Secure Endpoint Management with Devicie (EP 847)

Hello friends, Uncle Marv here with another episode of the IT Business Podcast, the show for IT professionals and managed service providers to help you run your business better, smarter and faster. We are once again here live at PAX8 Beyond in Denver outside of the Vendor Hall. Lunch has finished up and we are continuing with the afternoon sessions.

And right now I am joined by Colin Britton with Devicie and they brought me some swag. I'm very happy about that. So Colin, welcome to the show.

Thank you for having me on. All right. So Devicie, that's a name that people, if they hear it for the first time, they're not quite sure what to think of it.

So how would you describe Devicie to people? Yes, Devicie is an automation and management solution for Microsoft Intune. The simplest way to think about it is organizations who are on the journey with Microsoft 365, you know, often end up in a situation where they're not extracting the full capability out of it, either due to a time constraint or a resource constraint, or they may be getting out of it in the MSP case. But the complexity of managing multiple tenants for multiple customers and keeping consistency and then as things change, keeping all of them up to date is a challenge.

And so we fill that gap that makes the Microsoft 365 environment for endpoint management manageable and scalable for IT organizations and MSPs. Right. So I know when I was doing a little bit of research here, the whole idea of automation in Microsoft 365, there are a lot of people that say they do it.

And a lot of times they're just basically giving you reports and simple things like password resets and stuff like that. What are some of the parts of automation that Devicie is doing? Yes. So fundamentally, as an architecture, if we start at the architecture layer, unlike a lot of the other tools, which are simply new buttons on top of the graph API, right, so there are simply UX for Intune, we actually have a complete backend system that you're interacting with and then that updates Intune. 

And so we understand the history of what we've done. We collect from a reporting perspective. We collect a history of data both from Intune as well as from the end user devices themselves in order to have a complete view of the endpoint.

And it's easy to focus on Intune because that's where a lot of the power is. Right. But obviously Defender for endpoint, Edge for business and other parts of the system that can be influenced by Intune are also kind of under management.

If it's connected to graph and to do with an endpoint, we will work with it. So then what does automation mean in that case? What it means is we work with the customer to create the understanding of what they want in their system. It's easy to talk about giving people templates and giving people policies and things.

But actually at the bigger level, people are looking for outcomes. Right. They're looking for secure and productive endpoints or they're looking for kiosks that work or they're looking for whatever different circumstance it is.

And we bring pre-vetted runbooks of those capabilities that you can then apply in a consistent manner. Are we talking more than just deployment? Because I'll be honest, I think most of the time that we've talked about Intune, it has only been to deploy. Yeah. 

So the problem with the deploy only model is that Intune is an organic thing and it changes over time. Microsoft's making changes every month to what's like how different settings are working and what's going on and the capabilities. And so you need to continually be able to do that.

You also need to manage drift. Right. Now we talk about drift.

It's a polite way of saying manage. Other people have gone directly into Intune and made changes that are no longer working or Intune itself has some settings changes go on. And so we maintain an active view of each instance in our system and synchronize that with Intune all the time.

So if somebody goes and changes something, we'll change it back. Right. And we'll notify you that somebody did something which is against the policy of what's going on.

That's big. Yeah. If you're in a compliance workflow, then we support CIS 3, CIS 1.1. We have a security maturity report.

The company was founded in Australia and Australia has this really great security framework called Essential 8. Six of the eight controls are around endpoints. And we manage to that set of controls for them, which is actually quite useful for organizations outside of Australia as well, because, you know, knowing that your machine is at a good standard of security, but still productive. You know, the most secure laptop is the one that's never turned on.

Right. Ultimately. Yeah. 

But we want to be productive at the same time. We want our people to be productive. So managing that as well as important.

OK. You just mentioned starting in 2019 in Australia, Devicie came on to my radar probably four or five months ago. Is there a concerted effort now to get into the U.S. market or how did that happen? Yeah. 

So I've done a dozen years in the MSP space, working in portfolio companies of Insight Partners, Insider, the investors in Devicie. OK. There are also the guys behind Veeam and Kaseya.

And you go through a whole list of companies. And I joined the organization because, you know, great capability. We saw the market.

How do we bring this into the U.S. market? So building out the U.S. team and expanding our footprint. And so it's very much Australia and, you know, Australia, New Zealand and then U.S. right now. And then as we grow, we'll go to all the obvious markets.

OK. Now, this was born out of an MSP space, right? Yeah. So I have to imagine that a lot of the pain points that were felt.

How much of those are actually gone away? Got away organically, as in things have got better for the world or gone away because we've fixed them. I think there's a little bit of both there. Yeah. 

If you think about listening to the keynotes this morning and looking at what people are talking about. There is a real reason to consolidate on the Microsoft stack. If you have bought in the business premium, then why aren't you using all of it? Right. 

If you want a secure and productive environment and you're already on business premium, why wouldn't you add Microsoft C5 security add-ons? And that journey is one that is very much moving along for many organizations. And they're both as MSPs, but also end-user and customer organizations are saying we're paying for this stuff. Like, why can't we use it all? And so what we've done, you know, we're unlike a lot of the other companies in the RMM or the management space.

We're not simply kind of like allowing you to connect to your Intune and do a few little bits, but then we're going to throw an agent on and we're going to throw this piece on and we're going to throw our own piece of whatever tech. Our thesis behind this is we fill the gaps that Microsoft has left behind. And as Microsoft closed some of those gaps, so they're working very hard on application, third-party application management right now.

As they close those gaps, then we'll do the other gaps. And right now it's about how do we get you secure and productive? How do we get you in a good security state? We do third-party app management, packaging, and we maintain an app catalog. We also support what Microsoft's doing and their new stuff that they're bringing along.

As other software vendors use that new patching piece, then we'll just make that useful for them. So that's kind of the philosophy there. Let me ask about the roadmap, because although this was born out of MSP space, the fact that Microsoft is doing a lot of things to make it easier, this almost seems like something that would be where MSPs might start to fight internal IT over the management of it.

So is Devicie something that's going to be for both MSP and internal IT teams? Absolutely. And we have customers who actually use Devicie to manage that bridge. And so the MSP may be brought in, but the line between MSP and IT consultant sometimes gets blurred.

Of course, yeah. So you'll have organizations where they've come along to their partner, their IT partner, who happens to be an MSP and an IT consultant, to get them into a good state. Because everybody thinks Intune is about getting it set up.

And so they can use Devicie to start that journey and then have hybrid ownership going on. But in reality, the kind of workflows and the kind of things that are needed are automations to make the day-to-day work easier. Okay. 

So it is going to be a shared thing and there will be ownership from the internal IT? In organizations who are organized that way, yes. You can have shared ownership. Without getting too technical into the details of how we work, as I said before, we leverage very much the Microsoft ecosystem.

And so actually all the permissioning occurs within Entra ID. And so what we can do by a graph onto a given customer's endpoint, how our dashboard is managed, is all managed through Entra. And so that allows you to have these well-controlled, still-in-the-hands-of-the-customer situations.

Okay. I was doing a quick look up before you came up and I was trying to see what could I ask. It seems as though you guys just introduced something called the Reporting Connector.

Yep. And is that true? Is it just released? Just released. So Microsoft at RSA announced Edge for Business Connectors and there's three connectors.

The one that we are currently supporting is Reporting Connector. Chromium and Chrome have had a similar thing in their business for quite a while. But for us, it's like we have a lot of intelligence about what's going on at the endpoint and the health of the endpoint.

And what this does is it adds what's going on inside the browser, which given how many SaaS apps people use and everything else, it's important. So things like passwords, like notifications of bad passwords, notification of password changes, malicious, suspicious content, notifications, etc. All of that comes into our dashboard now.

The one that people find most interesting is extension management. You know, people, you've got your browser and people are installing extensions, right? So how do you manage that and how do you know that somebody is not installing a bad extension? Right. And so that's what the Reporting Connector brings us.

Now, that is interesting because would that have to be something that's tied to the 365 account? Because a lot of people in organizations may install extensions under a personal email if they're allowed to log in. Yeah, so Edge for Business, got to try and make sure I get this correct, because I'm talking about Microsoft stuff, not our stuff here. But Edge for Business, it occurs when a user is Entra logged in with Edge.

So it automatically becomes Edge for Business. OK. And so those extensions are part of your business profile at that point, as opposed to having Chrome on your machine at the same time.

Now, we can manage Chrome profiles. We do manage Chrome profiles in terms of restricting what extension people can install and those kind of things. So via Intune, you can push policies that control Chrome as well as Edge.

All right. Is there been a big difference in the way that Australian MSPs do their management of N2 versus the way us Americans do it? That's a really interesting question. I've worked with the Australian space before, but in this particular area.

And there's a whole bunch of really interesting differences about it's a very relational, much more relational set of business there. I mean, there's a certain number of cities and everybody's just there. So it's selling wise and kind of relationship wise, slightly different from a management perspective.

I think the big thing to think about is my numbers are going to be off a little bit, but 0.2 percent of Australian organizations have more than 500 people companies. Right. It's like 2 percent in the US.

So everything, almost everything in Australia is a small business. And that means that MSPs are much more prolific. And so the MSP businesses, you know, the number of SMCs in Australia is relatively small in comparison to the SMBs.

And then that means it's just a lot more MSPs out there. And so, yeah, that changes. That changes. 

I knew there was a difference in, you know, volume is not the right word, but the density of, you know, the number of MSPs to businesses, obviously. And the other thing is, too, we're a little bit more wild, wild west with how we do things. And it's a relatively conservative environment, I think would be the way to put it.

Not that there aren't similar conservative businesses in the US, but, you know, there is. But the same dynamics around how to keep people productive, how to keep them secure, how do we get devices in people's hands without them having to come into a location or do all of those things? Yeah. How do you flip it on, log in and have it configured and provisioned? It's all the same. 

It's all the same thing, right? You know, autopilot is fantastic. But getting autopilot running correctly is a set of skills that require people to look and, OK, people can go learn it. But why should why should somebody go and work through all of that stuff, right, in order to have a great autopilot experience when you can just kind of pick it up from us and it works, right? So I know Devicie was originally intended for Intune and probably.

But, you know, you mentioned the fact of why not be able to do, you know, all of the stuff in 365. You mentioned Copilot there. Is there going to be management of those components as well? So as I said before, we rather than just being a UX on top of graph, we are a complete system.

And part of that design pattern was so we can start to do things in an agentic way. And so we're doing things with security copilot and plugins for security copilot. And as security copilot becomes more accessible to an MSP, because it's got some nuance around how you don't like it right now, you don't like it right now.

Exactly. But the whole agentic way of doing things, which is, you know. Where you can kind of go and just ask things and it knows where to go and find the answers is going to, we're going to get that more and more and more.

We heard it this morning in the keynotes and there's business efficiency coming out of that, that we're going to get. And we've built a system in that way that we keep all this knowledge and everything else. We talk about a, there's a couple of concepts inside the business.

One is very much an inside thing, which is we call it devices zero. And this is the idea that we are customer zero, right? So how we manage ourselves, how we manage some of our SMC direct customers, those philosophies need to become embedded in the product so that our MSP customers can get the same benefits and advantages. So that's one thing.

And then the second is what we call device CIO and device CIO stands for informed and opinionated. And we are informed and opinionated on the Microsoft 365 environment. You can ask us anything you want.

And we've got a team of subject matter experts who we maintain who are there for our customers. So you can say, hey, I've got this situation or, hey, I want to do this, but I can't figure it out in that way. How do I do this? You bring that to us.

This SaaS is going to become actually services as software, right? And in order to get services as software, you've got to understand what those services are. And so human augmentation of agentic is what I see the next period being. As we become more and more agentic, the human part of that is a key part of that workflow.

And so that's kind of what we're bringing to our customers. OK, very nice. How much AI is built into your platform? Right now, we're using a lot outside of the platform and we're in a we're in a building phase around it.

What's important to me and to some of the philosophies of this stuff right now is that we understand what it is that people want to get done. And so that, again, internal language, everything is a ticket and a task. You know, I've been involved in growing software companies from startup to scale up, and it's all about people and process and discipline and repetition.

And so capturing what it is that people are doing and capturing that knowledge is the first part of being able to automate it. And so we're doing a lot of work around that. Everything's a ticket. 

Everything's a task. And, you know, things that get repeated multiple times. Well, maybe they should be automated.

And then we're using that to build an agentic approach. And in a similar philosophy to how Microsoft have done it, we're pretty close with the engineering teams at Microsoft. And they have some philosophies, which I think is super interesting.

Like you ask an agent to do something. It's going to tell you, it's going to ask you permission to do it and tell you what it's going to do before it does it. So we're not into this kind of like black box.

We don't know what happened. Right. You know, everything else.

So how do you kind of build that pattern up? And, you know, that's the work that's going on. Very interesting work indeed. And thankful to you guys for, I don't know, I guess being on the forefront of this because Intune management is something we need.

Yeah. And it's, you know, Intune is incredibly powerful and there's so many capabilities. It's so rich what you can do with it.

The problem is not everybody can afford to have a tier four expert on staff or retain it. And certainly, you know, if you hire that person, having them clicking around between 100 different Intune tenants to repeat the same task the whole time doesn't make any sense either. Right. 

So that kind of filling the gap and making it accessible to MSPs in a productive way is what the mission is. And rather than, you know, building some independent system to take over things, we're very much about how do you make Intune productive and powerful for people? Well, I like what you guys are doing. And again, thank you very much.

Thank you for stopping by the booth here at PAX8 Beyond. And thank you for the swag. Yeah. 

And we'll see if we can get some more people over there to the booth there for you. Yeah. Great. 

Thanks very much. And thank you for having me. And remember to hydrate everybody while you're up here in Denver.

Yes. Is that from personal experience? Did you do some hiking before the conference? I'm very fortunate to have a house up in the mountains in Breckenridge. And so I spend about half my time up there.

Certainly while working with Australia, being on mountain time zone is much more comfortable working with Australia than being on the East Coast. So I've spent a lot of time out in the mountains over the last period. And yeah, it takes a little bit of adjustment.

All right. Well, enjoy the rest of your conference. And again, thank you for stopping by.

Ladies and gentlemen, Colin Britton with Devicie. Thank you. And when we have more back here from PAX8 Beyond and see you soon.

Holla.