101: The Citrix Session: Help mitigate your organization’s cybersecurity risks – Part 1

Mar 3, 2022

Cybersecurity can often seem to present impossible challenges as organizations strive to repel attack attempts. But, really, cybersecurity’s is about risk management — layering on controls to reduce risk to an acceptable level.

Cybersecurity risk management requires a multi-faceted approach, and organizations should evaluate risk and choose the appropriate option(s) to address it. After a thorough risk assessment, the organization can choose to:

  • Accept the risk: Organizations can acknowledge the risk and choose not to resolve, transfer, or mitigate it if it is not feasible.
  • Avoid or eliminate the risk: This option may involve elimination of the risky service or feature to remove the risk from the equation.
  • Mitigate the risk: This option is where technical and administrative controls are implemented to reduce the likelihood or impact of risk.
  • Transfer the risk: This option assigns or moves the risk to a third-party via cyber liability insurance.

Host: Andy Whiteside
Co-host: Bill Sutton
Co-host: Ben Rogers

WEBVTT

1
00:00:02.520 –> 00:00:11.790
Andy Whiteside: hi everyone and welcome to episode 101 of the citrix session i’m your host Andy whites i’ve got bill Sutton with me from integrity.

2
00:00:12.210 –> 00:00:21.210
Andy Whiteside: leader delivery services here and I got the been roger’s from citrix on with me, then you missed the i’m saying this tongue in cheek you missed the 100th episode Party last week.

3
00:00:24.330 –> 00:00:34.470
Ben Rogers: Well, good thing we had Presidents day off, and I was in charleston South Carolina with my sister, so I had to miss it I could have been in a better place than this.

4
00:00:34.680 –> 00:00:38.880
Andy Whiteside: You shouldn’t you should watch the video bill had like a party hat on and he was clean.

5
00:00:40.140 –> 00:00:40.830
Andy Whiteside: You wouldn’t believe it.

6
00:00:41.310 –> 00:00:42.210
Oh.

7
00:00:43.410 –> 00:00:44.730
Bill Sutton: And if you believe that.

8
00:00:45.120 –> 00:00:47.700
Bill Sutton: i’ve got a bridge in New York, I can sell you a.

9
00:00:49.800 –> 00:00:52.110
Andy Whiteside: bridge in New York um.

10
00:00:53.220 –> 00:01:02.250
Andy Whiteside: Well, I think he does kind of highlight the point that you know we’re mostly consultants engineers on this call and we’re here to provide good content and.

11
00:01:03.030 –> 00:01:08.670
Andy Whiteside: i’m you know, had I had I taken the time to get the marketing people involved with done a much bigger.

12
00:01:09.540 –> 00:01:24.930
Andy Whiteside: Announcement around the 100 episode we to recap the first 100 but that’s not we do here, we talked about content and that’s what we’re gonna do today so with that i’ll jump into today’s blog me share my screen, so you guys can see what i’m talking about.

13
00:01:26.010 –> 00:01:32.550
Andy Whiteside: The blog that we’re covering is from Florian large zucca that you say, have been you know.

14
00:01:33.000 –> 00:01:33.810
Ben Rogers: I do not know.

15
00:01:34.350 –> 00:01:38.460
Andy Whiteside: i’ve met for him, but multiple times but i’ve never actually stopped to pronounce his last name that I know of.

16
00:01:38.970 –> 00:01:49.410
Andy Whiteside: The title of this is help help mitigate your organization’s cyber security risks, this is from a few weeks ago and I can’t think of a more appropriate topic.

17
00:01:50.130 –> 00:01:59.580
Andy Whiteside: Especially when it comes to the general idea of cyber security and to be quite specific citrix I was at a conference last week and I challenged this individual.

18
00:02:00.270 –> 00:02:04.830
Andy Whiteside: As to whether delivering what I just said, I said is citrix a security company and.

19
00:02:05.340 –> 00:02:14.010
Andy Whiteside: You know they kind of talked around and talked around it and ultimately came up with, yes, but they didn’t really know why they said yes, and I think part of this conversation today is going to highlight.

20
00:02:14.520 –> 00:02:27.570
Andy Whiteside: Why, even though citrix may not run around telling you their security company the concepts and principles behind this from day one, have a lot of security benefits to them and have expanded over the last five years for sure, and even more.

21
00:02:29.490 –> 00:02:37.950
Andy Whiteside: For me, if I can turn off printing inside my protocol and securely allow you to access that workload and not print man that’s a security play and that’s been around for a long time.

22
00:02:39.150 –> 00:02:47.280
Ben Rogers: So at this this article kind of has a special place in my heart, because if Pam Saunders is listening, my old boss.

23
00:02:47.910 –> 00:02:55.530
Ben Rogers: once a year, we would have to go through and do our annual risk assessment and a lot of what this says here in the middle, here, about how you.

24
00:02:55.950 –> 00:03:01.800
Ben Rogers: handle risk, you know, risk assessment and about eliminating risk it’s more about you know, do you deal with it.

25
00:03:02.160 –> 00:03:09.000
Ben Rogers: Or do you try to avoid it or do you mitigate it or, more importantly, he tried to transfer that off to another party.

26
00:03:09.420 –> 00:03:17.400
Ben Rogers: But these risk assessments I don’t care what industry you’re in or what part of it or administration that you’re involved in.

27
00:03:17.670 –> 00:03:28.080
Ben Rogers: You need to be doing these things inside of your company, because this is really going to tell you, you know one how adverse to risk is your organization and risk is just not computer wrist.

28
00:03:28.410 –> 00:03:37.080
Ben Rogers: wrist could be man i’ll give you an example, I had a healthcare, I had a health care scare in my family that happens with a you know, a family member of mine.

29
00:03:37.440 –> 00:03:46.770
Ben Rogers: And it put their business, it really is because this person was some of the only his job he was the only one that was doing, and so we very quickly realized that.

30
00:03:47.070 –> 00:03:52.260
Ben Rogers: This person is not here, these things don’t happen, and so, those are the sorts of things to get.

31
00:03:52.590 –> 00:04:02.190
Ben Rogers: identified and a risk assessment and an it a risk assessment, but also a risk assessment as a company as to what this is really looking at what is the risk health.

32
00:04:02.460 –> 00:04:18.540
Ben Rogers: of your organization and what risk, are you willing to accept can’t do anything about it but you’re willing to accept it and what risk, are you willing to mitigate there’s $1 cost with this, so I have done a lot of these in my past experience, but probably some of the most.

33
00:04:19.830 –> 00:04:23.340
Ben Rogers: Intense but helpful things in an organization can do.

34
00:04:24.000 –> 00:04:32.430
Andy Whiteside: Well, you may have come in a minute ago you can choose to ignore it, I think you’re not saying that but you saying, some people do know you can’t he just can’t.

35
00:04:33.960 –> 00:04:41.490
Ben Rogers: it’s part of the risk strategy that I mean some of the things you might go this risk is out there, but there might be very little that I can do about it or.

36
00:04:41.820 –> 00:04:55.830
Ben Rogers: What happens, sometimes is the cost to mitigate, it is not worth the ramification and if it was to happen, you know what’s the saying why are you gonna spend five cents to protect the one cent asset yeah.

37
00:04:56.370 –> 00:04:58.020
Andy Whiteside: i’ve never heard that, but it makes less sense.

38
00:05:00.660 –> 00:05:08.370
Andy Whiteside: yeah I know that says a lot of your background I know this part of big part of bills logic to being.

39
00:05:09.210 –> 00:05:24.180
Andy Whiteside: Experienced citrus guy and understanding, my comment just now around turning off the print the ability to print or download files and that’s huge if you can only if you can only stick your head through the front door, not your whole body and go get what you need that’s massive mitigation.

40
00:05:24.240 –> 00:05:31.680
Bill Sutton: Right there’s only is it to ben’s point I think the the four categories, a list here, except avoid mitigate transfer.

41
00:05:32.400 –> 00:05:43.320
Bill Sutton: It depends on the risk some you may mitigate some you may transfer I don’t think anybody’s in the business of transferring it all to an insurance company, because then you’re you know, then obviously you’re you’re not really doing much and you’re.

42
00:05:44.490 –> 00:05:53.940
Bill Sutton: Basically, planning on on invoking the insurance in the event that there’s a breach and that’s not up I don’t think a smart strategy.

43
00:05:54.240 –> 00:05:55.920
Andy Whiteside: But it, but it is a strategy i’ll give you one is a.

44
00:05:55.920 –> 00:06:02.010
Andy Whiteside: strategy, you want a real life right so bill your kids don’t drive you right then your kids don’t your your youngest kid don’t drive.

45
00:06:02.130 –> 00:06:03.300
Ben Rogers: I wonder, does that.

46
00:06:03.960 –> 00:06:11.730
Andy Whiteside: yeah, but when they turn 16 you have a choice you can teach them everything proper about defensive driving and not drinking and driving and doing all the right things.

47
00:06:11.940 –> 00:06:19.170
Andy Whiteside: But in the day bill they’re going to send you aside whatever class you go to hopefully and they’re going to tell you go get go get liability insurance beyond go get.

48
00:06:19.740 –> 00:06:28.050
Andy Whiteside: You know umbrella policies everything, because you know that’s, the only way you’re going to transfer the risk that you can’t control.

49
00:06:28.110 –> 00:06:35.430
Bill Sutton: To some that’s right we already have it because we put a big swing set in the backyard several years ago, many years ago when they were younger and they had friends over.

50
00:06:35.910 –> 00:06:43.290
Bill Sutton: And I thought you know some friend falls breaks a leg I need to make sure I have covered in case that I get in case I get sued or something so.

51
00:06:43.860 –> 00:06:53.070
Bill Sutton: already have the umbrella policy, but the point is you’re right you’re absolutely right, it was all about you know basically transferring that risk to someone else in the event that occurred, even though it was unlikely.

52
00:06:53.340 –> 00:07:01.770
Andy Whiteside: The ultimate risk like you still have some responsibility yeah you’re always going to feel bad it kid breaks his leg in your backyard, but any other day man, the financial, which is what this comes down to.

53
00:07:02.070 –> 00:07:15.360
Andy Whiteside: that’s right gotta go somewhere yeah alright so bill cover these real quick any additional things we want to talk about the four different general areas of acceptance avoidance mitigation transfer.

54
00:07:15.780 –> 00:07:27.930
Bill Sutton: No, not really I mean that covers at all, or for the most part, and then they talk about the benefits of cyber cyber security insurance or at least what they cover you know breaches identity recovery, etc.

55
00:07:29.310 –> 00:07:36.450
Andy Whiteside: yeah and I think this is interesting, too, because I just called my personal policy umbrella, which in my head at least says it covers everything.

56
00:07:37.110 –> 00:07:43.500
Andy Whiteside: Things not listed is that what this is covers everything, or does it clearly define these things, and the rest of that stuff they’re not taking the risk for.

57
00:07:43.560 –> 00:07:46.620
Bill Sutton: yeah most of most companies are going to have general liability insurance.

58
00:07:47.430 –> 00:07:57.270
Bill Sutton: But general liability insurance doesn’t no longer covers cyber security issues, so you have to get cybersecurity insurance to cover those types of issues, the ones that they list here for the most part.

59
00:07:58.260 –> 00:08:05.190
Bill Sutton: So general liability would cover, you know that somebody getting hurt on your premises, or something along those lines and cyber security is more targeted at just what it.

60
00:08:05.700 –> 00:08:13.920
Bill Sutton: implies, which is it breaches and identity recovery and and you know, extortion from a ransomware attack and so forth yeah.

61
00:08:15.270 –> 00:08:21.180
Andy Whiteside: What and i’m not going to go down this topic at all, but i’m literally while we’re talking about i’ve got i’ve got a secure document I shared with somebody who.

62
00:08:21.570 –> 00:08:29.910
Andy Whiteside: is going to be doing security vdi security audits, for us, and it prompted me to go think and find out what the status of that and I shared it online, so I know they’re editing it real time online.

63
00:08:30.270 –> 00:08:46.950
Andy Whiteside: i’ve got the benefit of workspace technologies case citrix workspace technology, where I can go search in one place for that document, find it so I get I get cyber security avoidance and and those things we’re going to talk about here, while also getting convenience, if you do it right.

64
00:08:46.980 –> 00:08:48.090
Andy Whiteside: it’s powerful.

65
00:08:49.740 –> 00:08:59.610
Andy Whiteside: All right, ah, so the first section here is about multi factor authentication i’m going to jump in front of this one, though, and have you guys been i’ll let you jump in on this.

66
00:09:00.780 –> 00:09:10.980
Andy Whiteside: single identity not not single sign on but single identity we’re having this conversation our morning management meeting about how important it is to limit the number of ids that you’re carrying out there, so you don’t have as many.

67
00:09:11.850 –> 00:09:15.720
Andy Whiteside: Policies personal problem you don’t have as many things to manage in terms of password.

68
00:09:16.290 –> 00:09:30.180
Andy Whiteside: related challenges and rules and profiles, but let’s put identity in front of multifactor real quick before we talk about multifactor so been identity, a single identity management, how important in that, and how real is that today.

69
00:09:31.380 –> 00:09:44.040
Ben Rogers: Well, I mean, so I i’ll answer your question with a little bit of a challenge if you can get down the single identity, good luck for me it’s down to corporate identity or work identity and home, I did.

70
00:09:44.550 –> 00:09:53.520
Ben Rogers: And like where I came from healthcare, I had some doctors and physicians and administration that wanted to merge those two they wanted to have their.

71
00:09:53.820 –> 00:09:58.650
Ben Rogers: Business identity merged in with their personal identity and it just wasn’t a good idea.

72
00:09:58.950 –> 00:10:07.980
Ben Rogers: Because different people need access to that so single identity, I think gotta be I think you’re gonna have to break it down you’re going to have one identity for your personal environment.

73
00:10:08.280 –> 00:10:12.930
Ben Rogers: Your personal you know dealing with your family dealing with kids scheduling and all that you have another.

74
00:10:13.230 –> 00:10:21.060
Ben Rogers: Identity that’s for work that’s going to be separate and the reason for that is is that you don’t want to intermingle those and, in some cases, you.

75
00:10:21.450 –> 00:10:27.330
Ben Rogers: might have some people from outside the organization that want to get in and look at your personal side.

76
00:10:27.780 –> 00:10:37.560
Ben Rogers: But if it’s mixed and that’s just not possible so i’m a big fan of separate identities for work in for personal and then for work man it’s it’s you know least access, what does what does this.

77
00:10:37.890 –> 00:10:45.000
Ben Rogers: person need and what’s the least amount of access, can we give them to ensure what they have now, I will say.

78
00:10:45.360 –> 00:10:57.150
Ben Rogers: One comment on Cyber insurance cyber insurance companies just don’t give you cyber insurance part of this article is talking about the audit that’s going to come along with this so like where I was at.

79
00:10:57.570 –> 00:11:07.560
Ben Rogers: For we had to apply for cyber insurance and so sure enough man, we apply for it next thing we know is auditors in our space going.

80
00:11:07.770 –> 00:11:13.530
Ben Rogers: We want to do all these check boxes, and these are the things are looking at do you have multi authentication.

81
00:11:13.770 –> 00:11:23.760
Ben Rogers: What is the identity of the user is there, multiple identities, you know what I say corporate identity should be one identity, but what if I work with two different organizations, what if I work for my.

82
00:11:24.120 –> 00:11:35.670
Ben Rogers: clinic but my clinics also partner with a hospital i’m forced to have an identity there so single identity, I don’t know man I haven’t achieved that in anywhere that i’ve worked so far.

83
00:11:36.120 –> 00:11:46.920
Andy Whiteside: Well, and that’s that’s true so but, but the okay so single corporate work single work identity is the goal, but the reality is not that that’s a reality right.

84
00:11:48.030 –> 00:11:52.320
Andy Whiteside: we’d all have to agree on one identity right we don’t have to agree on one provider.

85
00:11:54.270 –> 00:12:04.410
Andy Whiteside: To be you got to have somebody’s got to be the single source of truth in that that conversation and that’s never going to happen, but, but the need to have it is a no brainer it’s too limited as much as possible as a no brainer right.

86
00:12:06.300 –> 00:12:17.220
Bill Sutton: yeah we had a we had a security briefing and couple of weeks ago, you might have been on an Andy I don’t know and the person doing the briefing said, you should really only have five known passwords in your life.

87
00:12:18.300 –> 00:12:29.460
Bill Sutton: And that is your work credentials your personal email your apple ID if you have that or android and then I for the life of me I can’t remember the other two, but they were five total but you should you should know.

88
00:12:29.850 –> 00:12:38.430
Bill Sutton: and the rest of them, you should lead to some form of a password manager or something that is using a highly secure cryptic password that can be guest.

89
00:12:41.040 –> 00:12:42.210
Andy Whiteside: starred you say pass phrase.

90
00:12:42.420 –> 00:12:44.250
Bill Sutton: Pass phrase that’s what I meant to say sorry.

91
00:12:45.510 –> 00:12:47.400
Andy Whiteside: You know at that and I.

92
00:12:48.420 –> 00:12:52.290
Andy Whiteside: Am a huge fan the pass phrase is first of all I can’t remember complex passwords yeah.

93
00:12:52.680 –> 00:12:58.710
Andy Whiteside: yeah you get one side that’s got a allows you to have a special character and one side that doesn’t allow you have a certain special character and and.

94
00:12:59.490 –> 00:13:14.340
Andy Whiteside: And and it’s amazing the ones, he talked about the you know, protect a penny with five cents, or whatever I forget the exact statement i’ve got one like my time share login it’s the most difficult password I have for my time here my banks easier than that one.

95
00:13:17.430 –> 00:13:25.860
Andy Whiteside: All right, let’s go move on to the first real section to have here, which is we’re going to talk about the requirement, the citrus capability and the technology, the product citrix has.

96
00:13:26.250 –> 00:13:31.620
Andy Whiteside: It will let you handle this one multi factor authentication help us see what the Florida is covered here.

97
00:13:33.900 –> 00:13:40.140
Ben Rogers: Well it’s cool what’s cool about this is, we can do it out of the box without third party or we can hinge and the third party.

98
00:13:40.830 –> 00:13:47.520
Ben Rogers: Like October, or something like that so man from the from the cloud perspective from our workspace infrastructure perspective.

99
00:13:47.880 –> 00:14:01.020
Ben Rogers: We can make this really easy for you, I mean this is essentially a radio box and if you’re doing something like okta you know, an IP an API marriage, but uh I mean men.

100
00:14:02.190 –> 00:14:10.650
Ben Rogers: Multi factor authentication if organizations haven’t done this, yet this is really probably one of the most important things you could do to secure environment.

101
00:14:10.980 –> 00:14:20.190
Ben Rogers: Making somebody has something other than a password to get in is probably one of the most important things any organization can do, because that password is susceptible.

102
00:14:22.920 –> 00:14:37.860
Andy Whiteside: So to bend the idea that some companies, used to say they couldn’t afford to do this, in other words by the technology if you’re a citrix shop you’ve got it, it may not be your it may not be the end all be all but you’ve got it it’s ready to be turned on no excuse yep yep.

103
00:14:37.950 –> 00:14:42.450
Ben Rogers: And I would have to challenge people I think today you can’t afford not.

104
00:14:43.140 –> 00:14:49.950
Bill Sutton: yeah yeah I would agree with that a lot of the when we talked about cybersecurity insurance, a lot of the cyber security folks on renewal.

105
00:14:50.580 –> 00:14:59.040
Bill Sutton: they’re asking the questions Ben of customers are you do you require MFA for authentication into your systems do you require MFA for access to email.

106
00:14:59.400 –> 00:15:13.200
Bill Sutton: and customers that have not historically had it we’ve had a lot of customers come to us and say I need to enable MFA for this or I need to enable MFA for that they’ve never really approached it before and a lot of it has to do with with their insurance company policies driving this.

107
00:15:13.530 –> 00:15:17.190
Andy Whiteside: Well, and that’s awesome that well it’s unfortunate that it takes the.

108
00:15:17.280 –> 00:15:17.940
Bill Sutton: Ad is.

109
00:15:18.420 –> 00:15:21.870
Andy Whiteside: guys to do it, but hey I don’t care as long as somebody is making you do at some point right.

110
00:15:22.020 –> 00:15:22.740
Bill Sutton: it’s important.

111
00:15:23.340 –> 00:15:26.580
Andy Whiteside: You know, you would never you would have eaten vegetables as a kid at your mom not forced you to.

112
00:15:28.440 –> 00:15:30.390
Andy Whiteside: Sorry first one came to my mind.

113
00:15:31.470 –> 00:15:36.870
Andy Whiteside: Alright, so let’s tie this to a product and maybe you guys already did but citrix secure private access.

114
00:15:37.170 –> 00:15:48.000
Andy Whiteside: I mean if you’re listening to this podcast it’s obviously because you sell citrix you implement citrix you mean it’s citrix what is the product, and how does that show up in citrix secure private access.

115
00:15:50.130 –> 00:15:57.270
Ben Rogers: Well, secure private access is going to give you access to the cloud infrastructure and then in the cloud infrastructure you’re going to have in there.

116
00:15:57.630 –> 00:16:02.880
Ben Rogers: The workspace configuration the workspace platform configuration and that’s where you’re going to see.

117
00:16:03.270 –> 00:16:16.410
Ben Rogers: You know what type of MFA do you want to do, who are you I, who is your ID provider, how are you doing your ID your authentication So these are, these are all the things that are built in very easy I think it’s.

118
00:16:17.130 –> 00:16:26.490
Ben Rogers: i’m not looking at the screen and bill and keep me honest here left mouse hamburger go down authentication I think that’s where all this magic starts to happen in there.

119
00:16:29.730 –> 00:16:34.380
Bill Sutton: yeah that’s right he’s in citrix cloud is part of the Platform, but I mean what it does it’s.

120
00:16:34.380 –> 00:16:40.950
Bill Sutton: Basically, a form of zero trust the citrix secure private access it’s their zero trust network access solution.

121
00:16:42.000 –> 00:16:52.860
Bill Sutton: That has a lot of things in it around you know adaptive authentication browser isolation things like that, when the user leverages that technology and obviously MFA can be a part of that it shouldn’t be a part of that.

122
00:16:57.060 –> 00:17:12.090
Andy Whiteside: Right, so the next section talks about in point detection and response bill that you jump in on this one i’m sure it comes up in the projects you guys are doing and probably has a lot to do with your lineage in the end point detection and response.

123
00:17:12.420 –> 00:17:20.010
Bill Sutton: yeah I mean this this we’re seeing a lot more of this obviously with various multiple providers that are This is like next generation antivirus.

124
00:17:20.910 –> 00:17:36.150
Bill Sutton: it’s basically designed to to run on the endpoint and contain malware you know where it detects malware or strange behavior and then logs that somewhere in someone’s notified and.

125
00:17:36.900 –> 00:17:49.440
Bill Sutton: that’s fundamentally, what it is, is really like in the newest the new the antivirus for the newest the newest exploit, so the newest malware products that are folks are trying to use to target endpoints and servers.

126
00:17:50.250 –> 00:17:55.890
Andy Whiteside: So So for me, this is what we historically I when I used to be a SIS admin used to try to do for ourselves.

127
00:17:56.190 –> 00:18:03.240
Andy Whiteside: We just be able to look out for things going wrong or things going inappropriate and respond to this now.

128
00:18:03.750 –> 00:18:12.780
Andy Whiteside: I was horrible at it and luckily I worked at a time when all you did was have antivirus and I get alerts and I give figure out what what what why the alert was bogus more often than not.

129
00:18:13.380 –> 00:18:19.530
Andy Whiteside: I don’t know that I ever actually solved any of these now it’s a point where you want something looking real time all the time.

130
00:18:20.010 –> 00:18:31.740
Andy Whiteside: To point out anomalies and, in my personal opinion, you should have a third party doing that for you, because you know the fox guarding the hen House may not always get you the right, the right answers.

131
00:18:33.480 –> 00:18:34.050
Bill Sutton: Absolutely.

132
00:18:34.260 –> 00:18:36.390
Andy Whiteside: But the acronym ED are.

133
00:18:37.650 –> 00:18:42.300
Andy Whiteside: We hear md or means detection and response and recently I heard somebody say X Dr like.

134
00:18:43.380 –> 00:18:54.420
Andy Whiteside: X detection and response, so no matter what it is whether it’s network, whether it’s in points, whether it’s mobile devices, whether it’s servers it’s really potentially coming from everywhere right.

135
00:18:54.840 –> 00:18:56.220
Bill Sutton: Absolutely, it is now.

136
00:18:57.930 –> 00:18:58.890
Andy Whiteside: So I have a question.

137
00:19:01.050 –> 00:19:15.450
Andy Whiteside: Well Ben you were gonna say something, and I want to ask you about the you and bill both about the protocol and how your traditional players can begin to us and be in DR if they can’t see the protocol go ahead and so.

138
00:19:15.480 –> 00:19:21.360
Ben Rogers: What I what I think’s most interesting about this particular section is when you look at the citrix technology.

139
00:19:21.780 –> 00:19:23.910
Ben Rogers: it’s not it’s not just one.

140
00:19:24.180 –> 00:19:29.700
Ben Rogers: Technology set it’s a layered set so they talked about secure private access for getting users in.

141
00:19:30.120 –> 00:19:42.360
Ben Rogers: Isolating applications isolating desktops from the users isolating user itself from the network, but then you see secure internet access and really what that has to do with is evaluating what’s going out now.

142
00:19:42.840 –> 00:19:52.440
Ben Rogers: What are the users doing or are we always scanning their Internet traffic always scanning their outbound traffic, making sure that we’re cocooning things that we don’t want let out the environment.

143
00:19:53.340 –> 00:19:58.920
Ben Rogers: Are we allowing things that we do on our the environment so again it’s becoming a layered approach and then you.

144
00:19:59.250 –> 00:20:08.760
Ben Rogers: see this last piece with the adc you know, bringing some of this adc goodness into the cloud and really what that’s getting into is you know the end factor.

145
00:20:09.150 –> 00:20:23.220
Ben Rogers: Can we check the endpoint can we make sure the endpoint has certain parameters on it that make it where it’s allowed into our data Center So when I look at in point detection and response I don’t think of one products that I think of a.

146
00:20:23.220 –> 00:20:27.690
Ben Rogers: layered approach that are working together to kind of give me a holistic view.

147
00:20:28.290 –> 00:20:33.450
Ben Rogers: And, hopefully with that that will keep down some of the false positives that you were talking about me but.

148
00:20:33.840 –> 00:20:38.850
Ben Rogers: One product said I don’t think it’s going to get it for you, I think you’re gonna have to do a layer to production, I think.

149
00:20:39.090 –> 00:20:46.290
Ben Rogers: You kind of brought up a really good reason for layered approach Defense you don’t want the fox guarding the hen house that doesn’t do any good so.

150
00:20:46.590 –> 00:20:55.980
Ben Rogers: Multiple products across this multiplies doing different things, taking different taking on different challenges with different product sets.

151
00:20:57.810 –> 00:21:02.880
Andy Whiteside: So if i’m a competitor city or something you want, one that does it all you want some third party does it all.

152
00:21:03.750 –> 00:21:13.020
Andy Whiteside: That can’t be maybe the third party that’s a bunch of tools might be part of the answer, but one product like historically thought we could use to do with all this is it’s just not realistic, is it no.

153
00:21:14.520 –> 00:21:22.800
Bill Sutton: Not with one tool, not anymore like two events point you really need a layered approach here and he’s right that’s a within multiple products that cover this.

154
00:21:24.150 –> 00:21:30.150
Bill Sutton: That that’s really what’s needed in bd ours one piece of the solution, but not the complete peace.

155
00:21:31.380 –> 00:21:38.940
Andy Whiteside: Alright, so let me challenge the people who tell me all the time that we can they can do it with one product that they can do it with their multiple set of products doing it for you.

156
00:21:39.660 –> 00:21:46.380
Andy Whiteside: If i’m building a citrix environment, is it not true that i’m letting users come in securely hopefully they’ve been challenged.

157
00:21:46.590 –> 00:21:59.580
Andy Whiteside: into my environment in this encrypted protocol that most things can’t see into and i’m putting them back behind the curtain to do what they’re doing and I may have bypassed a lot of those traditional ways of trust, but verify.

158
00:22:03.090 –> 00:22:13.080
Ben Rogers: I think i’m a i’m a mega person will come here, this is not a you know citrix comment or is INTEGRA comment I think cloud applications.

159
00:22:14.310 –> 00:22:26.850
Ben Rogers: cloud that a little bit or make that a little bit ambiguous because, how do you really stop the user from going directly to the cloud vendor unless you work with the cloud vendor and say only these IP addresses can get to you.

160
00:22:27.900 –> 00:22:33.510
Ben Rogers: I think that makes it where the endpoint does become a little bit more vulnerable because now.

161
00:22:34.170 –> 00:22:44.700
Ben Rogers: you’re you know you’re doing multiple things in multiple places the day of them launching the vpn and just come into our corporate environment are gone they might have to go to work day they might have to go to.

162
00:22:45.570 –> 00:22:56.070
Ben Rogers: You know man, whatever the payroll is so you’re asking the users to go to more places and i’m not convinced that organizations have got all that locked down and like they need to.

163
00:22:56.670 –> 00:22:58.350
Andy Whiteside: So then you’re talking about.

164
00:23:00.120 –> 00:23:11.700
Andy Whiteside: Transfer risk because now you’re using cloud services but you’re still one portion of that equation is your end user your endpoint device accessing cloud services, you still want to be able to see what’s going on.

165
00:23:12.120 –> 00:23:24.930
Ben Rogers: Well, also the second a step further, is accessing cloud services, but it also might be accessing corporate services, you know, so the machine might be, you know going to different directions, but the machines, now the vulnerable point.

166
00:23:25.350 –> 00:23:34.080
Ben Rogers: So, again, I mean I think that’s one thing that when we talk to people about cloud applications they go out and understand where six is placing here.

167
00:23:34.230 –> 00:23:41.100
Ben Rogers: it’s more of you know let’s make sure that your endpoint is talking to a single identity, so that you can only have that one.

168
00:23:41.460 –> 00:23:45.690
Ben Rogers: One place to worry about you know you’re not opening up all these different.

169
00:23:46.080 –> 00:23:51.210
Ben Rogers: tree limbs and you’re going to all these different places don’t make the endpoint the access point.

170
00:23:51.510 –> 00:24:04.830
Ben Rogers: Have that sitting beside a platform like citrix works face where you then can manage it, but also, you can secure it and ensure that the endpoint you’re working with is only talking to that one data Center or one beta service right.

171
00:24:06.390 –> 00:24:21.930
Andy Whiteside: All right, let’s uh next is a what I have called a Sim tool so security information event management tool, a lot of people, especially those that maybe necessarily or not, I guess, maybe focused on their own thing they’re focused on the tool, not a solution.

172
00:24:23.370 –> 00:24:26.430
Andy Whiteside: A lot of people are talking about sims these days bill, you want to jump in on this one.

173
00:24:26.790 –> 00:24:35.580
Bill Sutton: yeah I mean Sim this kind of plays into what we were talking about before the the previous category of the previous topic which is ED are the Dr systems can report into the Sim.

174
00:24:36.120 –> 00:24:39.870
Bill Sutton: And then, if you’ve got to manage them, which I think they might talk about later.

175
00:24:40.680 –> 00:24:46.890
Bill Sutton: Then you’ve got like you said that external party reviewing what’s coming in and and and make taking action as needed.

176
00:24:47.460 –> 00:24:52.020
Bill Sutton: or addressing issues as they come through and then, when you look at the citrix product set for this.

177
00:24:52.590 –> 00:24:56.190
Bill Sutton: you’ve got the analytics piece in addition to the other piece, the ability to.

178
00:24:56.550 –> 00:25:08.580
Bill Sutton: To leverage the analytics for adaptive off, that is, the user logs in Monday, Tuesday and Wednesday from Richmond Virginia and then all of a sudden Wednesday night or Thursday morning early there a lot of they’re logging in from Russia or somewhere like that.

179
00:25:10.110 –> 00:25:21.870
Bill Sutton: The analytics piece for security can help can help you know question that login or even deny that login so that coupled with ADR gives them, you know visibility, as well as control.

180
00:25:24.240 –> 00:25:35.670
Andy Whiteside: So bill whether you’re doing or somehow Somebody needs to have a sense of my needs to have one place to go find all this stuff or maybe to look at things as well as to put artificial intelligence into.

181
00:25:36.060 –> 00:25:38.340
Bill Sutton: Yes, absolutely yeah.

182
00:25:38.880 –> 00:25:45.660
Andy Whiteside: So been you know one things we’ll talk about a little bit is your real world example your last organization, did you have when you think was an effective tool.

183
00:25:46.170 –> 00:25:56.880
Ben Rogers: We were getting there, I mean I had bought a Sim tool we you know, implementing a Sim tool is difficult to do, and you know the classic saying is garbage in garbage out.

184
00:25:56.910 –> 00:26:08.490
Ben Rogers: yeah I mean what this tool is really designed for is to cut down the noise and it also once you zero in on events man having some kind of automated remediation of these.

185
00:26:08.970 –> 00:26:19.830
Ben Rogers: A lot of these go in and people get overwhelmed with all the complexity of it and that’s where i’ll pivot to our security for our analytics for security product.

186
00:26:20.970 –> 00:26:30.630
Ben Rogers: It is not a complicated product man and the visibility that gives you in to the ICA sessions what the users are doing and the applications, I mean i’m not trying to sell you.

187
00:26:31.230 –> 00:26:41.910
Ben Rogers: Something but it gives you a lot of information that’s easy to digest nice dashboards and they don’t take a lot of setup so i’m glad citrix has this look here we can feed spoke.

188
00:26:42.840 –> 00:26:46.650
Ben Rogers: You know man security with Microsoft, we can feed those those.

189
00:26:47.550 –> 00:26:55.140
Ben Rogers: systems, but in my past i’ve seen sims you know if you don’t know what you’re doing it can become a lot of jargon really quick, but again garbage.

190
00:26:55.440 –> 00:27:02.970
Ben Rogers: In garbage out if I was looking at companies and they don’t have anything like a slog or they’re not in that business or they don’t have the manpower to maintain that.

191
00:27:03.420 –> 00:27:15.990
Ben Rogers: Looking at our analytics packages really easy applications to look at and learn, and then, once you start learning, you can dive down like and you’ve been given the example of I wish I could stop people from having to print.

192
00:27:16.620 –> 00:27:24.540
Ben Rogers: Well, man with the analytics package you can look at and say hey if these people go to print don’t allow them to print, though, allowing access to printers so.

193
00:27:24.870 –> 00:27:30.780
Ben Rogers: You can do a lot of security and remediation is within the Security analytics package itself so.

194
00:27:31.020 –> 00:27:45.210
Ben Rogers: Again, not trying to sell anybody anything but being around the product set for a while now there’s a lot of goodness, and a lot of value in the analytics applications that can marry with the scene, or in some places, can be a safe zone.

195
00:27:51.360 –> 00:27:54.810
Andy Whiteside: let’s move on to the next section privileged access.

196
00:27:56.070 –> 00:28:05.850
Andy Whiteside: fella start with you on this one I, I can tell you guys probably know this, I have to multitask a little bit doing these podcasts I literally just had to login to my nonprofits.

197
00:28:06.240 –> 00:28:16.770
Andy Whiteside: Online SAS portal to grant a member or user access rights with with single identity but multifactor enabled they forgot their password.

198
00:28:18.300 –> 00:28:28.710
Andy Whiteside: And I had to do that in order to do that had to go into a private incognito browser window and log in as my admin accounts, how many people do you think run around with way more privileges than they do on a daily basis.

199
00:28:29.040 –> 00:28:30.450
Bill Sutton: Oh, goodness it’s yeah.

200
00:28:31.500 –> 00:28:32.010
Bill Sutton: A lot.

201
00:28:33.690 –> 00:28:42.690
Ben Rogers: What is it what is it called we used to have a bad time with this in healthcare, so you know, an employee starts, or at the front desk and they get.

202
00:28:43.440 –> 00:28:51.090
Ben Rogers: They get promoted to another job they got a little bit more responsibility and then they get promoted to another job well next thing you know they’ve got.

203
00:28:51.540 –> 00:29:00.240
Ben Rogers: This as much access as a senior manager just because they’ve had all these roles and we’ve never taken away access we just always give them access, they need that they there’s.

204
00:29:01.020 –> 00:29:13.770
Bill Sutton: yeah it’s the whole employee lifecycle piece that that that you get involved in their onboarding and then as they’re moved around they it’s more additive it’s not it doesn’t really address what is really needed it’s just added.

205
00:29:18.960 –> 00:29:19.710
Andy Whiteside: So how do we.

206
00:29:21.210 –> 00:29:22.200
Andy Whiteside: How do we fix this.

207
00:29:25.380 –> 00:29:26.820
Andy Whiteside: How do we fix this in such a way.

208
00:29:27.900 –> 00:29:37.320
Andy Whiteside: That people still get their job done, knowing that we might have to take time on the front end to figure out what it is they’re accessing appropriately.

209
00:29:40.800 –> 00:29:55.110
Ben Rogers: Well, I think I think one with your identity your authorization identity you gotta be organized and you gotta have you know, like one of the things always tried to do is I tried to have job roles associated with active directory groups azure active directory group so that.

210
00:29:55.530 –> 00:30:00.270
Ben Rogers: I wasn’t dealing with roles individual level, I was dealing with roles at group level.

211
00:30:00.780 –> 00:30:08.160
Ben Rogers: And then the one thing that I I would probably continue to struggle with now is making sure that when employees have changed.

212
00:30:08.700 –> 00:30:21.540
Ben Rogers: You know when they’re moved from one role to another that there’s a way to kind of inventory, what do they need to have and what needs to be taken away if there’s a solution for that man, you probably got lightning in a bottle their marketing.

213
00:30:24.570 –> 00:30:27.450
Andy Whiteside: Well, I will chime in on that solution.

214
00:30:29.010 –> 00:30:35.940
Andy Whiteside: I think we have the tools with analytics assuming that we do what everybody should be doing, which is moving our.

215
00:30:36.390 –> 00:30:43.950
Andy Whiteside: front end of our digital transformation which by the way, never ends always evolving if we move that into a workspace where we can start to capture the analytics.

216
00:30:44.310 –> 00:30:54.900
Andy Whiteside: We have a fighting chance of understanding what people really need to have access to based on what they’re currently accessing and we have artificial intelligence to tell us when they are misusing that access.

217
00:30:55.650 –> 00:31:04.020
Ben Rogers: So let’s talk let’s talk about that, because now you’ve got me thinking you so let’s say let’s take the example of let’s say the front desk person, all of a sudden gets a manager.

218
00:31:05.130 –> 00:31:13.080
Ben Rogers: And we want to clip her from some of the front desk tasks, because they won’t need those anymore, and we now need to add the management tasks.

219
00:31:13.530 –> 00:31:26.130
Ben Rogers: i’m assuming that in analytics I could say if this group uses these applications, let me know and then that might be a way of catching it, I mean is that what you’re thinking.

220
00:31:27.840 –> 00:31:37.320
Andy Whiteside: here’s what i’m thinking, if you can philosophically come up with the logic on what you need to know to make it better through analytics you have a chance to get it done.

221
00:31:38.040 –> 00:31:45.870
Ben Rogers: I agree with that, because you could like in that example there, you could say if a manager uses a bass APP notifies.

222
00:31:46.500 –> 00:32:00.630
Ben Rogers: Because that shouldn’t be the case, and that means that something has slipped they should have they should have been rendered access to that APP when he assumed the management role, so I definitely could see doing something like that I don’t know you’ve got me thinking their.

223
00:32:03.090 –> 00:32:03.420
Andy Whiteside: bill.

224
00:32:04.230 –> 00:32:10.830
Bill Sutton: yeah I mean, I think there are specific tools for this and you know, to try to mitigate the the ability of someone to use.

225
00:32:11.280 –> 00:32:20.730
Bill Sutton: ben’s example of that is it moves into a management role from still having access to their older they’re older account credentials are not credentials, but they’re old they’re older permissions.

226
00:32:21.930 –> 00:32:29.880
Bill Sutton: I don’t you know that there’s a number of multiple ways to solve this but it looks like according to the article, there are tools for this that that are from third parties that can help address it.

227
00:32:30.090 –> 00:32:37.260
Bill Sutton: When I first saw this category, I immediately was thinking of elevated access management that we do sometimes within environments where we can.

228
00:32:37.470 –> 00:32:45.240
Bill Sutton: allow a certain user to have rights elevation to install an APP and then it’s done it’s brought day on after the APP that’s not what they’re referring to here, though obviously.

229
00:32:46.080 –> 00:32:46.410
yeah.

230
00:32:49.680 –> 00:32:54.330
Andy Whiteside: yeah i’m looking at this article I probably should have looked at more brilliant student before we started here and.

231
00:32:54.660 –> 00:33:05.280
Andy Whiteside: we’re not going to get through all this and I don’t want to rush me this is way too good stuff so we’re going to add a part two, to this will get through a couple more sections and then we’ll pause for this time they’ll be this will be a two parter.

232
00:33:07.380 –> 00:33:07.740
Ben Rogers: Right.

233
00:33:08.610 –> 00:33:13.650
Andy Whiteside: yeah so let me play devil’s advocate on this and just be the.

234
00:33:15.630 –> 00:33:18.990
Andy Whiteside: just be the hardcore IT security guy here.

235
00:33:20.040 –> 00:33:30.780
Andy Whiteside: I don’t want to trust, but verify, I just want to go back to the old days of not trusting and if you need it, then you have to request it, and tell me why you need it, am I.

236
00:33:31.890 –> 00:33:40.470
Andy Whiteside: Or is that just too popular three that way these days or am I just go slow down progress and my slowing down progress to do them.

237
00:33:40.710 –> 00:33:50.820
Ben Rogers: I think, things are moving too fast and i’ll think the younger like it used to be, when you used to be acceptable to be on boarded two weeks after you join an organization.

238
00:33:51.270 –> 00:34:07.620
Ben Rogers: I don’t think we’ll dig that anymore, they expect they one how am I log in ready me my Apps, let me start running day once, so I think people’s temperament has gotten shorter where they expect it to be done, faster and, if not it’s just an excuse not a problem right.

239
00:34:08.340 –> 00:34:12.060
Andy Whiteside: And then the becomes excuse why you didn’t do your job right and all of a sudden you’re full of excuses.

240
00:34:12.390 –> 00:34:24.240
Ben Rogers: Right exactly yeah Come on, I am I saying that correctly, I could be being hard about that myself, but I, I think that, like I look at my nephew may works for chase bay.

241
00:34:24.810 –> 00:34:41.490
Ben Rogers: A man he bolted, then he does not want to wait if he’s got new toys that have been new applications are coming down the pipe he wants access it right, then, if not he wonders what’s going on, so I know his temperament short I just stick up for rata society man.

242
00:34:43.980 –> 00:34:50.040
Andy Whiteside: yeah I don’t know if i’ve used this example with you guys on use it with someone else last week, I had a lawyer that worked with when I work with a small business that.

243
00:34:50.850 –> 00:34:56.100
Andy Whiteside: You know kind of got mad at me because his computer was full of garbage and junk and he said, who did this i’m like you did.

244
00:34:56.310 –> 00:34:56.610
It.

245
00:34:58.740 –> 00:35:05.670
Andy Whiteside: you’re the one that you didn’t read this one APP was going to start 18 other Apps you just wanted that APP right now so bad yeah you hit the.

246
00:35:05.730 –> 00:35:07.140
Ben Rogers: I say okay okay okay.

247
00:35:07.650 –> 00:35:08.010
yeah.

248
00:35:09.300 –> 00:35:11.730
Andy Whiteside: that’s a lawyer right no better.

249
00:35:12.750 –> 00:35:13.230
Andy Whiteside: All right.

250
00:35:14.250 –> 00:35:25.230
Andy Whiteside: let’s talk about this one patching Okay, let me make a statement here, so I am a huge citrix fan, and I think citrix as a platform brings a lot of things into the mix.

251
00:35:26.430 –> 00:35:36.240
Andy Whiteside: I think, as a company, you have to buy into a platform or two that kind of sets the direction, but then there’s other things that you add to that platform to round out the edges.

252
00:35:37.200 –> 00:35:48.930
Andy Whiteside: we’re gonna talk about patching now then i’ll let you answer how citrix is a patching solution or where it plays in the patching world and then we’ll then we’ll then i’ll round out the edge on this one.

253
00:35:49.470 –> 00:36:02.160
Ben Rogers: So for me, this is why I bought citrix To begin with, I mean when you came and saw me and Caroline neurosurgery 15 years ago the problem I had was I had an aging fat client environment that I needed to upgrade.

254
00:36:02.850 –> 00:36:15.540
Ben Rogers: And my thought was we would go out by piece teams, we could continue to patch them and you asked, and it was like Why would you want to continue working on 500 plus machines, when you could scale that down to 50.

255
00:36:16.080 –> 00:36:26.430
Ben Rogers: yeah I was like What do you mean and it’s all about this image portability this image management that we have so with citrix we have an image gold image and we make.

256
00:36:26.670 –> 00:36:37.530
Ben Rogers: A template from that and we use that template in our environment and now guess what hundred and 52 how many ever users, you need to have access to that you need to update that you come back.

257
00:36:37.920 –> 00:36:49.080
Ben Rogers: You update that image and guess what now 500 users have it, you don’t have to worry about patching endpoints and the complexity of that remote workstations you don’t even see most of the time.

258
00:36:49.350 –> 00:36:55.020
Ben Rogers: You can just get out of the business of endpoint patching all together with a citrix solution right.

259
00:36:55.860 –> 00:36:58.680
Andy Whiteside: And I want to take that one step further in a second but bill good.

260
00:37:00.960 –> 00:37:11.070
Bill Sutton: Like the easiest way for me to respond with say ditto, but I think you know Ben hit it right on the hand The other thing about it is obviously the ability to do a one to many type of relationship.

261
00:37:11.580 –> 00:37:18.210
Bill Sutton: where you can patch the the master image it also applies to the applications as well, not just the os.

262
00:37:19.230 –> 00:37:25.470
Bill Sutton: Obviously you know our ability to deliver applications from one image, or you know, maybe two images in a large organization or more.

263
00:37:26.340 –> 00:37:34.440
Bill Sutton: that’s one place, we have to update those Apps we’re not having to worry about pushing them out to endpoints and those endpoints have enough os that can be patched or can be updated.

264
00:37:35.370 –> 00:37:44.490
Bill Sutton: You know, really gives you the the advantage of being able to manage it in a single place in a controlled way where you can do testing and and you know testing and.

265
00:37:44.850 –> 00:37:51.420
Bill Sutton: validation of any of the updates before they get pushed up to 300 machines and then you find out there’s a patch that breaks something.

266
00:37:52.620 –> 00:38:01.350
Andy Whiteside: And will steal the citrix virtual APP and desktop topic for a minute, what was the what was the tool that came along that made it a no brainer to be able to have that single image management.

267
00:38:02.220 –> 00:38:04.830
Bill Sutton: And the original tool was provisioning services so.

268
00:38:05.400 –> 00:38:09.570
Andy Whiteside: that’s it right when we got PDS that madness went away.

269
00:38:09.780 –> 00:38:10.230
Bill Sutton: yeah but.

270
00:38:10.350 –> 00:38:17.310
Bill Sutton: Before PBS we were doing this, perhaps and scripts and things to you know, to get them ready and get them or clothing or calling with.

271
00:38:18.030 –> 00:38:28.500
Bill Sutton: With you know automatic updates or what have you, it was a real bear I can remember doing in a healthcare organization plates spinning 50 servers every quarter just to make sure they were all the same.

272
00:38:28.800 –> 00:38:29.250
Bill Sutton: So, but.

273
00:38:29.490 –> 00:38:36.990
Andy Whiteside: But I wanna I want to challenge that a little bit so if i’m an organization i’ve got 1000 vdi users they’re all have a single image or two that’s great.

274
00:38:37.500 –> 00:38:48.570
Andy Whiteside: But what if I had 1000 users and they all had a persistence one to one image, but those all all those images are in the data Center whack and see and I can know what’s going on with them.

275
00:38:48.990 –> 00:38:58.950
Andy Whiteside: that’s that’s still a win that a lot of people look straight over whenever they start talking about going to go into vdi or some type of virtual APP and desktop model.

276
00:38:59.310 –> 00:39:08.460
Andy Whiteside: just getting those things centralized and backed up and knowing that they’re passing their got to where you put your hands on them that’s better than what you have if you got a bunch of PCs and laptops running around.

277
00:39:08.790 –> 00:39:18.180
Bill Sutton: don’t disagree, I mean the challenge with that, obviously, is you’re consuming a lot more storage you’ve got to manage each one of those individually using some sort of patching tool but to your point.

278
00:39:18.690 –> 00:39:24.060
Bill Sutton: Particularly from a security perspective and a uniformity perspective they’re all in the data Center yeah.

279
00:39:25.590 –> 00:39:30.060
Andy Whiteside: I can count my chickens, at the end of every day and I tell you I lost it that day or not yeah.

280
00:39:30.330 –> 00:39:40.740
Ben Rogers: So let’s take let’s take this a step further, and I know some of this is coming out later in the year, but you know we were talking about image management, but then we also have to talk about image portability.

281
00:39:41.700 –> 00:39:47.220
Ben Rogers: Things that customer or struggle with when they say okay i’ve got to get the cloud.

282
00:39:47.700 –> 00:39:55.290
Ben Rogers: Is they don’t have time to rebuild their environment, they need to take their environment they’re running in a day get out the cloud.

283
00:39:55.590 –> 00:40:01.620
Ben Rogers: Man our image portability this coming down the pipes going to make that much easier and some people go What do you mean with image portability.

284
00:40:02.040 –> 00:40:09.180
Ben Rogers: You could be running on an old Prem vmware system and now you’ve got to get that out to azure and that’s going to have different specs on the beach.

285
00:40:10.080 –> 00:40:12.330
Ben Rogers: we’re going to be able to help you with that we’re going to be able to make those.

286
00:40:12.810 –> 00:40:18.030
Ben Rogers: Software hardware changes, you know there’s salt hardware devices that are in that vm.

287
00:40:18.390 –> 00:40:25.380
Ben Rogers: we’re going to be able to help you out with that, where you can take your on Prem images and get them out to a public cloud environment.

288
00:40:25.680 –> 00:40:36.060
Ben Rogers: called an image portability, but I think that goes into play with patching how easy, is it to get your information from one point to another and maintain it once it’s there no.

289
00:40:37.770 –> 00:40:46.680
Andy Whiteside: Yes, starting with the idea that, if we get these things into workspaces and clouds we can get analytics but I particularly use the word clouds not cloud.

290
00:40:47.640 –> 00:41:04.680
Andy Whiteside: Because a lot of stuff falls apart, if you don’t have the ability to take it with you into multiple clouds clouds can be your data Center to be integrity data Center it could be, as your aws G CP IBM, you name it that image portability story just gets better and better.

291
00:41:08.010 –> 00:41:19.920
Andy Whiteside: Alright, so the citrix technologies that apply citrix virtual APP and desktop bill, how does citrix adc What does all people call application delivery controller or Netscape or How does that play into this patching story.

292
00:41:21.570 –> 00:41:30.210
Bill Sutton: Well, you know it enables the access to the virtual desktops for one you know you still have to patch the ABC itself.

293
00:41:30.690 –> 00:41:43.680
Bill Sutton: But you know the the fact that you’re you can leverage ABC to scan the endpoint to determine whether it’s appropriately patched up to determine whether or not it’s got the right er or FDR FDR on it and running.

294
00:41:44.040 –> 00:41:52.260
Bill Sutton: that’s those are definitely some of the advantages that the ABC brings to bear for this and you can actually, as we know, you can leverage the adc to say Okay, do you have the.

295
00:41:52.590 –> 00:42:00.720
Bill Sutton: correct version of your your you know ADR product running at the right, the right level, and if you do, you get full access, if you don’t.

296
00:42:01.530 –> 00:42:04.230
Bill Sutton: get access, but only to a single APP and you can’t do anything but.

297
00:42:04.290 –> 00:42:08.610
Bill Sutton: But access the APP you can print, you can copy your paste you can’t do any of those things.

298
00:42:10.020 –> 00:42:13.620
Andy Whiteside: So I hope i’m getting ready to throw both you guys for a loop when I asked this question.

299
00:42:14.970 –> 00:42:15.570
Andy Whiteside: When.

300
00:42:16.830 –> 00:42:22.890
Andy Whiteside: If I do that outside the citrix ecosystem, in other words, not the platform of choice for granting this access.

301
00:42:24.450 –> 00:42:36.630
Andy Whiteside: Am I going to have to install maybe something else on that endpoint in order to go looking around for that in point detection information if I use a third party and not the citrix platform that i’ve been harping on so far.

302
00:42:38.220 –> 00:42:51.480
Andy Whiteside: And there was a really bad way to ask this question what i’m trying to get at is if i’ve got to have the citrix workspace APP on to access the stuff anyway embedding some of that capabilities into software in the workspace APP is a win, win.

303
00:42:54.210 –> 00:43:07.320
Ben Rogers: Well, I would agree with that, I mean you would the workspace APP could do both your endpoint analysis and your application access, so you can have it all that I have multiple agents running on the endpoint you know.

304
00:43:08.250 –> 00:43:17.010
Andy Whiteside: What i’m getting at there is even back in the days when I was consulting you know all the time, I used to have to push out this little implant analysis agent thing on there.

305
00:43:17.430 –> 00:43:26.010
Andy Whiteside: Now, which is buried into the workspace APP and what’s already on there is on there when I meet with people who have all kinds of like Okay, what do you put on your end point I just put citrix on it.

306
00:43:26.400 –> 00:43:30.630
Andy Whiteside: Okay, well, why is it got 18 things install Oh, these are all the agents to make all of the things work.

307
00:43:30.930 –> 00:43:40.920
Andy Whiteside: that’s the whole idea of the citrix platform stuff we’re talking about here is all the sudden I can collapse things into one trusted platform and add fewer things on top of it that’s a win.

308
00:43:41.520 –> 00:43:43.200
Bill Sutton: Exactly yeah it is.

309
00:43:43.620 –> 00:43:47.700
Andy Whiteside: We had this conversation with someone I was actually really excited one of my leaders in the company.

310
00:43:48.420 –> 00:43:56.220
Andy Whiteside: started like when I started talking about just using Microsoft edge and not Google chrome because the chromium engines inside edge.

311
00:43:56.610 –> 00:44:03.000
Andy Whiteside: And that would mean we have less applications install I saw them shaking their head going well that’s probably a good thing it’s like yeah.

312
00:44:03.420 –> 00:44:11.310
Andy Whiteside: it’s probably good thing if it works if it doesn’t work we got to put chrome on there, but the idea that less is more applies to a lot of things in life.

313
00:44:14.160 –> 00:44:26.040
Andy Whiteside: Alright guys, we got just a few more minutes, and then we all have other things to do let’s get one more topic here and it’s an interesting one in the world of citrix backups so, how does backups help me handle risk men.

314
00:44:27.210 –> 00:44:36.300
Ben Rogers: Oh well, I mean man, you could you could say what’s some of what it’s just a continuation were just talking about you’ve got your images and multiple locations so let’s say you’ve got.

315
00:44:36.630 –> 00:44:44.100
Ben Rogers: A data Center and you’ve got a set of images there and you’ve got a backup the ability and you’ve got a mirror copy of those images because you’ve been able to do it through.

316
00:44:44.430 –> 00:44:57.960
Ben Rogers: You know PBS or mcs or or other technologies, I mean you’ve got you’ve got in some cases, you can have an active active or an active passive I mean you really can get into a Dr BC.

317
00:44:58.260 –> 00:45:04.050
Ben Rogers: P scenario that’s very easy to spin up because you’re leveraging the image, the image.

318
00:45:04.740 –> 00:45:11.670
Ben Rogers: portability of citrix so from a macro perspective, you can have backups of your images in an offsite facility.

319
00:45:12.000 –> 00:45:27.870
Ben Rogers: You can have a backup citrix environment in a colo facility or you could have with at CS and gsb to active citrix environments both cheering loads that one could go down the other one to take the load, so I mean.

320
00:45:28.170 –> 00:45:42.510
Ben Rogers: As far as backups and air gabbing it’s all possible with citrix man, we can we can do it so many different ways, how far do you want to take it usually a lot of resolve back to what we were talking about before the money, what do you have to spend on it.

321
00:45:44.340 –> 00:46:02.700
Andy Whiteside: So bill there’s two products listed here to solve help solve this from a citrix perspective citrix virtual APP and desktop and citrix adc you’ve been doing this stuff 30 years ish what was the biggest game changer in being able to backup your your machines in that 30 years.

322
00:46:05.220 –> 00:46:08.520
Bill Sutton: it’s a game changer to backup your machines.

323
00:46:11.280 –> 00:46:16.950
Bill Sutton: Well, I think you know, obviously the the whole concept of a single image i’m not sure where you’re going here but.

324
00:46:17.700 –> 00:46:19.500
Andy Whiteside: You saw the concept of a single image.

325
00:46:19.530 –> 00:46:21.900
Bill Sutton: You know that you have to back up is a big part of it.

326
00:46:24.180 –> 00:46:24.480
Bill Sutton: yeah.

327
00:46:27.810 –> 00:46:28.230
Bill Sutton: Oh yeah.

328
00:46:29.100 –> 00:46:32.910
Andy Whiteside: The interested in having on here and that’s because you know damon all love.

329
00:46:33.720 –> 00:46:46.260
Andy Whiteside: When we got to the world of hypervisor and you can take a snapshot before you did that upgrade or you could take a snapshot every week to get that stuff back, I mean this other stuff great let me in the hypervisor whether it’s citrix hypervisor or your hypervisor of choice.

330
00:46:47.520 –> 00:46:59.100
Andy Whiteside: Huge game changer in the world of backup and I just noticed that that one’s not on here listen as a technology if if you’re not using a hypervisor these days you’re missing this backup one which is a no brainer.

331
00:46:59.400 –> 00:47:08.550
Bill Sutton: yeah I mean the concept, the air gap that I, I can name I can count on probably one hand, or maybe both hands, the number of times i’ve been i’ve been involved in a.

332
00:47:08.790 –> 00:47:12.810
Bill Sutton: ransomware attack, where the only environment that was functioning was the citrix environment.

333
00:47:13.590 –> 00:47:27.300
Bill Sutton: It had locked back in databases that it didn’t it didn’t stop it encrypted the exchange data store, I mean, some of them are really bad, but the citrix environment, maybe they got an image or two depending on how the customer, maybe they had a couple of static images, but.

334
00:47:28.530 –> 00:47:32.280
Bill Sutton: I have encountered that and I think what they’re getting out here, partly is.

335
00:47:32.880 –> 00:47:39.720
Bill Sutton: Air gapped and encrypted backups keep them off site somewhere else that’s not directly IP connected to your network, or at least it’s.

336
00:47:40.020 –> 00:47:50.370
Bill Sutton: it’s isolated, so that a ransomware attack gets in there, it can’t get to those backups i’ve had to rebuild citrix environments where they did get to the backups so.

337
00:47:51.900 –> 00:47:58.440
Andy Whiteside: yeah and in my heart common the highest one hypervisor one up but yeah absolutely the architecture this stuff by default brings into the equation.

338
00:47:58.620 –> 00:48:08.700
Andy Whiteside: And we look to build a citrix environment you’re talking about did not get impacted by ransomware they weren’t built to prevent ransomware they were just building the right way, which happened to prevent ransomware.

339
00:48:08.970 –> 00:48:10.950
Ben Rogers: Correct so we’re here to the product.

340
00:48:11.340 –> 00:48:11.760
Bill Sutton: It is.

341
00:48:12.150 –> 00:48:14.670
Andy Whiteside: In the architecture of it yeah and.

342
00:48:14.880 –> 00:48:23.370
Ben Rogers: And people laugh when we say that, but it truly is I mean we don’t like the thing that we always talk about cities, compared to the vpn vpn.

343
00:48:23.850 –> 00:48:33.240
Ben Rogers: Shooting a bullet hole through your network, so that now I in my machine X access that network yeah there’s a sales and all that, but it, how many.

344
00:48:33.840 –> 00:48:43.710
Ben Rogers: administrators are up on their acl or a citrix is just made a window we’re not allowing you to get into that environment we’re presenting that environment to you, virtually.

345
00:48:44.040 –> 00:48:51.390
Ben Rogers: The window to allow you to have access to it, you don’t really you’re never really physically audit, like you, are with a vpn yeah.

346
00:48:51.630 –> 00:48:53.970
Andy Whiteside: You never took control of it you’re just a.

347
00:48:55.110 –> 00:48:56.490
Andy Whiteside: subscriber of it, for the moment.

348
00:48:56.940 –> 00:48:59.970
Andy Whiteside: Exactly in a in a.

349
00:49:02.460 –> 00:49:08.580
Andy Whiteside: situation where you’re getting presentation layer information I was at a conference last week and they kept using the word that when you do virtual desktop you’re streaming it.

350
00:49:08.940 –> 00:49:15.210
Andy Whiteside: Microsoft was using the word streaming I just want to run up on stage you’re not streaming it you’re presenting it, but I figured they wouldn’t appreciate that.

351
00:49:17.190 –> 00:49:25.860
Andy Whiteside: Well guys, I will let’s wrap on this one on backup will pick it up again, maybe later this week i’ll try to find a time that works for both you guys i’ll talk about here in a second hey before.

352
00:49:26.160 –> 00:49:33.570
Andy Whiteside: let’s let’s talk about this will be been you’re going to be moving on from citrix on to a new technology that we’re going to work another company right you’re going to love details my whole point in.

353
00:49:33.810 –> 00:49:38.370
Andy Whiteside: and bring this up, is that, thank you for jumping on these and we’ll See you in a different podcast down the road but.

354
00:49:38.640 –> 00:49:49.710
Andy Whiteside: When citrix asked me about who do we want to fill in for being on the citrix podcasts I had one requirement and that one requirement is to have real world, knowledge and I want to thank you for bringing real world knowledge to the podcast.

355
00:49:50.430 –> 00:49:52.650
Bill Sutton: yeah double down on that.

356
00:49:54.630 –> 00:50:03.090
Ben Rogers: me and bill, I appreciate you having me on in the podcast, I am sorry to say, yeah this will be my last podcast is a citrix employee.

357
00:50:03.780 –> 00:50:15.720
Ben Rogers: I am often new ventures that I can’t talk about publicly, but maybe I will be a member of another podcast technology that you employ Andy so uh I might not be a stranger to you guys.

358
00:50:15.780 –> 00:50:18.210
Bill Sutton: After all, for so little teaser going on there.

359
00:50:19.920 –> 00:50:27.570
Andy Whiteside: will be no i’ll ask this question have you real quick you’re not leaving citrix because you don’t believe in what they do and where you’re just expanding your horizons.

360
00:50:28.170 –> 00:50:36.600
Andy Whiteside: People are talking to you all the time about you know what’s going on citrix are you done with such i’m like are you kidding me that the technology is more applicable than ever we just got through talking about all that.

361
00:50:37.200 –> 00:50:40.890
Andy Whiteside: But more applicable than ever, you know, this is just business stuff that’s going on.

362
00:50:41.490 –> 00:50:50.370
Ben Rogers: No, I mean I think citrix is going to be stronger than ever, I mean one thing that sits within citrix as walls it’s happening is they’re concentrating on what they do best.

363
00:50:50.700 –> 00:51:01.470
Ben Rogers: They want to be able to deliver virtualized application virtualized desktops when I got the citrix I didn’t realize how wide and deep citrix was especially with the.

364
00:51:01.890 –> 00:51:15.720
Ben Rogers: adc I had a busy season my environment, but I just thought it was a fancy way of managing ICA and I didn’t realize the scope of the you know the Swiss army knife that those boxes have, and then you got the whole right so.

365
00:51:16.020 –> 00:51:20.940
Ben Rogers: citrix is a great company, I have a lot of admiration for the company i’ll still support the company.

366
00:51:21.210 –> 00:51:30.720
Ben Rogers: This has nothing to do with the company, this is just an opportunity that puts me back in Charlotte, which is where I wanted to be they moved me to upstate New York and i’m you know was fine with that, but.

367
00:51:31.050 –> 00:51:38.550
Ben Rogers: it’s always good to be back home in your backyard, where you know people and you’ve got contacts, and that was a big reason for my move and to your point.

368
00:51:39.030 –> 00:51:44.130
Ben Rogers: My past allows me to talk about databases and data Center infrastructure.

369
00:51:44.550 –> 00:51:52.860
Ben Rogers: And I was not able to complete that story of citrix so i’m looking forward to being able to expand my storytelling and my experience so.

370
00:51:53.220 –> 00:52:00.480
Ben Rogers: Definitely appreciate the opportunity Andy and bill it’s been a wonderful pleasure to all the listeners and he’s a big great i’ve learned a ton.

371
00:52:00.810 –> 00:52:08.970
Ben Rogers: Of appreciated people that have reached out to me through linkedin and like I said, hopefully i’ll be back in some capacity here in the near future yeah.

372
00:52:09.480 –> 00:52:10.290
Andy Whiteside: i’ve been Thank you.

373
00:52:10.830 –> 00:52:12.420
Andy Whiteside: Thank you bill, thank you, as always, and.

374
00:52:13.440 –> 00:52:17.490
Andy Whiteside: i’ll try to find a time we’ll finish this one, this week, while we still got been on the hook.

375
00:52:17.880 –> 00:52:18.720
Ben Rogers: Right yeah be cool.

376
00:52:19.530 –> 00:52:20.850
Andy Whiteside: Alright guys well thanks have a good day.