155: The Citrix Session: Modernize your endpoint DR and eliminate ransomware with IGEL and Citrix

Feb 28, 2024

Citrix is gearing for HIMSS 2024 with a guest blog series featuring insights and innovations from some of our key partners. This first post is written by Jason Mafera, Healthcare Field CTO at IGEL Technology.

You can visit Citrix and IGEL at HIMSS booth #3212 to hear more about how the partnership is helping to redefine healthcare IT, empower providers, and enhance patient care.

For healthcare providers, it’s not a matter of IF but WHEN you’ll be impacted by ransomware, which unfortunately is still finding victims and impacting care delivery. After seeing a post-pandemic drop, the rate of ransomware is accelerating again. Two groups getting attention lately are CIOp and BlackCat (ALPHV). ClOp’s MOVEit Transfer hack to date has affected 15 million people and 121 organizations. BlackCat (ALPHV), skilled at exfiltration, threatened to leak photos and sensitive data of a plastic surgeon’s patients and, according to a Check Point report, previously leaked patients’ photos and medical records after an attack against American healthcare provider LVHN earlier this year.

Host: Andy Whiteside
Co-host: Bill Sutton
Co-host: Philip Sellers
Co-host: Todd Smith


00:00:02.270 –> 00:00:23.880
Andy Whiteside: Hello, and welcome to episode 1 55 of the Citrix session, our host, Andy White side. I’m excited to be here today. I’m gonna kick it off with the other. Zoom, tiger commercial, real quick. Guys, if you’re out there and you’re using citrix technologies, netscaler technologies. The 2 together, which would be phenomenal. If you’re using other products that relate to Citrix in this case, I don’t talk about here in a few minutes.

00:00:24.390 –> 00:00:42.589
Andy Whiteside: If you need a partner, and you do if you need somebody just to bounce ideas off. Philip Sellers is running our do Workspace practice, and Philip told the other day that he was with a customer that just, you know, randomly want to talk about something, and Philip helped them. And he’s like, why, I can’t buy that from you, Phil, if you need a partner and you do you want somebody to talk to add value.

00:00:42.690 –> 00:00:48.790
Andy Whiteside: Yeah, let us know. I mean. We. We know there are people out there that are succeeding with the technologies.

00:00:48.880 –> 00:00:59.739
Andy Whiteside: but they’re also coming up for the same people. I had a meeting with a customer 2 weeks ago, and he told me about this new design he’s coming out with for a Citrix environment. I’m sitting there in front of his. And I’m going.

00:01:00.120 –> 00:01:08.910
Andy Whiteside: Yeah, sounds great. But what I really want to say and I had a conversation with Boss later is, if you design that nobody in organizations to be able to support that. But you, I hope you never plan on. Go on vacation.

00:01:09.200 –> 00:01:18.970
Andy Whiteside: He was. He was gonna build quite quite the environment. I won’t go into more detail. So I got with me. Bill, sudden Bill runs our delivery practice Bill. How’s it going? Well, Andy?

00:01:19.230 –> 00:01:28.199
Andy Whiteside: Philip, I referenced you. A minute ago Philip runs our what I call modern workspace practice, which is where Citrix and then user compute falls in. Philip. How’s it going?

00:01:28.790 –> 00:01:34.690
Andy Whiteside: You excited as always, I’m sure. Todd Smith Todd runs

00:01:34.740 –> 00:01:36.290
Andy Whiteside: the Canadian

00:01:36.380 –> 00:01:47.350
Andy Whiteside: give me the title. So so I’m a senior principal account technology strategist, which means I’m basically an Ats

00:01:47.370 –> 00:01:49.900
Todd Smith: covering

00:01:50.050 –> 00:01:55.729
Todd Smith: 3 large healthcare organizations in Western Canada as well as the Canadian Federal Government.

00:01:55.790 –> 00:02:02.330
Andy Whiteside: So you have a fairly large fairly large customers that use. Yeah.

00:02:02.640 –> 00:02:04.190
Andy Whiteside: How’s that going

00:02:04.690 –> 00:02:13.769
Todd Smith: cool? Well, it’s going really. Well, you know, the messaging is on point with in terms of, you know, our healthcare messaging, especially around

00:02:13.850 –> 00:02:21.740
Todd Smith: things like epic and cerner as well as being able to support the legacy applications that are out there in healthcare.

00:02:21.910 –> 00:02:22.750
Todd Smith: A.

00:02:22.900 –> 00:02:29.770
Todd Smith: Didn’t think I’d see a Zen environment still in production. But we do have a customer and Scotland.

00:02:29.780 –> 00:02:40.250
Todd Smith:  but it’s it’s interesting. And then also the the way the Canadian Federal Government work or the Canadian Government agencies work compared to the Us. Government agencies is that.

00:02:40.530 –> 00:02:47.930
Todd Smith: Yeah, there’s some uniqueness. But then there’s also a lot of commonality. So it really helps an awful lot to have that perspective going.

00:02:48.100 –> 00:03:00.370
Andy Whiteside: You know, it’s funny. I was listening to last week’s podcast. And we actually brought up the fact that bill still seeing a bunch of see some 6, 5. And you know, 5, 15 environments 5, 15,

00:03:00.370 –> 00:03:24.810
Andy Whiteside: 1515 environments. And every time I hear somebody say that, and you just said it, I’m like, no, no, no, you can’t. And then people say, Oh, yes, yes, I do. And even in the podcast? Of the day I said that to myself, like no, you know we justified. Well, I guess you do. It’s amazing what’s still out there. That would be a good sign of an organization that doesn’t have a good partner, because if they had a good partner the partner would have done everything humanly possible to prevent that from that.

00:03:24.900 –> 00:03:37.540
Todd Smith: Yeah. And honestly, Andi Andy, I think there’s a big challenge out there, in fact, that there’s a lot of applications that are currently used in production environments that haven’t been certified for server 22, or.

00:03:37.610 –> 00:03:48.050
Todd Smith: you know, there’s something that’s holding the application back. And the reason why a lot of organizations haven’t upgraded because they’re fearful of what’s gonna happen if they do

00:03:48.080 –> 00:03:52.229
Todd Smith: go through that upgrade and and change is, you know.

00:03:52.290 –> 00:03:54.259
Todd Smith: change is not always easy to do.

00:03:54.760 –> 00:03:59.919
Todd Smith: But then you’ve got to look at the rationalization behind. Why, they’re using that application.

00:04:00.470 –> 00:04:04.430
Todd Smith: Well, if if you’re paying, if you’re if you’re keeping

00:04:04.450 –> 00:04:07.949
Todd Smith: an an application alive because 3 people need to use it.

00:04:08.070 –> 00:04:27.930
Andy Whiteside: it may, will be worthwhile saying, is that the right application? Right? And that’s all the more reason why you need a partner not only just to help you with Citrix, but a partner with rationale to go. Why are you even messing with that app? How can we? How can we mothball that app, or just put it, set it aside where it’s impact is so minimal as minimal as possible.

00:04:28.410 –> 00:04:47.019
Andy Whiteside: So guys, we have the blog that we’re gonna cover today is maximize your endpoint, Dr. And eliminate ransom. We’re with Ijo and Citrix. You guys hear us talk about this all the time, but with him’s coming up, and Igl being such a major player in the the healthcare organization, and of course Citrix and some of those applications Kessen Cerner epic

00:04:47.020 –> 00:04:59.799
Andy Whiteside: all scripts which I think has a new name. Now that’s limitless. People wanted to ask me all the time, why are you guys so active with healthcare. I’m like, well, you don’t have a choice, because the things we do along with healthcare. So well, it just kinda happens

00:05:00.310 –> 00:05:09.620
Andy Whiteside: Todd, you’re probably perfect person to carry most of these conversations. But I’ll expect Bill and Philip to chime in Todd. Why do you think this is an important blog to cover.

00:05:10.570 –> 00:05:15.420
Todd Smith: So so there’s a couple of things right. And and probably the first thing is that

00:05:15.770 –> 00:05:19.699
Todd Smith: you can lock down the application the data as much as possible.

00:05:19.900 –> 00:05:23.659
Todd Smith: But you really need to consider. How do I protect that endpoint

00:05:24.210 –> 00:05:31.060
Todd Smith: in the easiest way? To protect that end point is to simplify the management of it and lock it down

00:05:31.750 –> 00:05:45.840
Todd Smith: inherently. So it doesn’t run a native operating system that has local admin rights and has all of the potential threat factors that are out there, right? So if you can, if you can protect the end point

00:05:46.300 –> 00:05:58.199
Todd Smith: and use that as the the entry way into your environment. it’s gonna make your life a lot easier. So we get gonna make your in your environment as a whole much more secure.

00:05:58.220 –> 00:06:04.139
Andy Whiteside: And and so I’m a huge windows, Fan Microsoft windows. Whether it’s the endpoint or the server, and my career

00:06:04.160 –> 00:06:13.830
Andy Whiteside: started around that and main maintains around that to this day, I think we just said is, you got us rethink whether you even have windows on the endpoint? Is that part of that message?

00:06:14.060 –> 00:06:21.989
Todd Smith: Yes, and the thing is is that it makes it so much easier for us to deliver a windows-based application.

00:06:22.010 –> 00:06:36.099
Todd Smith: I mean, this is what Citrix has been doing almost since our inception delivering a windows based application to a non windows based endpoint. And that’s exactly what Igl is doing in in this this blog post actually highlights this, in in fact that

00:06:37.090 –> 00:06:41.189
Todd Smith: you’re running a hardened operating system on the end point

00:06:41.200 –> 00:06:44.080
Todd Smith: with ideal. It’s a Linux based lockdown.

00:06:44.180 –> 00:06:47.770
Todd Smith: You have a protected

00:06:48.120 –> 00:06:49.390
Todd Smith: entry point

00:06:49.450 –> 00:06:55.640
Todd Smith: into your protected windows based application that’s running on a server inside your data center

00:06:56.020 –> 00:07:04.650
Todd Smith: that’s got all those inherent protections. And then you layer policies on top of that to prevent things like data exfiltration

00:07:04.700 –> 00:07:17.469
Todd Smith: or protecting the ability to restricting the ability to do things like copy and paste or print or print down to a local device. All of those things cover into our our benefits of

00:07:17.890 –> 00:07:20.449
Todd Smith: that starting point of locking down that endpoint.

00:07:21.300 –> 00:07:22.050

00:07:22.380 –> 00:07:26.740
Andy Whiteside: Phillip, what do you see? Healthcare customers do on the endpoint.

00:07:27.560 –> 00:07:47.929
Philip Sellers: Yeah, I mean for healthcare customers. You know, they’re they’re chasing that really great user experience of tap and go right. And they wanna be able to empower their clinical staff to be able to be as productive as possible. And that’s a big part of this play as well. You know they

00:07:48.200 –> 00:08:03.619
Philip Sellers: they get that experience with an Igl on the endpoint with Vdi for the workload and they’re also intrinsically getting security as part of that. So they’re hitting it across several different

00:08:03.710 –> 00:08:09.929
Philip Sellers: metrics, great user experience, fast productivity and a secure endpoint. So

00:08:09.960 –> 00:08:20.070
Philip Sellers: the the healthcare customers we’re looking at and working with. We really advocate for this because it is a triple thread. It’s a triple play

00:08:20.480 –> 00:08:28.929
for them to get great outcomes at the end of the day. But you know the security thing can’t be understated. It is

00:08:29.110 –> 00:08:33.640
Philip Sellers: tough. When you have data leaving your premises on a device

00:08:33.900 –> 00:08:44.679
Philip Sellers: you you don’t have as much control so this is a great play to to re-establish that control and keep it in the confines of your data center

00:08:45.700 –> 00:09:02.180
Andy Whiteside: Bill. Any active or current projects, or past projects where you’ve seen them actually executing this and any of the the benefits that came from it. Absolutely. We’ve got one going right now where we’re for a healthcare organization, where we’re implementing or helping them migrate their agile environment and expand it

00:09:02.180 –> 00:09:30.259
Bill Sutton: to some new facilities. And you know certainly everything that Todd and Phillip said applies to this. The the key thing here that Phillip said that I was gonna bring up is the whole concept of tap and go, and and the ability to save the clinician, the time that it would take to log into an existing endpoint and all the management that goes around, that if you save a clinician 10 s during the day, and multiply that by the number of clinicians and a number of days. That’s real time that they can spend with patients and not

00:09:30.510 –> 00:09:39.549
Bill Sutton: tagging with technology. So the simpler and more secure and more performant you make it the better, and Igl goes long way towards that.

00:09:40.570 –> 00:09:51.389
Andy Whiteside: You know. I’m gonna call out the the the black cat. Was a skilled exfiltration threat delete photos of sensitive data for plastic surgery patients imagine.

00:09:51.550 –> 00:09:53.519
Andy Whiteside: imagine the negative.

00:09:54.360 –> 00:09:58.169
Andy Whiteside: the negative that would happen for an organization that was that that happened to their customers.

00:10:01.000 –> 00:10:17.039
Andy Whiteside: This. We’ll walk through the article here. That was pretty much. That was the intro and I think we covered a lot of things the endpoint has the first line of threat defense, Todd. I think we’ve covered this to some degree, but you can never cover enough. I use the it a windows messaging.

00:10:17.430 –> 00:10:31.319
Andy Whiteside: let me say one thing real quick. Yeah. I asked Bill, do you have an example? And I honestly have no idea whether you had an example. Not but because the way we partner with our customers I knew we probably did. Because this isn’t something we just talked about, you know, in marketing things like this.

00:10:31.510 –> 00:10:35.440
Andy Whiteside: these are things we do every day with our customers. These are like conversations that are

00:10:35.580 –> 00:10:37.640
Andy Whiteside: top of mind daily.

00:10:37.690 –> 00:10:45.329
Andy Whiteside: Endpoint is first line defense. Yes, obviously, that’s one of the conversations we are having daily. Todd. How does Citrix see

00:10:45.820 –> 00:10:50.719
Andy Whiteside: the end point as part of the story. Clearly, you guys don’t sell endpoints. In fact.

00:10:51.220 –> 00:10:57.499
Andy Whiteside: have you ever sold in points? You’ve been around long time with me, but even longer has has there ever been a citrix endpoint?

00:10:57.750 –> 00:11:01.190
Todd Smith: So so no, there hasn’t been a citrix

00:11:01.420 –> 00:11:09.769
Todd Smith: built endpoint. I mean, we’ve we’ve done things where we’ve added, our our software baked into the into some of the endpoints, whether it be

00:11:09.910 –> 00:11:17.080
Todd Smith:  Igels or you know other other platforms you could actually order.

00:11:17.280 –> 00:11:22.580
Todd Smith: Then from the manufacturer with the citrix receiver or citrix client preinstalled.

00:11:22.610 –> 00:11:29.279
Todd Smith: But you know we’ve we’ve always kind of stayed out of the hardware business when it comes to that.

00:11:29.290 –> 00:11:37.250
Todd Smith: but it’s an interesting conversation, the fact that basically you spin up your you, you take your endpoint out of the box. You plug it in

00:11:37.340 –> 00:11:45.009
Todd Smith: if it already has the Citrix receiver Citrix Workspace app already installed on it. You basically point it to your

00:11:45.420 –> 00:11:50.010
Todd Smith: Yo, your domain, or your put in your email address, it will find

00:11:50.340 –> 00:12:06.980
Todd Smith: access to your storefront and properly get it configured for you. So it’s it’s really is more of a 0 trust trust or 0 touch approach for this. The benefit there is that, you know. Once again, going back to that user experience. You know you want.

00:12:07.260 –> 00:12:13.840
Todd Smith: You want your doctors to practice medicine, not be it professionals. and if I can deliver

00:12:14.080 –> 00:12:29.220
Todd Smith: an endpoint that already has something configured on it, and all they have to do is plug the blue wire into the blue socket, the red wire into the red one and plug in the power. Guess what? That job is very easy, and it doesn’t take a lot of specialized skills or training to be able to do that.

00:12:29.250 –> 00:12:31.139
Todd Smith: Now said you’re up on the network.

00:12:31.270 –> 00:12:37.929
Todd Smith: The endpoint really has come down to it really is living up to the old plug and play. Add.

00:12:38.740 –> 00:12:44.110
Andy Whiteside: I think I just fell for the same trap most of our customers fall, for they get endpoint equals hardware.

00:12:44.280 –> 00:12:56.240
Andy Whiteside: Really, it’s all about enabling the endpoint. Any thoughts on how this is the citrix method of enabling the endpoint through the workspace at which, by the way, includes the enterprise. Browser. Thoughts on that.

00:12:57.040 –> 00:13:11.629
Philip Sellers: Yeah, I mean it. It is really easy a. A. And that I think that’s the crux of it right you. You don’t need specialists at the endpoint. And you know we. We also are seeing our healthcare customers scale

00:13:11.740 –> 00:13:22.329
Philip Sellers: increasing size increasingly, more employees, more endpoints. And so it’s a very consistent way, you know, when you’re using the citrix workspace app

00:13:22.510 –> 00:13:33.400
Philip Sellers: it is a known way. You’re not retraining your staff. And so it turns into a very. very user, friendly, approachable

00:13:33.560 –> 00:13:49.949
Philip Sellers: way of interacting with your technology. And and again, to Todd’s Point, you want your doctor’s doctoring. I don’t know if that’s actually a verb, but we’ll use it as one today. You want them doing their job, not being an it troubleshooter.

00:13:50.740 –> 00:14:06.529
Andy Whiteside: Yeah, I do. Wanna go to Bill and ask another ask question about this. But before I go there, there’s one paragraph here, Todd, that talks about cloud based workloads, you know, back in the day, let’s say 5, 1015 years ago, when all this was like client server data center centric

00:14:06.580 –> 00:14:18.590
Andy Whiteside: enabling the endpoint was doable, not as easy now with cloud delivered workloads like, for example, Igl’s ability to do onboarding Citrix’s ability to do onboarding with just nothing but an email address.

00:14:18.700 –> 00:14:24.049
Andy Whiteside: This, this challenge has become super solvable and kind of native right?

00:14:24.240 –> 00:14:36.459
Todd Smith: Yeah, in, in especially where you know th, this, this is a great use case that we’re seeing a lot more happening in around things like practitioners that are not assigned and working on hospital every day.

00:14:36.730 –> 00:14:39.420
Todd Smith: And it’s it typically tends to be

00:14:39.440 –> 00:14:55.420
Todd Smith: your ancillary clinicians, right? The the folks that are doing plastic surgery, the folks that are the the ophthalmologists and the dentists that are working outside of a typical hospital. They’re typically going with their own solution they could be a cloud hosted

00:14:55.690 –> 00:14:59.859
Todd Smith: virtual app or virtual desktop. Well, what if I can log in to my

00:14:59.950 –> 00:15:01.520
Todd Smith: my Emr.

00:15:01.540 –> 00:15:23.410
Todd Smith: or connecting to the hospital is containing the patient records without having to go and get a network connection to that hospital or network, you know, to go through any other special device or specialized hardware to be able to do that. What if I could access it directly from a a cloud? Hosted virtual desktop that’s out there.

00:15:23.860 –> 00:15:27.640
Todd Smith: and that also that also works on. You know, if I’m using.

00:15:28.530 –> 00:15:35.459
Todd Smith: if I switch devices as well, right? Because it is accessible via the cloud that means it’s accessible anywhere.

00:15:35.790 –> 00:15:49.639
Todd Smith: But I still want to make sure that I have those same protections and same access controls and the same policies that can be delivered, regardless of whether I’m in a traditional on Prem in the hospital environment or whether I’m connecting in remotely

00:15:49.670 –> 00:15:51.369
Todd Smith: from whatever device that’s out there.

00:15:52.350 –> 00:15:59.220
Andy Whiteside: Yeah, a little bit of a little bit of soft software, smart software, the appropriate software and an IP address.

00:15:59.510 –> 00:16:03.680
Andy Whiteside: And you could securely make all this stuff work.

00:16:04.060 –> 00:16:14.199
Andy Whiteside: Bill, my question for you is going to be II met with one of our colleagues this morning, and they talked about one of our larger clients that with with non windows they did not go Eyegeel.

00:16:14.260 –> 00:16:17.869
Andy Whiteside: and they got boxed in, based on functionality.

00:16:18.190 –> 00:16:46.229
Bill Sutton: Do you think there’s customers out there that have tried this. We’ll call it the thin clients. Approach one time, and they’ll never go back to it. And they’re not taking the advantages of what Ijo can do. Yeah, I think there’s a number of those that that have tried it and and failed, and part of that is an an issue with execution. Part of it’s poor planning. Part of it’s the expectation gap between what the technology can deliver and what the customer thinks it can deliver. It’s probably the biggest element.

00:16:46.230 –> 00:17:01.919
Bill Sutton: The other thing is a a lot of the other players. It’s it’s either a hardware play along with the software, or it’s a or it’s just a an endpoint of an actual device. Your device that you’ve got to buy and put somewhere and plug in and connect.

00:17:01.960 –> 00:17:15.089
Bill Sutton: Igl, of course, as we know, is is a software company now, and they don’t sell thin clients anymore. They they partner with major hardware providers, and you can install the the iglos on

00:17:15.300 –> 00:17:38.480
Bill Sutton: pretty much just about anything, any reasonably recent device. I know back in the day those of you who have been around Andy Whiteside. He used to carry a lot of old Pcs in the trunk of his car, and he put Iglos on them, or do some other fancy stuff with him to show you how you could reuse them. And Igl can still do that. But the other thing about Igel is the ability to to do it on a USB stick or the

00:17:38.590 –> 00:17:43.019
Bill Sutton: the oh, shoot, Andy! What’s it called? I should know it to this case

00:17:43.120 –> 00:18:07.029
Bill Sutton: ud pocket ut pocket pocket. Yeah. The ability to plug it in. Plug the Ud pocket USB device into any any laptop or desktop and immediately get policies push down to it, and it acts just like or becomes any, as it were, a thin client device, and that that gives users the ability to use this have the same experience pretty much, no matter where they are, as long as they can. Boot off that USB device.

00:18:08.300 –> 00:18:15.080
Andy Whiteside: that, and even what I love, which never has really taken off the idea. You load Ijo on a HDMI stick.

00:18:15.200 –> 00:18:30.609
Andy Whiteside: but so far as proven to be under powered. I think a day is gonna come back around. That’s that’s a viable solution as well. Alright, I think I think one thing I think one thing to add to, to to bills common. And and this is.

00:18:31.180 –> 00:18:34.909
Todd Smith: take any time to to plan out your

00:18:35.070 –> 00:18:45.070
Todd Smith: your implementation. Knowing what the requirements are of the applications and also the peripherals. You know the devices that you’re going to be plugging in

00:18:45.100 –> 00:18:56.089
Todd Smith: and also knowing the capabilities of whatever endpoint you’re using it. So if it’s not, if it’s a Linux based endpoint. And you’re plugging a device that only has windows, device drivers.

00:18:57.140 –> 00:19:03.080
Todd Smith: you need to make sure that you’ve tested that properly. Right? So I had a hospital in Connecticut one time. That

00:19:03.410 –> 00:19:06.090
Todd Smith: they’re their front desk

00:19:06.410 –> 00:19:20.459
Todd Smith: at the registration desk was also their checkout. It was also they did some scanning of of the the patient’s information right? So they had a. They had a webcam to take a photo. They had a

00:19:20.690 –> 00:19:29.219
Todd Smith: signature pad to capture the people’s signature phone. You’re signing off on all the documents. They also had a a credit card reader

00:19:29.410 –> 00:19:35.139
Todd Smith: on it as well as a label printer and a full size printer attached to it.

00:19:37.040 –> 00:19:41.090
Todd Smith: If you plug that into a Linux device, one or Linux End point.

00:19:41.320 –> 00:19:45.780
Todd Smith: there’s chances that one of those, or maybe multiple of those

00:19:46.030 –> 00:19:50.719
Todd Smith: devices, may not properly sync all the way through into that session.

00:19:51.680 –> 00:19:56.040
Todd Smith: So once again, thinking about it, maybe having that use case.

00:19:56.070 –> 00:20:03.940
Todd Smith: Maybe maybe that stays as a windows endpoint the rest of them could be. you know, a true thing. Climb

00:20:04.210 –> 00:20:07.609
Todd Smith:  you know. It just comes down to

00:20:08.110 –> 00:20:10.139
Todd Smith: making sure you plan properly.

00:20:10.680 –> 00:20:32.440
Andy Whiteside: That again goes to where you know that real partner gets into. Look. I know you can do this with this with these 4 things. But this this one. Yeah, we need to use windows on the import, or might be. And that’s what’s so nice about the name world. We can do all of them with a smart, really smart Linux standpoint, especially when it’s been tailored to work with all these solutions. And that’s where Igel is by far the cut above everybody else.

00:20:32.440 –> 00:20:44.519
Andy Whiteside: Let’s talk disaster, recovery as part of security which it is and making sure people are prepared. How does using Igl versus windows enable disaster recovery options.

00:20:45.080 –> 00:21:03.339
Todd Smith: So so it it opens up a lot of possibilities. Right? So the fact that Igl is a software based solution that you can take. You know, a bunch of older Pcs, you know, you just back up your car to the to the location. Take out whatever whatever devices are in the back of your. When you’re drunk.

00:21:03.680 –> 00:21:10.329
Todd Smith: you could pretty much set up a you could set up a a hospital or set up a a recovery center

00:21:10.500 –> 00:21:12.400
Todd Smith: disaster recovery center

00:21:12.530 –> 00:21:19.020
Todd Smith: based on hardware that was available. As long as you’ve got that as long as it can run the igl components on it.

00:21:19.330 –> 00:21:23.900
Todd Smith: that that that adds to a lot of potential

00:21:24.280 –> 00:21:31.290
Todd Smith: recovery options from a disaster recovery perspective. It is also a situation where you have.

00:21:31.420 –> 00:21:33.640
Todd Smith: secure connections

00:21:33.730 –> 00:21:42.360
Todd Smith: from anywhere. Right? You also have the ability to recover faster without making that incredibly expensive

00:21:42.560 –> 00:21:44.730
Todd Smith: Dr. Site

00:21:44.980 –> 00:21:57.109
Todd Smith: that always has to be maintained. It has to be, you know, tested. It has to be always available. You know, it’s the world’s biggest insurance policy that you’re probably never gonna have to use until you actually need it.

00:21:57.130 –> 00:22:05.650
Todd Smith: And we’ve seen situations where you know, especially over the past 3 to 4 years of situations where they’ve taken over convention centers and turned them into

00:22:05.700 –> 00:22:10.780
Todd Smith: into hospitals or at least treatment facilities.

00:22:11.280 –> 00:22:12.969
Todd Smith: that could be.

00:22:13.420 –> 00:22:23.850
Todd Smith: You know that that’s a lot harder to do when you don’t have a strategy around how to get the endpoints there, and how to maintain those and how to get those up and running very quickly

00:22:24.480 –> 00:22:37.009
Todd Smith: because most of the it folks are gonna be worried about getting access, getting the data synced, getting the protection up and running. The last thing on their mind is typically going to be getting the endpoint stood up.

00:22:37.140 –> 00:22:43.860
Todd Smith: If you can make that a very simple process that anyone can do it. Guess what it’s gonna go your recovery. It’s gonna go much faster.

00:22:45.070 –> 00:22:45.910
Andy Whiteside: And

00:22:46.030 –> 00:22:51.309
Andy Whiteside: Phil, when they call out here is just the fact that you know, recovery might just be

00:22:51.390 –> 00:22:52.440
Andy Whiteside: rebooting.

00:22:53.320 –> 00:23:10.289
Philip Sellers: Yeah, you know, II think that’s an amazing point. Right? So using citrix technology at the core here. all you have to do is is set it to reset the environment every time a user logs out right and

00:23:10.300 –> 00:23:25.629
Philip Sellers: so from a disaster recovery standpoint, it is as easy as a reboot. But that goes a step further, too. It’s also about being able to trust that golden Master. It’s not infected. We we can have certainty, and know for sure

00:23:25.650 –> 00:23:27.350
Philip Sellers: that it is

00:23:27.690 –> 00:23:40.250
Philip Sellers: not affected by the cyber attack, and that you’re in good shape. And so we had a a recent incident with a customer where they were able to get back up because

00:23:40.270 –> 00:23:49.169
Philip Sellers: of that technology. They knew that they could have confidence in the Citrix environment running the igl thin clients because

00:23:49.310 –> 00:24:02.610
Philip Sellers: it couldn’t possibly be affected or it would be extremely hard and and very remote possibility of it being infected. So it’s also that insurance policy from from that layer

00:24:04.270 –> 00:24:20.169
Andy Whiteside: but just to split here. So we said, yes, you got the back end, Citrix environment, or whatever the easy the presentation model is, but on the ideal side it’s not a set it right. It you would have to do unnatural things when you, Bill, in order for to become

00:24:20.310 –> 00:24:22.460
Andy Whiteside: where data could be resonant.

00:24:22.720 –> 00:24:48.989
Philip Sellers: Yeah, I mean it. It’s hardened, and and I think that’s the other part of it is is that it was designed with security in mind for the express purpose of being a read-only non data, resident endpoint operating system. Almost everything else you would encounter in the the wild. It’s gonna have data on it. And Igel set out to make it the opposite of that.

00:24:50.120 –> 00:25:10.880
Bill Sutton: So, Bill, same thing. I haven’t. I haven’t pre-staged this question for you. But do you have an example of a customer who understands this? And taking advantage of the the Dr. Aspects of a non windows. In this case, igl endpoint solution, absolutely. Yeah. Leveraging, leveraging the non windows on the endpoint at a at a Dr. Facility.

00:25:10.880 –> 00:25:34.710
Bill Sutton: The ability to quickly update it. If you know, as as as the firmware changes to quickly repurpose the device or reset the device based on on the most current release. I go back when I when I read this, I think about it’s probably 10 years ago and wasn’t healthcare. It was financial services. They actually were required after 9, 11 financial services, organizations required to do a Dr. Test every quarter

00:25:34.760 –> 00:25:43.670
Bill Sutton: and then a live test every 6 months. I think it was every other quarter, and that live test meant they actually had a facility in another Zip code, not in a flood plain.

00:25:43.670 –> 00:25:54.750
Where they had essentially their operations set up, and this financial services organization had a bunch of windows, machines sending on sitting on these repurposed desktops in this facility across town

00:25:54.750 –> 00:26:16.950
Bill Sutton: where they would had everybody go on a Saturday morning, and they cut the cut to connection. And I thought to myself, Wow, imagine the update process. You have to go through every 3 months to make that make. Bring those current. Make sure everything’s you know. Everything’s the same as it is in the office, and certainly with Igel. If they had Igel back then that would have made their lives a whole lot easier and simpler, and the users would have had a much better experience.

00:26:17.450 –> 00:26:28.859
Andy Whiteside: And and I’ll use this comment to tie it into the the last paragraph. Here is what talks about the last section. Remember the endpoint. So I’ll list those out to all 3. You guys. I believe.

00:26:29.010 –> 00:26:44.210
Andy Whiteside: That this should not be something you do at the time of a security incident or the time that you have a Dr. Instance. If you just do it this way every day, it becomes natural, and it’s not a it’s not a change. When someone happens, it’s it’s how you work

00:26:46.350 –> 00:26:52.760
Todd Smith: thoughts on that. Yeah, I think the I think the critical thing there, Andy, is that you know it’s a behavior change.

00:26:52.920 –> 00:27:00.309
Todd Smith: But it’s a behavior change on both the user as well as the It administrator perspective. Right? Users need to be

00:27:01.050 –> 00:27:10.169
Todd Smith: be comfortable with resetting or rebooting that that device as they’re walking away from it, making sure they log out. Just don’t leave an open session sitting there.

00:27:10.350 –> 00:27:19.100
Todd Smith:  Igel’s got some really great management capabilities. That will. That will help do that for the user.

00:27:19.150 –> 00:27:25.580
Todd Smith: But at the same time the It administrators need to be aware that this is a capability that they should be enabling

00:27:26.220 –> 00:27:42.929
Todd Smith: out of the box. Right? It doesn’t. It doesn’t require you to wait until you do a hardware refresher. It doesn’t require you to to wait until you do some type of application upgrade. This is something you can do now that’s going to immediately have an impact on your overall protection scheme.

00:27:45.480 –> 00:27:46.730
Andy Whiteside: Filthy thoughts.

00:27:46.910 –> 00:27:55.670
Philip Sellers: Yeah, I mean as much as it’s a great insurance policy. There benefits on a day to day basis. You know, operationally, this scales

00:27:55.750 –> 00:28:09.529
Philip Sellers: as healthcare organizations are looking and and getting larger. You know, we we see the mergers. We see the trends of things consolidating in health care. It is a great way of optimizing

00:28:09.730 –> 00:28:12.250
Philip Sellers: and reducing the

00:28:12.370 –> 00:28:17.270
Philip Sellers: their costs and their their organizational operation. Spend?

00:28:17.380 –> 00:28:22.339
yeah, that’s not always a cost that can be easily justified. But when you’re adding headcount

00:28:22.610 –> 00:28:27.490
Philip Sellers: to directly reflect, you know the number of users you’re supporting.

00:28:27.530 –> 00:28:35.650
Philip Sellers: This is a great way of combating that as well. So there’s there’s operational benefits as well as the long term insurance policy and security benefits.

00:28:35.860 –> 00:28:39.359
Andy Whiteside: So, Bill, I’ll bring this question to you. Philip mentioned cost.

00:28:39.450 –> 00:28:42.709
Andy Whiteside: I mean, first of all, the cost of not doing this

00:28:42.850 –> 00:28:59.159
Andy Whiteside: is very high, but a lot of people look at this as an expense to move in this direction, though how many of the customers you’ve interact with do you think actually understand the total cost of running windows based endpoints today. Not not as many as as we’d like to be honest.

00:28:59.290 –> 00:29:27.960
Bill Sutton: And they look you’re right. They look at this as a as an added cost, without necessarily considering the overall benefit to the organization, both from a security perspective, from a device management, perspective, and frankly, also from an end. User perspective. What is the experience of the end user and making that experience consistent across all environments, whether it’s, you know, in the office at home at a Dr. Facility. What have you, I think isn’t is really critical here as well. And Igl certainly enables that

00:29:28.340 –> 00:29:56.069
Andy Whiteside: they’re going back to the partner aspect. We’re starting to offer our customers a free assessment on the cost of their endpoints today, where they stand today. Because how do you guide them around security and cost? If you don’t know where you’re starting from, security perspective. If you’re running windows, it can’t be secure. It just can’t be. It’s too powerful. Too many things you can do with it. Every attack vector, on the planet targets that first. And then how do you understand how much it costs, how much more it’s gonna cost for how much less it’s gonna cost if you don’t know where you’re starting from.

00:29:56.360 –> 00:29:57.870
Bill Sutton: But like.

00:29:58.020 –> 00:30:10.950
Andy Whiteside: So guys, I think, if you wanna learn more about the hymns, Booth, if you’re healthcare customer, if you’re gonna be at him so integral, have a booth there, have a happy hour reach out to us about that. Guys, I appreciate the time today and always good caption up with you guys around how Citrix

00:30:11.060 –> 00:30:19.519
Andy Whiteside: is a security play and a security enabler. And, to be honest, from the first time I ever saw it, I didn’t think of it that way, but didn’t take long to figure out. Hey, this is more secure

00:30:19.670 –> 00:30:22.330
Andy Whiteside: Todd. Thank you for your time, Philip Bill. As well.

00:30:22.520 –> 00:30:24.459
Todd Smith: No problem, thank you.