Advanced Solutions in Cloud, Connectivity, and Security with Director Brian Knudtson at 11:11 Systems | Ep. 24

Max: 00:09

‍Actually, I was looking at your LinkedIn earlier and it says that you've been, I guess, counting the acquisition, you've been, you pushed, like, 5 years now. It's, just cloud technologist was a cool title. I like that. I think

‍Brian: 00:20

I'm gonna have to have

Max: 00:22

to use that for myself. But Yeah. You you've been now with, I mean, so 1111 is, you know, Island and, I mean, there's there's some other you guys it it wasn't just a rebrand. Right? This was a a roll up as well?

Brian: 00:35

Yeah. Yeah. And I've I've I've got a slide that we can talk directly to that, but, you know, 11:11's been built through acquisition for the most part to this point. And I came in with a second acquisition, so I made kinda 2 acquisitions in December of 21. I was in the second of those 2, and now with with the combined situation right about four and a half years with the company.

Brian: 01:02

So

Max: 01:02

if yeah. Let's I mean, let's get into it. You know? Okay. If you got if you're if you got if you got something to cover this, I'll I won't steal to I won't get too distracted here.

Brian: 01:12

Yeah. Yeah. So, I mean, generally speaking, the the presentation I have is, kind of a what what our mission is as a company, how the companies came came to be. And then then we kind of start digging into what we have from a services perspective.

Max: 01:28

So wonderful. So floor is yours.

Brian: 01:30

Okay. Cool. Yeah. So, my name is Frank Knutson and I've been with 1111 through and we'll talk about how the companies came to be, but through acquisition, roughly about four and a half years now. And we've we've been putting together something that's that's really kinda cool, so I'm excited to to talk about that a bit.

Brian: 01:50

My role specifically is as the director of product market intelligence. What that fancy title means is that I spend a lot of time looking at the market, understanding what customers want, what analysts are saying Mhmm. The market's gonna go to, what, you know, just kind of the the community as a whole is speaking of. So a big part for me is, what what I like to call the hallway track at conferences. Just going around talking to people, understanding what what needs they have and what they're looking for, trying to you know, the the old saying of trying to skate to where the puck's going to be, trying to figure out that trajectory, through kinda taking all these pieces into into account.

Brian: 02:32

So I get involved pretty heavily with competitive, with, product roadmap with, specifically I'm on the product innovation team, or we think about the long term part of the roadmap. Okay. So a lot of, a lot of interesting stuff. I, I love that. It's, it's a good, good place for me to be at this point through very a very varied career path I've had up to this point.

Brian: 02:53

It gives me a lot of different interesting perspectives on things. How many

Max: 02:55

years down the road are you trying to look? I mean, like, what is I mean, when you start talking about product for, you know, a company now your size, I mean, is this a 3 year or 5 year? Farther or shorter? Like, what's what is that really

Brian: 03:07

Generally shorter than that at this point, due to a couple things, one being the fact that we we are a relatively new company. We're still trying to figure out I mean, we know what our core messaging is, what our core focus is. Mhmm. You know, we're still kind of growing through acquisition primarily at this stage, kind of a year into it. So there's there's a lot of still just figuring out what we have and what we can do with what we have.

Max: 03:31

I mean, that's a little bit of snowmoor, though, because, I mean, you know, 1111 is new, but, you know, like, Island is is not a new company. I mean, this is a very mature, you know, very mature business and and practice and service delivery and everything else.

Brian: 03:45

Absolutely. Yeah. So, the company I came in through, like you said, is Island, and we've that company had been around for 25 years, before it was acquired into 1111 a little over a year ago.

Max: 03:57

Okay.

Brian: 03:57

So definitely have some, some long term strategy there. The company island as a company pivoted several times in what their business model is. So those of us that are, that come in through that acquisition are very experienced at, you know, being able to move quickly and pivots. And of course, the other aspect that goes into how far out do we really look is the fact that, you know, we're in the cloud security space and that space changes very fast. And anyone who thinks they know what the industry is gonna look like 3 to 5 years from now is, is, is diluting themselves and or their customers.

Brian: 04:34

Because, I mean, think about 3 years ago where we were at, we were we heard that there's something going on in China. We don't know what it is, and the world got turned upside down within a couple months of that. So Sure. Sure. We we, we have to understand the fact that we're, the most important thing really is to be agile and to be prepared to jump on things when it makes sense to jump on them.

Brian: 04:59

And, and then sometimes it's the smart decision is to wait and see how things play out and not address something until it's that time has, you know, gone on long enough to show which direction things are headed. So it's, it's definitely a tough place to be in innovation, but it's, I love it. Super exciting.

Max: 05:19

K.

Brian: 05:20

So, yeah, moving forward with, what our mission is as a company. So 1111 is a company. The mission is to have kind of a single platform for customers to ensure their apps and data, you know, those are the two core pieces of any business, are always running accessible and protected. So any one of those by themselves is is a business by itself, really, being able to to run your infrastructure, being able to make it accessible, being able to protect it. Without all three, though, you really can't be in a situation where you can be assured of access to those apps and data.

Brian: 05:57

And so our focus is really to focus on that and and through kind of 3 pieces that we'll we'll talk in a bit more depth of cloud connectivity and security, making sure that those things are there for our customers' customers or our customers' employees to be able to serve those customers and always focus on that aspect of things. Talked a little bit about the company already. We've we've grown through acquisition to this point. So 1111 as an entity has existed for not quite 2 years now. They spent most of that 1st year really investigating the market, trying to figure out where the challenges are, where, more attention is necessary, to really help customers.

Brian: 06:44

And then towards the end of 2021, started into acquisition mode. The first two companies being Green Cloud Defense and Island. Again, I come from the island side of things. We had a really well known name in the cloud market, particularly around backup and disaster recovery. Very strong partnerships with VM and Zerto as well as VMware and HP.

Brian: 07:07

A lot of the technologies that we use under the covers coming from those 4 companies. Having having had that, that history and and that that place in the market, if you will, is a big part of why 11:11 acquired us. A lot of what we have going forward as a company is built on that bedrock. GreenCloud Defense came in, you know, at the beginning of December. We came in at the end of December.

Brian: 07:32

Green Cloud had a had a similar, cloud strategy to what Island had, so they merged very well together. They also brought in a, very solid security solution, in in in product, mainly mainly around services more than anything else, and some managed services along with that, heavily focused on enabling managed service providers to be able to do their business. So the 2 together melded very, very well together, and we we started cooking very, very quickly after that. Come January of of 22, we were off to the races. Then as as we got into the middle part of 22, they started building out, really kind of the connectivity piece of things.

Brian: 08:19

So we had this security in the cloud pretty well pretty well in hand, pretty solidly in hand. So when when you see the the April, May, July time frame was really focused on connectivity solutions and brought in some really, really awesome talent. It's been awesome to work with them.

Max: 08:34

Is 1111 in the digital alpha portfolio? Is that part of your financial backing or I mean, like, even task global. Right? You know, there's I mean, digital alpha has cut up and remerged and sold off so many companies in the last year. Just curious, like

Brian: 08:50

Yeah.

Max: 08:51

Are you guys part of that, or, you know, are these assets you've acquired, you know, opportunistically, you know, through that that activity?

Brian: 08:59

Yeah. So 1111 is actually, a company that is owned by Tiger Infrastructure Partners.

Max: 09:05

Okay.

Brian: 09:06

So they're they're an investment and and growth firm. So they buy companies to, that are that are on the verge of of being big in a lot of cases or are are new like 1111 was. So they they formed 1111 as part of a Tiger infrastructure, move, an organization designed to build something specific. So Mhmm. That the whole idea of saying data is everywhere, applications are everywhere, we need to connect those pieces, we need to secure them, and we need to to make them cloud enabled and and make them cloud smart.

Brian: 09:44

So they formed that company, and then then, like I said, did a lot of investigation, started acquiring those companies. So, it is it is a private equity situation. So, you know, there's there's only single investor in all of this, where they they invest the funds initially. We have some debt that that we've used to do some of these acquisitions and and to build things. But the financial, attention that we give within 11:11 is very much about making sure we're not overleveraged from from a loan perspective.

Brian: 10:18

So we're not we're not that startup that is gonna be running in the red for years. We're we're being very careful to make sure we're in the black the whole time so that there's there's no, instability coming from from the financial situation, especially I mean, the the way the finance environment has gone over the last year shows that that's a that's a really good strategy for us up to this point.

Max: 10:39

Yeah. For sure.

Brian: 10:42

So then kind of the big news kind of coming at towards the end of the year is, is the SunGard acquisition that we did. So obviously SunGard, most people probably know about SunGard more than any of these other other logos. Of course, they probably know that Sungard hasn't had a, a great business situation the last the last couple of years or so. So having gone through bankruptcy and whatnot, 1111 was able to broker a really good deal for the cloud managed services and the availability services pieces of SunGard in the United States. So specifically those those assets, including some data center assets.

Brian: 11:21

But most of the data center assets that SunGard had went went to a different company. Most of the, EMEA based pieces went to went to another company, but we do, have a healthy amount of of the managed services, the things that people are used to for, hey, we're gonna do Doctor with Sungard. We're gonna send our backups to SunGard. That was all included in this. A lot of the the private cloud type of solutions that many, many people are using with SunGard got brought over.

Brian: 11:49

So they bring a very healthy portfolio of solutions, that, are are highly automated, highly leveraging, strong procedures and and policies around that. So very, not not that the rest of the companies haven't been I mean, Island's been doing ISO 9,001 for for years now. In fact, as we record this, we're coming up on another cycle of that. So everyone's real real excited about that. But Sunguard is is known for helping to manage large complex enterprise type environments.

Brian: 12:24

So it brings a healthy, perspective on that and a healthy book of business along with that, that, right now we're just kind of getting into the stages of understanding what all they have, how it melds with what we already have within 1111 and, starting to figure out what do we keep? How do where do we put the people within the existing organization? So, you know, that's that's gonna be a long term, essentially doubled the size of the company from an employee perspective. So there's a lot for us to work through on that. Figuring out which backend systems, I mean, anyone who's been through an acquisition, this is, this is not one of the biggest ones I've been through.

Brian: 13:00

I've been through quite a few acquisitions on both sides of the fence, but it's, it's no small deal at this point. So, yeah, that's that's kind of how the the companies come to be at this point.

Max: 13:12

I mean, so, like, Island was a huge VMware vCloud partner and a huge VM and Zerto partner and was this really massive entity that not a lot of people knew about that had this very interesting, you know, backup and Doctor business. You know, looking at these logos and and just listening to you talk through it, I mean, what what percentage of the business now is, you know, backup and Doctor focused and cloud you know, or cloud connectivity. I mean, the connectivity here is, you know, a lot of these were, you know, even even with the metro assets deployed in data centers, I mean, these are aggregation networks. So you're providing last mile to companies connecting for just general DIA, and you're doing the whole whole thing end to end. But, I mean, kinda like, you know, when we look at and say, you know, cloud versus backup versus Doctor versus connectivity and security, like, what what what percentage of this business actually fits in those different buckets?

Brian: 14:05

Yeah. We don't we don't have specific percentages that we share. But what I will say is that of if if you take the SunGard piece of all this out, island was definitely the dominant of of all the businesses, both from a, number of customers and from a, revenue perspective. So definitely a lot of, a lot of backup and Doctor customers. I'd say our number one group of customers is, is in that data protection space.

Brian: 14:34

That said, the cloud piece of things is, is a per per customer more revenue aspect of things. So there's a pretty healthy business from from that perspective there as well. The security piece is is a growing space, growing very fast and very, it's a very chaotic space I've I've come to find, as as things are changing very quickly. Static 1 came in as as kind of, the biggest chunk of the connectivity business that we're doing right now. Though the the original 11/11 team that started with Tiger Infrastructure Partners is very, very strongly connected to the connectivity space as

Max: 15:21

well. Okay.

Brian: 15:21

So there's there's there's a lot of really deep relationships there, but that book of business is currently growing. And, you know, by the by the time you share this with anybody, we'll probably have launched, kind of the the 1111 core connectivity product based on those acquisitions we did this this last summer. So,

Max: 15:41

so this this is how you got to where you are, but, like so let's talk about where you are now and, like, where you where you're going over the next 12, 18 months.

Brian: 15:48

Yep. Absolutely. So like I stated with with the mission is is to create a platform. It it is to create a set of technologies that customers can plug into and and utilize what they need for for their particular needs. So 3 pillars that that we really focus on, the cloud, the connectivity, and security, as we mentioned before.

Brian: 16:09

And and we'll dig deep into each of these. But at a high level, trying to connect all these pieces, none of these pieces really should be considered individually. They should all be considered as a whole. You know, if you're gonna move stuff to the cloud, you need to know how you're gonna connect it. And, of course, the number one fear of moving to the cloud is the security aspect of things.

Max: 16:28

So a lot of companies, you know, started overlaying security on their cloud platforms and would say, okay. We're gonna offer firewall. I'm gonna ask you this question because you list EDR and email, so I don't think I'm throwing you, you know, under the bus here per se. But, you know, I think, originally, a lot of these a lot of cloud vendors were offering, you know, security and saying, okay. We can secure your cloud environment.

Max: 16:48

But reading email and EDR, this is more enterprise focused. So are you actually deploying on premise firewalls at a corporate office and putting a, you know, EDR in place and then backing that up with your own sock? And then you're nodding your head, so I'm saying that's a yes. And then let's let's talk about what this actually means in terms of the market landscape, you know, of, you know, how you comprise your SOC, what does this actually look like, who you're partnering with for these different components, what EDR, what SIEM, what firewalls, you know, how Yeah. You know, what are these different blocks?

Brian: 17:20

Yeah. Absolutely. I'll I'll jump to to my security slide here in a second. But wanted to key off of one point that you made there is that, you know, security in the cloud is important, but it's one part of a greater whole. So the solution around security should not just, unless you're a 100% in the cloud, your security solution is not a 100% in the cloud.

Brian: 17:40

So you've got to consider it with all of your assets, which include. You know, employee laptops. As as they go around the country, they're working from home, they're sitting in coffee shops. You you've got to consider that part. And that that is definitely where the EDR piece comes in.

Max: 17:56

So so, I mean, part of this for me is, I mean, just bluntly, right? Like there's when you look at service providers that only do security, and all they do is MDR and all I mean, that's literally that's all they do versus companies that are that are combining all these pieces together. And there's value in having you you know, you never wanna be in a situation where you've got fingers pointing at each other, and it's not me. It's me who actually owns what. I mean, that becomes a bad situation, but then at the same time, you know, I I just shake my head when I find out, like, oh, we went with, you know, Bob's house of security vendor, and you're like, you're like, there's, like, 3 people there.

Max: 18:36

You know? How how is this an an effective security posture for yourself? Or, you know, you know, oh, we partnered with fill in the blank EDR because we got a good deal reselling them. And you're like, you know, the r and d budget for a market leading EDR platform is 5 times the annualized revenue of the platform that you selected. Like, what was the decision making process with it?

Max: 18:58

So, you know, we're gonna we're gonna you you know, so I come from a place of, how to put this, skepticism healthy skepticism Yep. When people say, oh, we're a security vendor now.

Brian: 19:13

So Which which which shows that you understand the security market because everything starts with skepticism, and and should. So most of our security products, and there is one exception that that I'll talk to, are based on Fortinet's platform. So we've we've invested very heavily, and that goes back all the way through the green cloud defense and and even beyond that, with relationships with Fortinet. So very, very tightly tied with that. I talked a little bit about, you know, island and, and you've, you've mentioned it as well, very close ties with VM and Zerto.

Brian: 19:44

You know, island was the largest customer and partner of VM and Zerto for hands down. No one was really kind of touching that similar with, with what green cloud defense brought to the portfolio on the Fortinet relationship. So very, very strong there. They're viewed as as one of our very top tier partners, in in building solutions on top of that. So when we deploy our managed EDR product, it is Fortinet's EDR solution that we are managing for customers, both on premises, in the cloud, wherever, wherever they have endpoint devices.

Max: 20:19

And are using their SIM as well?

Brian: 20:21

Yep. Using their SIM, using their firewall, both, virtually within our, our cloud, the legacy Island cloud specifically

Max: 20:29

k.

Brian: 20:30

And physically in customer on customer premises.

Max: 20:34

So you've got, a client comes to you. Let's say you're getting the whole you're getting everything, or maybe you get some pieces of it. Right? But, ultimately, you start talking about connectivity. How do you connect to the cloud?

Max: 20:44

How do you connect to the Internet? So you're gonna deliver circuits to their offices. Mhmm. And you're gonna do put the firewall there, and you're gonna put the EDR on their desktops, and you're gonna give them an MDR service here with with your SOC. What about switches and access points?

Max: 21:00

I mean, is the client providing that themselves and responsible for it, or are you guys deploying or helping them deploy? I mean, in this case, I would assume, you know, Fortis switches and and APs.

Brian: 21:11

Yeah. So we we don't get into the management of those types of devices today, at least. I won't speak for the future because you never know. What I will say is that, we can we can resell that hardware. We can do, kind of bespoke professional services to get those implemented, get them in place, that kind of thing.

Brian: 21:32

We generally don't do bespoke managed services around that kind of thing though. Right. Customer comes along. That's everything's possible type of situation. What we do do is we, we tend to work very closely with partners.

Brian: 21:46

So we've we've got a mixed direct and channel type of a model that that we utilized very heavily tilted towards the channel side of things. So we work with a lot of managed service providers that that's what they do. So we've generally shied away from offering those services ourselves just because we do you know, it's it's an interesting tight rope to walk.

Max: 22:07

Sure. And, I mean, you get the you get the point where it's like, we're gonna do everything for you, but we're not gonna do these things.

Brian: 22:11

Yes. Yeah. So we You still need

Max: 22:13

a switch and and and Wi Fi access points, but we don't do that. But we'll do the firewall, but then the switches and the Wi Fi access points have to connect to the firewall. And then if you're actually trying to do, you know, any sort of, I mean, I wouldn't call forward in that segmentation, but if you're doing, like, VLAN separation and then, policy enforcement and and traffic, inspection to the firewall through VLANs. Right? So you guys have to own that.

Max: 22:37

Mhmm. I mean, is this all singularly managed by 1111? Is the is it co manage with the client? Do they they have access to log in and make firewall policy changes? I mean, is that an allowed allowed thing?

Brian: 22:49

Yeah. At this point, we we fully manage. So we more or less cut the customer off from managing it. We'll provide them read only access so they can they can have full visibility into what's going on there. But we wanna make sure that this is a a well defined you know, there's not 2 people pulling threads at the same time to potentially undo the entire sweater, so we can be very very cognizant of that security management side of things.

Max: 23:13

And risk scanning, I mean, is this, like, your, one of the platforms, Rapid7, Tenable, Qualys? I mean, are you talking about vulnerability scanning and patch management where, you know, something's actually either installed as an agent or scanning IP addresses? Or is this a just an external, hey. You've got a port open, in your you should know about it.

Brian: 23:35

Both and. So this this is a part this is probably the part that gets me the most excited, with the continuous risk scanning piece. Nerd. This yeah. Definitely.

Brian: 23:46

This is one of the exceptions. So this is not a Fortinet based product. It's it's using a tool, made by Code Intelligence. They're pretty, pretty small firm. In given our size and their size, we we work very, very collaboratively with them.

Brian: 24:04

In fact, I'm working on a project right now where they're developing some, reports out of their own system to help us with with presales of of this tool. And so what the what this tool does is, it it can scan externally. You just point it at an IP range, using using our scanners that that 11.11 runs within our data centers. Customers can deploy the scanner internally so that they can do internal scanning. Again, that's that external interface to the individual systems to see ports open, that kind of thing, as well as being able to run agents on individual machines to get even more insight into that.

Brian: 24:42

And what it does is it it does your traditional vulnerability scanning type stuff and and patch management. And, you know, here's all your vulnerabilities, and and here's how you can patch them. And here's the CVEs, and here's the the CVE score. What Coda and and what we offer through CRS on top of that is actually risk management. So being able to say, working with customers, part of the deployment, what we do is we go through their environment.

Brian: 25:06

We say, you know, what is the system? What does it do? How important is it to your business? Is it exposed to the Internet? Is it not exposed to the Internet?

Brian: 25:13

How many firewalls? How protected is this system to truly understand what the risk of a given vulnerability will be on a given system? So take, for example, there's there's been an unfortunate rash of VMware vulnerabilities that have been in the 9 plus range. Yeah. I I I see that look, and I feel it.

Brian: 25:34

But you know what? A lot of those vulnerabilities, if if they had been implemented properly in the environment, putting them on an admin network, putting them behind extra firewalls, putting them in a place where very few people can get to them, you know, even going as far as air gapping them so that the only way to get to them is to go through a jump host. If those proper, remediation efforts were already in place like they should be, and I don't fault anyone for not doing it because I've been there. I know how hard should be

Max: 26:02

to be. I'm gonna I'm gonna fault people publicly connecting their VMware hosts to the Internet.

Brian: 26:06

Oh, yeah. I mean that. Yeah. That that's like, let's put RDP on the Internet. Don't don't do that.

Max: 26:11

You you deserve the pain. Yeah. At some point, I'm it's just well, you know?

Brian: 26:15

But it it it goes deeper than that, obviously. The more the more protected that can be, the better. So a CVE score of 10, to to make it the worst case scenario, unfortunately, has happened with VMware recently, is is a big deal. And if you're just doing vulnerability scanning for that and saying, hey. You've got a CVE of 10.

Brian: 26:31

Go fix it right now. Drop everything and go do it. Yeah. Isn't truly identifying what your risk is with that. Because if you've got a a a low CVE score exposed to the Internet that is actively being exploited in the wild, you wanna go fix that first.

Brian: 26:49

That is far riskier because when when you get into the security space and when you talk about getting, getting invaded by by a cybercriminal, they don't need a very big toe hole. They they're expert rock climbers. They they don't you may look at that toe hole and say that's not a very good toe hole, but it's enough for them oftentimes.

Max: 27:07

Is the risk scoring something that is done on a host by host basis, or is it's done you know, in your example, when I think of, like, composite vulnerability scorings of, like, you know, this CVE is terrible. But in order to exploit it, you have to have admin access to the box in the 1st place, so it has a low risk. Or, you know, this is a relatively low CVE score, but it's actively exploited, so, therefore, you should probably do something about it pretty quickly. You know, I I I going through Log 4 j drastically changed how I look at vulnerability scanning and risk management with that and just I mean, Log 4 j, it just turns out was installed in everything. Like, literally, it was installed in everything.

Max: 27:46

And, and then, of course, mean, what did we go through? We went through, like, 4 or 5 version cycles where, you know, you you thought you'd it was like, okay. Everything got revved, and it was like, nope. That one's vulnerable too. Nope.

Max: 27:58

That one's vulnerable too.

Brian: 27:59

Wrenching up the CV a little bit more. Just a little bit more. Just a little bit more.

Max: 28:03

Such a painful experience.

Brian: 28:05

Yeah. So we we definitely do take all that into account. You know, again, working heavily with the customer to understand their environment so that we can put any given vulnerability on any given system into the proper context of the environment as a whole to be able to, understand the the threat intelligence aspect of things, what's actively being exploited. Because when when you look at the number of vulnerabilities, and and I'll speak more to 2021 because I know that data better because 22 is still not entirely, been been considered at this point. But when you look at 2021, the number of vulnerabilities was insane.

Brian: 28:42

I mean, we're talking tens of thousands of new vulnerabilities identified in in 12 months. But when you start looking at them as to, you know, how many of them were, potentially exploitable, that number cuts down considerably. When you consider how many actively were exploited in the wild, cuts it down considerably more. Now all of a sudden you're down to maybe 10% of them that you need to worry about. And guess what?

Brian: 29:09

You don't have half of those applications that were vulnerable, so now you've cut that down even further. Mhmm. So now you know what you need to focus on, but which ones are most likely to to get hit? And that's that's where risk separates from just simple vulnerability management and understanding, okay, if you go in and and this is what CRS can then provide in the end is open up a dashboard and a customer can see, okay, here's my current environment. I've got this number of vulnerabilities, this number of of remediations to do, this number of systems that are vulnerable.

Brian: 29:40

But here are the top 100, top 5, top 10, whatever whatever they wanna see there. And we'll actually put together kind of an executive summary of if you do these things, you're gonna spend roughly x number of band hours to to resolve them, and you'll end up changing your total risk profile from 99 to 47.

Max: 30:02

Are you are you doing endpoint incident response with your clients, or is this a, hey. There's something going on. You should deal with it. You know?

Brian: 30:10

Kind of a pro

Max: 30:11

I you know? The the the I'm I'm looking really specifically as for, like, where the what the re you know, what the where the lines between who's responsible for what, you know, breaks down.

Brian: 30:20

No. And that's that's super important that customers understand as they investigate security vendors is who's watching, who's acting, that kind of thing. So that's that's where I like this slide because it kinda shows what's passive, what's active. So, you know, from a CRS, from a sim piece of things, that's just really looking at data. It's it's it's it's gathering the data, but it's not really, doing any sort of action.

Brian: 30:45

It it may be recommending things. It may be highlighting trends. It may be highlighting potential situations. But then you need to flip over to now we're talking firewall. We're talking the the EDR side of things, which is the let's actively defend.

Brian: 30:59

Let's do something about what's going on. So the firewall obviously is is gonna try to block things, in a in a very shield type of type of manner. We can tie in, you know, being fully managed if something un uncouth is happening in the environment, and we can see, oh, there's there's command and control stuff moving on. We can see that in the SIEM because we're collecting your logs. Now we can go into your firewall and shut that down so that that vulnerable or that, that active exploitation can can be hopefully shut down at that point.

Max: 31:33

Aggregating all of your security information into a SIEM is fantastic because then you have a, you know, correlation, you know, and and every you know, a source of truth, let's just say. Now what what I'm always looking for with these things is, you know, taking that next step. Right? So, you know, is this just, hey. We're we're logging data into the SIEM.

Max: 31:58

Are you know, are you feeding threat intelligence into the SIEM? You know, who are you feeding threat intelligence into the SIEM with? How sophisticated has your, you know, your your SOC process gotten with your SIEM in terms of, you know, unusual traffic detection or unusual activity detection. Right? You know?

Max: 32:16

I guess a good example of, like, hey. This user has never accessed this application from China ever before in the history of this user being an employee slash this application beyond the Internet. Like, you know, some people have manufacturing and and employees and team in China, and some people don't. So, like, how how smart is this platform for your clients?

Brian: 32:39

Yeah. So, again, the sim the sim is the center of the universe for that kind of stuff. We do have, for our sock, a a SOAR implementation that helps to to automate, coordinate all these different pieces together. So that's kind of our our core platform for all this. Working with customers when we onboard them, we spend a lot of time, again, understanding their environment.

Brian: 33:03

It doesn't matter which of these tools we're talking about. We spend a lot of time discussing their environment. What are what are the right behaviors? What are wrong behaviors? We bring a lot of experience with our SOC.

Brian: 33:13

We've got about a dozen analysts working between, 2 locations in the US and and in the UK as well. So we bring a breadth of experience. A lot of that's coded into the platform to begin with, and and we go in with a lot of defaults for customers and then work through those defaults. Hey. Is this is this valid for you?

Brian: 33:30

Should I tune it up? Should I tune it down? The idea really being with with the SIEM piece of things is to be able to not only do that correlation, but to cut down on the noise, to really understand things like like you mentioned is that, hey. We have employees that generally are never going to talk to anything in China, and we should probably flag that with some exceptions. And then relying on our analysts to then review those alerts before shipping those off to the customer and letting them know, hey.

Brian: 34:00

There's a there's a situation happening. At that point, the the EDR and the firewall play into to helping to defend and stop things. The EDR is is really more of the, endpoint automation, shutdown processes, shutdown, any any network traffic that it sees that is, inappropriate or that we alert it through through the SOAR implementation from SIM into that into that system. But when it comes to, hey. Something has broken out that that machine has been locked with with BitLocker, whatnot, we don't get involved with the direct, the direct interaction of of that, incident response.

Brian: 34:42

We again, this is a very fast moving environment, and what we found is that, one, we're not staffed to do it that way. That takes a very specific type of staffing, a very specific approach to things that we don't have internally. Historically we've relied on third parties to, to, to be, they, they can jump in quick and help out with those things with customers. We believe pretty heavily in in a segregation of duty in that space too. Like, if we're defending, we we maybe shouldn't be getting involved with the response.

Brian: 35:16

And and especially once we start getting to the digital forensic side of things to make sure we're not not protecting ourselves.

Max: 35:23

Specific. Maybe let me ask a specific question here. Yeah. You know, best case scenario, you know, something happens and you notice traffic the SOC notices traffic is, you know, there's there's a traffic abnormality. Right?

Brian: 35:44

Mhmm.

Max: 35:44

My example earlier of all of a sudden, something is connecting to an application from a place it shouldn't be connecting from, or it's never connected in the past. You know, at this point, are are you is your SOC team going to take proactive, you know, intervention measures? Or is this a, you know, notification? Yeah. Customer, this is going on.

Max: 36:06

This is unusual. We think this isn't right. Yep. What's what's what's that?

Brian: 36:12

Depends on the agreement that we that we built during onboarding with the customer. But generally any actions we're going to take directly to stop things are going to be through the EDR on the firewall pieces. So we may have an agreement that they say, if you see anything that isn't right, go ahead and execute on it. And then let us know. So we may institute firewall rules.

Brian: 36:32

We may, you know, tell the whole EDR environment to shut down this particular executable if it sees it. Other customers be may be more of the we don't want to shut things down without talking about it first. And at that point, we'll notify them and start a conversation around that. So depends on what the customer wants in that regard. Anything beyond what the firewall and the EDR are are there for to do is is not going to be on us.

Brian: 36:56

We're gonna be in an advisory role. We're gonna come in and we're gonna say, we noticed this thing and and kinda guide them, but rely on them to do the execution within their own environment.

Max: 37:06

I mean, so there's scenarios I can imagine where clients are coming to you for backup or cloud or maybe even connectivity that wouldn't take security. Are you selling security stand alone from your cloud and connectivity products as

Brian: 37:17

well? Absolutely.

Max: 37:18

And then, you know, the next question I mean, just thinking about, you know, your underlying vendor platforms here or stack, it would be, you know, when do you move into I mean, I'm gonna use big air quotes, a full sassy offering. Yeah. And and I'll I'll actually be a little more specific with this, in the sense of if you're putting you know, the FortiGate's do a decent job at, you know, most of the SD WAN function for a client, you know, most of it. Right? There's there's cases where they don't, but, you know, the the next piece would be for, you know, your work from home, your remote users that are not behind a physical firewall at a premise.

Max: 38:03

You know? Do you are you are you offering that, you know, web gateway product, and managing that for companies as well?

Brian: 38:11

Yeah. So today, we're we're offering that full SD WAN solution with with the FortiGates. Mhmm. So FortiGate is an interesting product for us because it can be a security product. It could be a cloud product.

Brian: 38:22

It could be a connectivity product. It can be all 3 at the same time. So. You know, we, we do offer the full, Hey, you want an SD WAN solution to, to connect users into the cloud and the on premises solutions. We can build that, including the, the last mile, the, the, the broadband type solutions that all, all those pieces.

Brian: 38:41

So we can bring a complete solution for that. Yes. Some of the other products, like web application gateway are, are kind of on our roadmap. We don't have them today. And it's a bit of understanding what customers are looking for and, you know, we're beginning of the year, so we're really taking a hard look at the road map and what we're going to approach for the year, you know, as as we talk here at the beginning of 2023.

Max: 39:04

I and the conversation I'm having right now is this this,

Brian: 39:09

I

Max: 39:09

mean, you talk to an IT team, and you're like, you know, they're reopening offices, and there's a push to reopen and to have a, you know, a return to office. But then you say, you know, what percentage of your workforce is gonna be in your office and what percentage is gonna be remote on any any given day? And the the other response is just like, I have you know, like, whatever. You know? Like, just like the hands just go up in the air.

Max: 39:27

And and and, really, you know, I'm not gonna make a forecast on, like, office versus not office, but it really does feel like the normal going forward is this expectation of a significant percentage of, you know, of employee access from not a traditional office setting as a as a permanent requirement. And, you know, having a secure Internet access and secure you know? Yeah. I mean, I'm trying not to use different trade names for these things, but, you know, secure web gateway and the z tna type functionality that can be extended outside of the office, you know, it it there's, like, 2 more dots here on your on your on your slide you need to plug in. Right?

Brian: 40:11

Yeah. Yeah. There's there's definitely more to be built. No doubt about that. Like I said, the security space is moving very, very fast and, you know, being a security specialist really makes you a generalist these days because there are so many.

Brian: 40:26

So many sub aspects of it.

Max: 40:28

And your SOC is separate from your data center and cloud NOC operations? This is a dedicated function? Correct. Yep. And then, you said it was in the US and in the UK?

Brian: 40:39

Correct. Yep. Okay. Two locations in the US and one in the UK.

Max: 40:43

Okay. How, how big is your SOC? Like what's your staffing depth?

Brian: 40:46

Yeah. We're we're about a dozen right now. I don't, I don't know. And I'm not sure if I can even share the exact number at that point. But highly experienced people.

Max: 40:56

You

Brian: 40:56

know, we've got 4 or 5 different tiers of of analysts, involved in there, including people that are more focused on the automation aspect of things with our SOAR and making sure that the the data is in the analyst's hands when and where they need it.

Max: 41:12

So let's talk about your cloud services. This is and your and backup and Doctor and, VMware and everything else that fits into this.

Brian: 41:21

Yeah. Yeah. Definitely. So, again, pretty heavily leveraged in what Island offered previously with, with some plugins from the other, other organizations that we've acquired. And again, not including the sun guard stuff at this point, we're, we're just now starting to figure out what pieces are gonna plug together.

Brian: 41:38

So as you mentioned, backup as a service, Doctor as a service are 2 of the big things. Our backup as a service is not only backing up virtual machines that customers have running on premises, but also some some capabilities. And we've got some, some road map to build it out further to to back up from the hyperscalers.

Max: 41:57

For clarity. Yeah. Define the difference between backup as a service and Doctor as a service.

Brian: 42:02

Okay. Good good point. So backup as a service being, you know, backing up virtual machines is is really what it kinda comes down to or backing up Microsoft 365 from a SaaS perspective. Doctor as a service is is similar but different. And to me, it's really important that customers understand the difference there because Doctor as a service is about re restoring functionality as quickly as possible and and with as little loss as possible.

Brian: 42:30

So the classic example is with backups, you're talking generally 24 hours of, recovery point objective. You know, when you restore it, you're gonna lose most likely about up to 24 hours, potentially more. With the hours of service, we're talking much narrower time frame frames and much faster restoreability. So with 11:11, when we go to market with BaaS and DRAS, we're we're talking with customers and really trying to understand what their business needs are for for recovery and then creating a solution based on that using those two tools. And the 2 work very well together.

Brian: 43:04

One doesn't replace the other by any stretch of the imagination because, with backup as a service, we're not focused on being able to recover those backups quickly. That's what Doctor is for. It's Doctor is that push a button and things start restoring automatically because you've predefined what needs to start, when it needs to start. You just, as part of pushing the button, need to choose, you know, what time frame, what point in time do you wanna recover to? Whereas backup is more designed for, I need individual files.

Brian: 43:31

I need an individual VM in that restoration could be to our cloud. It could be to on premises. It's built in a way that it's, convenient for both, but not necessarily ever going to be as fast as as Doctor is going to be.

Max: 43:45

And your huge Veeam and Xero partners, how much this is is this a product selection where you go through this evaluation, and it's like, oh, we we want backup or we want Doctor, and that drives you to Veeam or Zerto? Or is it do you just it's this is client preference. You know, they they know and like or already have 1, and that's you know, drives the okay. Great. You know, you've chosen, you know, a DRAS pro you know, service, but, you like Veeam, so you use Veeam, or you've chosen BaaS and you like Zerto, so you use Zerto.

Brian: 44:14

Yeah. It's it's as any technology decision, it's it's a lot of all of that. So spend a lot of time. We, we have a fantastic essay team. They, they blow me away constantly having been an essay in the past.

Brian: 44:28

I'm super impressed with, with the team that we have. They'll sit down with customers and understand what their business needs are. And and, really, those needs have to really should be defined at the business level. If you're coming in as an IT person talking to somebody about Doctor and you haven't talked to the business about what they need, you're you're gonna fail. Right?

Brian: 44:46

And sooner or later, you're gonna fail. You may complete the project successfully and create something, but if you ever have to do that failover, it's not gonna go pretty. I've been down that road so many times. I don't hesitate to say that out loud on on the record. So working with with those customers to understand those needs is is really the goal and ideally to to take whatever tools we have and put them together to create that customer need.

Brian: 45:12

Rarely ever do we do both, Veeam based Doctor and Zerto based Doctor just because it it's too much. It it it just doesn't make sense. You lose a lot of the benefit of push a button to restore type functionality there. Mhmm. Though there is theoretically a use case with a large enterprise customer.

Brian: 45:31

So working with them, of course, they'll take into account, hey. We already have a thorough Veeam implementation. Cool. Well, as long as you don't need a very specific thing that that Zerto provides, then we're we're good. We can we can go forward with that.

Brian: 45:44

They already have Zerto in place and they want to, to use that going forward. They just want to swing their, their, their Doctor location from, you know, maybe a secondary on premises data center to to Island's data center to 11:11's data center. There I I made that mistake finally. We can do that. Of course, those those go into business requirements and understanding what the right solution is for the customer.

Brian: 46:09

So the answer to your question ultimately is yes to everything, and it's it's really trying to figure out the right balance for the customer both in the in the short term and the long term there.

Max: 46:18

And this was I mean, you know, this was an amazingly well kept secret for Island, both in the BaaS and the DRaaS options, but then the next part of it, which is, you know, being able to predefine a, application environment in your VMware v cloud, but not pay for consumption of that until you needed to hydrate those VMs. I love that term, hydrate the VM. It's what I

Brian: 46:45

came up with. It is just so good. Unusual.

Max: 46:47

Yeah. I know. Right? It's just it's so it's so good. Makes me laugh every time I say it too.

Max: 46:54

You know, but to hydrate the VMs and and to actually recover. And and, yeah, I you know, let's let's I think you should talk about that a little bit, because I it's been a while for me, and it's, I think, a a pretty big core component here of Yeah. Of what you guys do.

Brian: 47:12

Yeah. Absolutely. So our our Doctor as a service environment is really built on a platform we built for IS. So it is a it is a full infrastructure as a service based on VMware based on VMware V cloud. So, you know, a big part of the solution there is that it's pretty rare.

Brian: 47:31

We come across the customer that we do definitely run into hyper V Nutanix customers, but, we are a VMware based cloud because most customers are running VR on premises. And when they wanna fail over, the last thing we wanna deal with is a conversion of VMs. I'm I'm a very firm believer in that. I'm not a big fan of restoring to AWS and Azure because, guaranteed, you're gonna have to not only, change that VM into something else, but they've got a very different model of what a VM is than what even Hyper V and Nutanix have from what VMware has. So I'm a really big fan of Island before I was working here, as as a person that likes to look at the industry and what all is going on because of that fact.

Brian: 48:14

So that IS platform is we have customers that run production infrastructure on that, infrastructure. And that could be public cloud where, you know, Coke and Pepsi are sharing the same set of hosts. It can be private cloud infrastructure where it is all orchestrated by vCloud director and and provided through, our custom built console so that they can manage those VMs in that way, but know that they've got their own hardware stack with which to to run on. Or we could do it as, as kind of a bare metal as a service type of solution where we provide, all the core components to the customer, and then they lay down Windows, Linux, ESXi, whatever they want on top of that to to be able to manage their own environment. Each one implies different levels of access to the underlying each one implies different levels of access to the underlying infrastructure.

Brian: 49:02

Obviously, with public cloud, you're gonna get very little access. Mhmm. You know, you get at best, you're gonna get vCloud Director access. You're never gonna touch below that. So, again, looking at customer needs around that, and and that whole platform is is essentially duplicated for our Doctor as a service.

Brian: 49:17

So when customers fail over, you know, we never know. Are they gonna need a fail over for an hour? Are they gonna need a fail over for a day? Are they gonna fail over forever? And we definitely have had customers that fail over to us.

Brian: 49:29

They're like, okay. We we didn't really trust cloud with our production, but we were forced to. And, hey, it actually works really, really great. We like this. And we just simply flip that over into our iOS environment, and they just keep on marching their merry way.

Max: 49:44

Or either side of it, which is you fail over and you start running, and then you start trying to figure out how to fail back. And you're like, god. That's a pretty big pain. You know? And and, let's just not, which Yeah.

Brian: 49:56

That definitely happens.

Max: 49:57

What is lab?

Brian: 49:59

So lab this this is this is the one that gets me excited on on the cloud slide more than anything else is, lab engine is the product there. So lab engine is again built on top of that same platform in our IS scenario. But what it does is it it layers on, a level on top of that that provides an environment for for our customers to be able to create their own, dynamic lab environments. So they can create a core identity of what's what a lab environment would look like and then share that out with, employees, customers, prospects, whoever. Heavily used, like, in training type environments.

Brian: 50:38

If you've ever been to, ZertoCon or, VeeamON, you've used LabEngine. They both utilize this LabEngine product to do their hands on labs and to be able to give, you know, attendees that ability to actually create a whole environment. You know? Here's here's your primary site with a couple of servers and a and a Veeam server. And over here is a Doctor environment that is you know, has has the Internet between the 2 of them, logically speaking, of course, that has a couple of hosts.

Brian: 51:09

And now you can fail those virtual machines over in a completely self contained lab environment. And when that when that, that hands on lab is completed and the user walks away, the whole thing gets destroyed and a new one gets spun up for the next user. So very, very cool technology. It's actually been around for a very long time and is very much a hidden gem within the the 11 11 portfolio. So I love talking about that one because it it it is a fairly narrow use case, but there's very few solutions in that particular space.

Brian: 51:41

And and it can be a lot of effort to build that environment, from scratch.

Max: 51:47

You said something about bare metal at IS, but you also offer colocation.

Brian: 51:52

Mhmm. And

Max: 51:53

so, I mean, is that a a global footprint offer or select markets? You know, and and, I mean, why would somebody colo with you versus an IaaS versus colo with, you know, a a different building. Right?

Brian: 52:10

Yeah. So our our, colocation is is really to help with customers who have varied needs, if you will. So we're not going out there in a Phoenix Nap type model where it's like, hey. You can you could you could buy a U. You could buy a rack.

Brian: 52:28

You could buy a cage. You could buy a room. We're not offering it at that level anymore. That's that's been a product that we've kind of phased out over time and is really focused today on, hey. I wanna move my production to to the cloud.

Brian: 52:41

I've got 90 virtual machines. I wanna move them out to the cloud. But I've got this one this one machine that is connected to our I series or connected to some other sort of legacy type of device. Not that legacy devices are bad or shouldn't be in an environment today because they they very much serve a role, but those environments that can't be virtualized. It's really designed to help enable those types of use cases.

Brian: 53:07

Customers that wanna bring a very specific hardware, firewall, or some other network type device, we we provide that capability in not all of our data centers, but most of our data centers to be able to to rack up their their own physical equipment so that they can connect it in with the cloud solution because we we're not gonna claim that everybody should be a 100% cloud.

Max: 53:28

Sunguard had a I mean, you just triggered something for me here, which is so Sunguard had a very specific service offering around AS 400 hosting and management. Is that something that you've acquired and are continuing with? I mean, this is a it's a it's a very it's a that's a niche. Right?

Brian: 53:43

Yeah. It it is very much a niche, but it's very much a if you can't scratch that particular niche, to make a really bad pun, you don't have a chance at at working with that customer because they need that. I I worked at an insurance company. I know how important a mainframe can be to the core business.

Max: 54:04

Oh, they're never going away. I mean, these things

Brian: 54:07

I know the few that have managed to eliminate them out of their environments, but it is by no means an easy project. And they're usually at at least you know, we're talking decade scale in some of those cases.

Max: 54:18

So who's, I mean, who's who's a good customer for 11111 at this point? I you know, I and I Oh, wow.

Brian: 54:28

Let me

Max: 54:28

let me put this in a few different kinda context. Right? You know, we can I'm I'm curious, you know, how you would view that from a, you know, like, services mix. But I'm also interested in terms of, like, a sizing, you know, and, like, where you guys are, like, focused and optimized on. Like, you know, where where do you really like, what becomes, like, your bread and butter or, like, your sweet spot?

Max: 54:47

Everybody will be like, oh, you know, we can scale all the way down to here, and we can scale all the way up to there, but, like, where's where's the place where, like, you know, if if you walked into a meeting and started going through, like, a a discovery workshop, you know, and they start checking boxes, it's just like, oh, this is a no brainer. You know? We're gonna knock this out of the park.

Brian: 55:09

Today, again, kinda leaving the Sungard piece to the side, given the fact that it has been fully integrated with everything, and gaining tools like a native AS 400 Doctor type type solutions that they offer. They have much more niche products in that space than, than the, you know, legacy island and GCD pieces. Today, we're, we're really more focused on the mid market piece of things. You know, we can, we can scale fairly small, but of course there's always a, additional investment that has to happen with, with any solution. So I'm not going to claim that, you know, a random mom and pop that has 10 VMs that we're gonna be right solution.

Brian: 55:52

We would generally point them to an MSP that may be using us on the back end, and they get that that level of scale across multiple customers. Again, why we why we come with such a heavy channel focus in that regard. On the enterprise side of things, we definitely have enterprise customers. We have some very large, organizations that that we have as customers, some of which I could name names and you would know some of which I can't. And, you know, even some of the big names don't have a lot with us.

Brian: 56:20

They may just be doing backup, for example. But, you know, we were thoughtful about those types of customers that could we support them in an IS model if they decided to move production over? So one of the bigger names that that I know is is out there and we have, actually have case studies on is like Lush, the cosmetics bath and body, store. I know that one well, because my wife is a big fan. And I use their products as well.

Brian: 56:46

I won't lie. So, you know, we we can we can scale the enterprise. They aren't the use cases we necessarily focus on, because there are a lot of challenges there. You know, they can be highly demanding. They can be more expensive to have as a customer.

Brian: 57:03

So it it's not that we can't support them. It's just that we we have to be mindful about the the bottom line on things and and making sure that one large customer doesn't disrupt all the other customers. Well, a layer on top of that is SunGard comes in. Part of part of the attraction with SunGard to 1111 was their enterprise focus and what they've been able to do with enterprises and and be able to support them in a successful manner. So we're, again, going going through that process, understanding what pieces and parts are key to that so that we can start integrating them together into a into a single solution there.

Max: 57:36

So when you say mid market, are you talking, you know, look like, employee count, you know, so head count, revenue counts? You know? So so I think mid market, I think, I mean, everybody defines us differently. Right? Some would say, like, 500 to 5000.

Max: 57:50

Some you know, I mean, those numbers go up and down pretty pretty significantly.

Brian: 57:55

Yeah. I mean, we don't we don't, focus too much on defining that space. You know, within the sales team, it's it's less about, oh, this this customer has less than 500 employees. We're not gonna deal with them. Or this customer only brings in, you know, a $100,000 a year, we're not gonna focus on them.

Brian: 58:13

It it's really more about what their IT is like. You know, number of virtual machines I talked about before. You know, the complexity of their environment plays very heavily into there because you can have a a company of 50 people have very complex environments and need a a complex solution in order to solve their needs. So it's less about the the the the total revenue or the number of employees or the number of offices and and more about what kind of solution they need. So we generally will take a call with with anybody who's interested in the solutions that we offer and work through, hey.

Brian: 58:46

Is this is this the proper fit in the first place, or should we should we should we give it to one of our MSPs to manage because it's it's a little bit more high touch than we're used to even though it's a smaller environment? So there's there's a lot of decisions that go in around that.

Max: 59:03

We talked about ISO certification earlier. Yeah. But, you know, along this line, you know, you get into lots of others, manufacturing, CMMC, you know, FedRAMP, ITAR, PCI, HIPAA, HITRUST. Are you playing in those spaces? I mean, do you have, if, you know, if you have a you know?

Max: 59:25

I mean, so what would be the example? Right? Like, SEC regulated, banking regulated, defense contractor, you know, health care. You know, how how deep does your compliance bench go for these kind of organizations?

Brian: 59:41

Yeah. Goes very deep. The legacy island piece of things that, again, the 11:11 cloud platform is primarily based on was very focused on security and compliance. So had a lot of features built in that that other VMware cloud providers weren't weren't providing, things like we had vulnerability scanning built in customers didn't have to pay for it. They had a simple report that they could, they could get once a week or they could run on demand.

Brian: 01:00:08

We have Trend Micro built into the platform. Customers can simply just load load it into their VMs and and be able to to have that protection built into the platform. So focus a lot on that, particularly over the last 5 to 8 years to build that in there. Pretty solid core now. Having more robust managed security products in in the portfolio, we're we're slowly shifting things underneath to be more in line with what we offer to our own customers, eating our own dog food type of thing, if you will.

Brian: 01:00:38

Mhmm. Mhmm. Along with that came compliance. So we've we've been very focused on compliance, making sure that customers can feel assured that, you know, if you're if you're covered by GDPR, if you're covered by ITAR, if you're covered by HITRUST, are all ones that that we we definitely talk about. You know, talked about ISO and and making sure that customers can trust our processes, that we're following them, that that they can understand what's going on there.

Brian: 01:01:04

And and then built into our console, being able to provide reporting on all of that so customers can very easily access that for their own needs. If it comes to the point where they need to talk to somebody, we have a dedicated compliance team that is available as to customers, both pre sales and post sales, for certain amount of time, depending on what they, what they need there. So if they get into an audit and they're like, we're we're, we're really relying on 1111 for this. Here's their report. The the auditor comes back with a few questions.

Brian: 01:01:35

They can then contact our our internal compliance team who my goodness. I compliance is one of those areas a lot of us technologists are like, I don't want anything to do with that. Give me a specialist to work with that. I've never worked with a better team. And and in fact, you can go back, and and I do I do a podcast as well for, for for level 11.

Brian: 01:01:57

It goes back to the island days. Not focused on our technologies, but focused more on the market. Mhmm. And on one of those episodes where we talked about compliance, I had, the person that was leading our compliance at the time on, and it was just so exciting talking to her because she loves compliance. She loves talking about it.

Brian: 01:02:13

She loves everything about it. And I'm like, this is the kind of excitement I need on these places to make me interested in it. And so working with them is is actually a a pleasure both internally, and and customers rave about them as well. They're they're consistently one of our higher rated departments in the company.

Max: 01:02:31

Every everybody going through a sock audit right now. I'm sure it's very excited about compliance. Yes.

Brian: 01:02:36

You

Max: 01:02:36

know, there's another icon here I should ask you about. Mhmm. Secure cloud backup for Microsoft 365.

Brian: 01:02:42

Yep.

Max: 01:02:44

So I think the conversation starter should be something along the lines of, wait a minute. It's in Microsoft's cloud. Mhmm. Doesn't Microsoft protect me?

Brian: 01:02:52

The answer to that is sort of. Just like any other place where you've got data, you need to define the level of importance to that data, the rate of change to that data, how often you need to protect it, how long you need to protect it. Compliance comes into play. It's it's complex. It's it's not easy, which is why we have focused on that as as kind of our first SaaS offering.

Brian: 01:03:16

We we're constantly evaluating other options and and what to do there. So the thing I'd like to, use to demonstrate the importance of that is that, hey. When you were running Exchange on premises, you had it backed up on a regular basis. Right? At least every 24 hours, and you're keeping them off-site, and you're keeping them for yeah.

Brian: 01:03:36

So on and so forth.

Max: 01:03:37

Have you ever had if you ever run Exchange and you had a information store correction, priv.eba. Right? Like, if for that ever went on you, you really wanted a

Brian: 01:03:46

Yes. Yes. And backups are important.

Max: 01:03:48

Attack here.

Brian: 01:03:49

Yeah. Backups are no less important when you put them into a SaaS provider or cloud any any sort of cloud provider. In this case, of course, we're talking SaaS. So does Microsoft protect it? Yeah.

Brian: 01:03:59

They're they're gonna give you resiliency. They're gonna give you redundancy. They're not necessarily going to give you those for the data itself. That's more for the services. Also, you know, one of the reasons I mean, you didn't rely just on replicating your exchange data.

Brian: 01:04:15

You you relied on backups that were taken out of 1 system and put into another system, And that's a key part of that, 3 to 1 concept of backup, which we all subscribe to for the most part at this point in our data centers. But for some reason, we're like, after all that experience away when we move to the cloud. No. You know, we've got baked into our IaaS platform backup so that customers can move their data from one data center to another. And and we segregate our data centers in a way that customers can can view that as a complete separation at that point.

Brian: 01:04:48

If one data center goes down completely, if our console goes down, they still have access to that data through, the Veeam Explorer through through native Veeam tools. They can still access all that information. So being able to access that data when the main thing burns to the ground is is one of the primary purposes of backup. And anybody who's dealt with any cloud platform knows that they're never always available. Bad things happen.

Brian: 01:05:12

You know, employees and bad actors can accidentally or purposely delete data, and it can go unnoticed until it rolls off, you know, the the the backup schedule. Again, if that's a very short if it's just a recycle bin and you've got 30 days to restore it from the recycle bin, that's great if you notice it in 30 days. If you don't notice in 30 days, you're really hopeful that there's there's a backup somewhere that has that.

Max: 01:05:37

So so actually, this is kind of relevant. We were talking about you mentioned BitLocker earlier. Mhmm. 20 22 stats, decreases dwell time pretty significantly. Yes.

Max: 01:05:51

You know? So now I think we're I mean, I I saw this I saw dwell time as high as, like, 200 and some odd days, and I the average dwell time now is about 3 weeks, 20 days, 22 days. But this brings into a an interesting question when you start talking about, you know, ransom more specifically as an attack, and as a as a incident event for a for a company. How do you validate and decide and determine a restore point after a ransomware attack? Like, you know, how how are you guys helping clients with this?

Max: 01:06:27

Right? So, I mean, you know, I I mean and and we could use Baz or or Draz, you know, as, you know, I don't I don't I I'm I'm I don't care. You know? We don't get too technical or too specific, but, I I think this piece is missing from a lot of the conversation around ransomware and security is the backup side of it, and then, of course, the, you know, like, what do you actually do when this happens to you?

Brian: 01:06:53

Yeah. So that, that is definitely a conversation we have with customers as they're defining what they need from us in these spaces. One of the nice things with the 365 backup specifically is that is unlimited retention. So it's a dual edged sword, definitely. But, customers can keep their data as long as, as long as they want really is what that means.

Brian: 01:07:15

If they've got regulations or they've got, valid situations where they just don't want to keep their data forever, they can, they can tune that down. That that is an option. But by default it is, it is unlimited retention. So you can go back as far as you need to, with their backup as a service, it's it's a little bit more, you need to define what retention you want and there there are cost implications to that. So working with customers to figure out how long do you need to keep your data?

Brian: 01:07:39

What regulations are you are you beholden to? You know, if you're if you're a health care provider and you wanna backup systems that have pediatric data, well, in the US these days, you've gotta keep that for potentially 18 years plus. So understanding those types of things, again, having a very strong compliance department that knows what they're doing very strongly, informing our our our field team so that they understand what those customer needs are in in different verticals so that they can help drive that conversation, and define what solution a customer needs for that. Now, when it comes to the restoration side of it, that's kind of on the customers at this point to, to figure out, you know, what, what point in time is the right time for them to restore to. That is definitely an area that, in the product innovation team, we are considering very heavily what we can do to help customers in that space, in a, you know, computerized automated type of fashion.

Brian: 01:08:37

Don't have anything to talk about today, but there's definitely, definitely ideas floating around and, and product. I expect that we'll, we'll release sometime in the future.

Max: 01:08:46

I mean, the real world nightmare is, is okay. We've got ransomware, you know, go back to backup and you re restore the backup and turn the machine back on and the backup had ransomware on it. And you're like, okay, go back farther. And then you're in this cycle of like, okay, how far back do we, you know, and, and is, you know, people don't talk about this. Like, nope.

Max: 01:09:04

You know, it's it's, you know, retention strategies for backups, you know, it's normal to be like, okay. You know, we're gonna have nightly you know, like, full nightlies or to keep you for you know, weeklies for a period of time or to keep a a monthly going back however span of time. When you actually turn around and say, okay. Like, let's restore a backup from, like, 3 months ago. There's a lot of change in a business Yeah.

Max: 01:09:29

In 3 months. You you know, like, you know, I mean, that that, that I mean, it's great that you have it, but going back 3 months in time, you know, it's it's it can be like going, like, going going back to the stone ages for some

Brian: 01:09:43

But that's

Max: 01:09:43

some environment.

Brian: 01:09:44

That's also highly dependent on the system. I mean, my web server in a 3 tier environment, it may not change in 3 months, so that may be okay. And we, we, you know, we're we've switched from dailies to weeklies to monthlies fairly quickly. But, you know, when we're talking about the database on the backend, that, you know, all the dynamic parts of that website are in that database and that is changing on a minute by minute basis. Now all of a sudden, maybe we're maybe we're not doing every 24 hours backup.

Brian: 01:10:09

We're we're taking a backup every every hour. And, you know, we'll have customers that say, okay. We're gonna take a backup locally every hour and every 8 hours, every 12 hours, we're gonna ship that over to 11:11, put it on their cloud so we've got that off-site storage taken care of, and then we're going to retain that, you know, every 8 hour backup for, you know, a week, 2 weeks, depending on, depending on what they need. Like, like you said, keeping a, keeping a daily backup for a month may be completely worthless. Like having that level of granularity doesn't matter at that point.

Brian: 01:10:46

You've lost so much data. It may not make a difference. So save, save some money and not have to store that money. And again, this is company by company, server by server decision that needs to be had. And, you know, we do a lot to to help guide customers there.

Brian: 01:11:00

We don't we don't prescribe, but we've got a lot of best practices. We've got a lot of experience to to help customers with that because, you know, most customers, have been there. I only know my environment. And that was part of the reason I decided to, to move from a customer to a, to a VAR was I only see one environment when I worked with the customer. I want to go see dozens and dozens of environments a year and, and see what other people are doing and, and bring that that experience, that worldview from all of my customers into every customer individually.

Brian: 01:11:30

And so that's that's a big part of, you know, being a service provider for us is to be able to bring that experience to customers.

Max: 01:11:38

You know, it's it's so it's, what is it? It's January 18th. You know, crystal ball question. What does 2023 bring?

Brian: 01:11:44

Oh, man. I've I I did a whole blog post and a whole parameters on that. Yeah. I mean, from a cloud perspective specifically, it's you know, we've we've seen a huge ramp up in the last 3 years, with with cloud. And if you look at some of the polling, that that is done, you know, independently, a lot of surveys are are finding that customers are starting to get to a a stasis point, meaning they may have moved a ton of stuff into the cloud, but they're finding some stuff maybe shouldn't have been in the cloud or, you know, works fine in the cloud for the use case they needed at the time, but decided that, hey.

Brian: 01:12:23

We we can actually we've got evidence on both sides. It's actually more effective to be on premises.

Max: 01:12:28

Or they found out that AWS is actually really expensive?

Brian: 01:12:31

Yes. You know, repatriation due to cost is definitely a thing. Yeah. And I

Max: 01:12:37

see a lot of that.

Brian: 01:12:38

Yeah. And, you know, my advice with customers there is always AWS is one business model amongst many for the cloud. So don't throw the cloud out with that, with that particular bathwater. Because there's, you know, we have a, we have a very different model than the way AWS and Azure and GCP go to market because we saw the flaws in what they're doing and said, Hey, there's, there's a need to do it differently. So, you know, we have, we have a very different model in which we, we go to market.

Brian: 01:13:06

So, you know, we've, we've, we have one customer that's huge, fairly common name in the IT space that they run their SaaS based on virtual machines in our in our platform. So if you're accessing their SaaS services, odds are you're hitting 1 of 1 of 11 eleven's data centers as a virtual machine. And they're constantly asking, is this still the right model? Should we replatform this particular thing to AWS Azure? Should we should we rewrite it into a more cloud native type of a model?

Brian: 01:13:38

And and they're finding that the effort to redo their code is actually more expensive than just running it in virtual machines, which is kinda counter to everybody is like, oh, you gotta you gotta be as granular as possible. If you're not using microservices, you're doing cloud wrong. That's not true for everybody.

Max: 01:13:54

Oh, come on. Let's not get into a microservices versus monolith like argument right now. Yeah.

Brian: 01:14:00

There's room for both. That's and just like we talked about, you know, there's still mainframes out there, and there's still a reason there's mainframes out there.

Max: 01:14:06

You know, the original promise of the cloud was elasticity, and elasticity is great in certain requirements. But when you start talking about, especially mid mark mid market enterprise, the amount of elasticity that is required in an IT system on a, you know, month over month or quarter over quarter basis, it's just it doesn't exist. Yep. And and, you know, the thing that that I see a lot is once you get to, you know, you say stat stasis. Once you get to your steady state, you know, at some point, you get to a steady state.

Max: 01:14:41

You launch an application. You acquire. You onboard clients. You get to a certain point where you're in a relatively predictable business based on client demand, growth, utilization, whatever it is. You know, getting to those steady state applications really, you know, need to dictate, like, okay.

Max: 01:14:56

You know, are we doing what we should be doing here, and how do we change this? And, you know, I I think that conversation's starting. I think,

Brian: 01:15:05

Definitely. I

Max: 01:15:05

think people are starting to look at that a little bit closer.

Brian: 01:15:07

Yeah. I mean, from a marketing perspective, we talk a lot about moving from cloud first to cloud smart. And it's not about everything needs to move to the cloud, get to the cloud as quick as possible. It's more about let's get the right stuff to the cloud in the right cloud. You know, the multi cloud hybrid cloud, whatever terminology you want to use there, is a real thing.

Brian: 01:15:29

And for real reasons, because customers need specific things, just like when we bought stuff for on premises 20 years ago. I can't remember the number of times I sat down and said, okay, let's do a product investigation, which is the right product. Okay. One advantage of this one is is that it's the same manufacturer as this other thing, and they will highly integrate. But this other thing offers feature set that maybe we'll need in 10 years or 5 years, and maybe we should consider it because of the longevity side of things.

Brian: 01:15:57

This one's gonna be cheaper. Do we want which which one is the most important to to us as IT professionals, but also to the business in the long run? And, of course, cloud is no different. Like, should I run exchange in a virtual machine on somebody else's cert or someone else's computer? Or should I run it in 365?

Brian: 01:16:19

That's a pretty well defined answer at this point. Like, very few organizations need to be running their own Exchange server anymore. But that doesn't mean that your responsibility to the data changes.

Max: 01:16:29

What's 11 eleven's footprint geographically now? I mean, so where are your facilities and what regions? You know, obviously, North America, United States, but, I mean, rattle it off for me.

Brian: 01:16:41

Yeah. Heavy footprint in the US. And I won't even claim to be able to conceptualize it all as, as we've grown so fast over the last year. But you know, we've got west coast, we've got central, we've got east coast. So we've got a bunch of different stuff in the US.

Brian: 01:16:56

We've got a data center in Toronto. And then, overseas, we've got data you've got a couple of data centers in the UK. We've got one in mainland Europe. We've got one in Singapore and a couple in Australia.

Max: 01:17:11

K.

Brian: 01:17:11

And then, of course, is pre pre SunGard. So SunGard adds a whole bunch more in there.

Max: 01:17:16

SunGard brings up brings up big footprint on themselves.

Brian: 01:17:21

Yeah. And and from what we acquired is primarily in the US.

Max: 01:17:25

But, I mean, these these things are also now getting important in terms of data jurisdiction. You know? Like, there's lots of examples where you need to have your data resident in a jurisdiction that's applicable for what kind of business you're in or where you're conducting business or where you're in business or where your clients are in business or or things like that.

Brian: 01:17:44

Yep. So, locality still matters both from application data, but also from regulation more and more so every day.

Max: 01:17:53

Okay. Brian, final words. What what, what didn't we talk about that we should touch on here? So we

Brian: 01:18:01

Yeah. I mean, there's there there's, of course, a lot more depth. You know, we didn't talk a whole lot about connectivity as a stand alone, but to the point earlier, it is it is a piece that is an enablement to all this other stuff. We very much look at that as we we can sell you a a single line into your into your office and and be done with it and walk away from that at that point. We can manage it.

Brian: 01:18:27

But, you know, tying all these things together and more importantly, one big focus 11.11 has across everything we've talked about ends up being, you know, managed services, managing these environments. And this is very acute in the security space right now where, I think the latest stat is that by, I don't know, 2026 or something, half of the cybersecurity jobs will have people to fill them. In other words, we'll have twice as many jobs as we have people that are capable of actually doing the work. Yeah. That's that's scary.

Brian: 01:19:00

We're we're already well, well on our way there. I think today's stat is something like only 2 thirds of the roles are filled. And, of course, that leads to those people are expensive. They're hard to retain. They're hard to find.

Brian: 01:19:17

And so security is by no means the only place where that's happening. And so we're really focused on what are the places that customers are going to be challenged to do things on their own and helping them to plug those holes. So security is is, of course, a big big part of that. Again, it isn't the most acute, the most obvious one, but we're seeing a really big uptick in in the backup side of things. Like, customers don't wanna manage backups anymore.

Brian: 01:19:43

They see it as this technology has not changed much, you know, on the periphery. And the use cases have have, you know, continued to change, and I'm not trying to say there's no innovation in in the backup space because there most definitely is. But the concepts, the the approach to managing it has become very, you don't differentiate your business by doing backups differently than the person next door. You know, Coke and Pepsi are probably backing up exactly the same way. And neither of them are gaining more business by doing it differently.

Brian: 01:20:13

So that gets to a point where it's like, okay. Is it cheaper for us to have people dedicated to doing this, or have people that are knowledgeable about it? You know and this goes small business to large business. Small business, you've got 1, 2, 3 people that have to do everything. If they don't have to do backup on top of all the other things, that's a win, especially if we can give it to somebody who's gonna be 10 times better than that 3 people combined could ever be.

Brian: 01:20:38

And I don't say that to denigrate small business admins because they are freaking awesome. I would never wanna do their job because I don't think I could conceptualize as much as they do on on any given day. But on the enterprise side of things, they're dedicating teams to do nothing but backups. And, you know, people are expensive. And and if they can outsource that and make that managing that outsource one of many duties that they have.

Brian: 01:21:04

You know, that that same person can also be the person that that considers the Doctor side of things and, you know, data security and maybe maybe they're the the the storage administrator. You know, it could be one duty amongst many that doesn't require a specialized skill set. Let somebody who does it for 100 of customers every day of the week do it because they're gonna specialize in that. And so that's that's a place that we're really focusing on is making sure that those places where customers don't wanna deal with it, or we could do it a heck of a lot cheaper or more efficient or, just just frankly better. Again, not to denigrate any administrator, but I know that, somebody focusing on security all day every day is gonna do it a lot better than somebody who's doing it 10% every

Max: 01:21:50

day. When when I started, the ratio of IT to employee to headcount was 60, 65 to 1. So 60, 65 employees to every one person working in IT. And I have I mean, there's that ratio. I mean, it it's skews based on technology a little bit, but a 160, 165 is kind of the average.

Max: 01:22:13

165 to 1. I don't there there was a point in time where I think IT teams and IT IT people were really there could have been a resistance to going into managed services or cloud services or they you know, because they wanted to have control or this feeling of control over it. I don't know how much that exists in this world just because of the requirement of the job. I mean, you cannot have that much head count you're responsible for and, you know, pretend like you have time to take tapes out of your auto loader and put them into a lockbox for, you know, the company to come pick them up and take them off-site for you. I mean, like, it's just first off, do you even wanna drive to the office in order to make that happen anymore?

Max: 01:22:51

You know? Like, let's just be real. And the answer is probably no. Right? So I don't I don't know.

Max: 01:22:57

I mean, I think I think for a while, there was a definitely a there became this kinda, like, negative connotation, you know, with server huggers and, like, all these different things with, like, you know, control. And I don't I don't I I don't see that as I don't perceive that so much anymore, not in my experience, at least. I think now it's just, you know, it just really feels like it's just an overwhelming amount of work and responsibility. Yeah. And more, you know, how do you smartly add them to what you were just saying.

Max: 01:23:23

Like, how do you smartly scale yourself in a way that's efficient and, you know, and and lever experts in different things.

Brian: 01:23:34

Yeah. Right? Yeah. Very much so. And that's that's what we hear from customers coming to us for those needs.

Brian: 01:23:39

So for example, we're we're having customers asking us to manage not only their cloud based backups, but also their on premises backups. They don't, they love Veeam. They love whatever product they're using, but they're like, we don't want to deal with it anymore. That's that's, that's a very, segregated system that we can set aside without having to have a lot of strings attached to it and can trust someone else to, to manage it day in and day out. Give me a report every day that says everything backed up successfully or that you dealt with whatever failures happened.

Brian: 01:24:13

And we're good. We move on to the next thing. And that's that's a 15 minute check-in the morning while you wait for the coffee to get made type of thing.

Max: 01:24:20

It's awesome. Brian, thank you very much.

Brian: 01:24:23

Yeah. Yeah. I appreciate the help too.

Max: 01:24:25

You know, I, I mean, island was a huge secret. I mean and I'm hoping I mean, just within this, we're talk I mean, we spent a lot of time talking about, you know, backup and Doctor. It it's it's I I don't wanna call it low hanging fruit in the sense that it's, like, so easy to actually take and solve this problem.

Brian: 01:24:46

Mhmm.

Max: 01:24:47

But, you know, I I really look at it that way. I mean, this is one of those things of, like, nowadays, you know, like, no nobody nobody in their right mind is trying to build out their own anti DDoS mitigation service. It's just like, why would you even attempt to do this? Like, it's so cheap to go solve this problem and and not deal with it. And I really I really look at backup and Doctor in a lot of the same ways, as that.

Brian: 01:25:12

Good. We do too.

Max: 01:25:14

Brian, thanks again.

Brian: 01:25:15

Yeah. Thank you. I really appreciate it.

‍