1 00:00:09,700 --> 00:00:13,000 You're listening to the identity of the center podcast, this is 2 00:00:13,000 --> 00:00:15,600 the show that talks about identity and access management 3 00:00:15,700 --> 00:00:18,600 and making sure you know who has access to what let's get 4 00:00:18,600 --> 00:00:27,400 started. Welcome to the identity of the 5 00:00:27,400 --> 00:00:29,800 center podcast I'm Jeff and that's Jim a gem. 6 00:00:30,200 --> 00:00:32,800 Hey Jeff, how are you? Oh, not so bad yourself. 7 00:00:33,100 --> 00:00:35,400 I'm doing good. Actually, I've been living in 8 00:00:35,400 --> 00:00:41,100 PowerPoint he'll like non-stop for the past week or two and 9 00:00:41,400 --> 00:00:46,500 more of that this week. But so long as you know, I've 10 00:00:46,500 --> 00:00:51,600 realized that what I do when I build power points where I start 11 00:00:51,600 --> 00:00:54,700 is like paper and pencil. You know, I kind of start with i 12 00:00:54,900 --> 00:00:59,200 Like, during a presentation, you need to tell a story and you 13 00:00:59,200 --> 00:01:02,700 should be able to tell that story without slides, right? 14 00:01:02,700 --> 00:01:04,400 You should be able to conversationally. 15 00:01:04,400 --> 00:01:06,900 Tell that story. So that's why I like to start 16 00:01:06,900 --> 00:01:10,300 with paper and pencil. I know you kind of probably the 17 00:01:10,300 --> 00:01:13,100 first time you met me. I was taking notes, in a meeting 18 00:01:13,100 --> 00:01:16,000 with paper and pencil, and it's just some kind of an old-school 19 00:01:16,000 --> 00:01:20,200 guy from that perspective, but I feel like if I sit down at a 20 00:01:20,208 --> 00:01:24,200 computer and I start, you know, working out that that strategy 21 00:01:24,200 --> 00:01:27,500 like what's the Problem today what are we recommending for the 22 00:01:27,500 --> 00:01:30,500 future and things like that. Then I get to bound up in 23 00:01:30,500 --> 00:01:35,500 formatting and how the slide is going to look versus focusing on 24 00:01:35,500 --> 00:01:38,000 the message. Yeah I remember the first time I 25 00:01:38,000 --> 00:01:43,200 looked at your notes and it was probably a diagram that you had 26 00:01:43,200 --> 00:01:46,400 drawn out and so just you know draw it on a piece of paper and 27 00:01:46,600 --> 00:01:48,600 send it to me and I'll figure out, you know, how we want to 28 00:01:48,600 --> 00:01:52,200 kind of showed on the screen and we used to have scheduled time 29 00:01:52,200 --> 00:01:58,700 where I would have to You Jim and decipher his handwriting is 30 00:01:58,900 --> 00:02:02,200 what is this trying to say like, is that Sanskrit or some other 31 00:02:02,200 --> 00:02:03,400 language? I'm not exactly sure. 32 00:02:03,400 --> 00:02:05,400 You have, you definitely have doctors handwriting. 33 00:02:05,400 --> 00:02:08,699 That is for sure. Yeah, I mean that's probably the 34 00:02:08,699 --> 00:02:12,900 only perspective I qualified to be a doctor, but I definitely 35 00:02:12,900 --> 00:02:15,400 have doctors handwriting. It's gotten better in that. 36 00:02:15,400 --> 00:02:18,500 We've gone a little more digital and using, you know, tools like 37 00:02:18,600 --> 00:02:20,600 Visio and lucidchart and stuff like that. 38 00:02:20,600 --> 00:02:24,600 But it's kind of a combination between girl. 39 00:02:24,800 --> 00:02:30,000 VT and just plain chicken, scratch chicken scratch with a 40 00:02:30,000 --> 00:02:32,100 funky style. You know I think what we should 41 00:02:32,100 --> 00:02:36,800 do is digitize some of your work and create some NF tees off of 42 00:02:36,800 --> 00:02:40,000 it and then put it out there for people to collect us, you know, 43 00:02:40,000 --> 00:02:44,200 collectors items like here is, you know, a drawing that Jim 44 00:02:44,200 --> 00:02:45,900 made. You figure out what it says. 45 00:02:45,900 --> 00:02:49,400 What does it mean to you? Or we could create a fun. 46 00:02:49,600 --> 00:02:54,400 Yeah, Microsoft is replacing the Colibri or I'm not sure how you 47 00:02:54,400 --> 00:02:56,400 say it. Tell it calibri 'calibri calibri 48 00:02:56,400 --> 00:02:57,900 'calibri. Yeah. 49 00:02:58,600 --> 00:03:01,000 So there are going to replace the default font, which is, I 50 00:03:01,000 --> 00:03:03,300 guess kind of a big deal. Yeah, they probably will. 51 00:03:03,300 --> 00:03:07,900 They probably would not replace it with my chicken scratch, I 52 00:03:07,900 --> 00:03:09,700 hope not. But all right, now we're getting 53 00:03:09,700 --> 00:03:11,000 a little bit of softer Side Track. 54 00:03:11,000 --> 00:03:16,700 If you have a Windows PC and you have inking capabilities, you 55 00:03:16,700 --> 00:03:19,700 can actually create a font based on your own handwriting. 56 00:03:20,200 --> 00:03:23,800 It's built into Windows somewhere, Windows 10, and one 57 00:03:23,800 --> 00:03:26,500 of those settings, Is you can actually go through a process 58 00:03:26,500 --> 00:03:29,200 where you write out the alphabet numbers, you know, some things 59 00:03:29,200 --> 00:03:33,600 like that and it will basically create a true type font for you 60 00:03:33,600 --> 00:03:37,100 based on your own handwriting. So you could theoretically 61 00:03:37,300 --> 00:03:41,300 create your own font, put that into a PowerPoint and then have 62 00:03:41,300 --> 00:03:44,100 like a PowerPoint that looks like you actually wrote it out 63 00:03:44,100 --> 00:03:47,100 by hand, which is So Meta. I don't even know where to go 64 00:03:47,100 --> 00:03:49,200 with it. After that, it's kind of like, 65 00:03:49,200 --> 00:03:53,400 like Comic Sans, but actually, I think that would be really fun 66 00:03:53,400 --> 00:03:56,500 to do actually. It look into that and I did not 67 00:03:56,500 --> 00:03:58,200 know. That's why people listen to the 68 00:03:58,200 --> 00:04:02,600 podcast Jeff, as for the gems or some might say the doggie 69 00:04:02,600 --> 00:04:05,000 diamonds. Yeah. 70 00:04:05,000 --> 00:04:09,000 The you know the the solutions to problems that you don't have. 71 00:04:09,000 --> 00:04:10,400 I think that's part of it as well. 72 00:04:10,600 --> 00:04:12,900 Didn't know you had. All right. 73 00:04:14,700 --> 00:04:18,200 Why don't we talk about some identity and access management 74 00:04:18,200 --> 00:04:20,800 stuff since that's pretty much why we're here. 75 00:04:20,800 --> 00:04:25,400 And what we do we're going to talk today about Zero. 76 00:04:25,400 --> 00:04:29,200 Trust Network architecture also known as ztn a. 77 00:04:29,200 --> 00:04:31,500 So as you hear us may be talking through that. 78 00:04:32,100 --> 00:04:34,100 I know zero trust has been top of mind for a lot of folks 79 00:04:34,100 --> 00:04:37,300 especially with the pandemic and people doing remote work. 80 00:04:37,300 --> 00:04:40,800 And you know we talk with Eric Anderson from Adobe last week 81 00:04:40,800 --> 00:04:44,800 about their approach to znz tiene and they're actually ahead 82 00:04:44,800 --> 00:04:49,000 of the curve. They've been in this ztn a model 83 00:04:49,000 --> 00:04:53,200 for a couple years so they were well prepared for a mass, you 84 00:04:53,200 --> 00:04:56,300 know, work from home. EP unless environment, right? 85 00:04:56,300 --> 00:04:58,600 Things like that right to make it more secure to access 86 00:04:58,600 --> 00:05:00,700 resources. So to help us with the 87 00:05:00,700 --> 00:05:03,800 conversation today. We've invited Brian D H, who is 88 00:05:03,800 --> 00:05:06,600 a Solutions architect at Z scalar and an all-around good 89 00:05:06,600 --> 00:05:08,500 guy to the show. So, welcome to the show. 90 00:05:08,500 --> 00:05:11,600 Brian, what's up everyone? Thanks for having me and I would 91 00:05:11,600 --> 00:05:15,000 tell you that the greatest lie, the Dever that I'm told that the 92 00:05:15,000 --> 00:05:17,900 devil ever told was that he didn't create PowerPoint. 93 00:05:18,900 --> 00:05:22,900 I feel that I feel that pain guys, I you know I I've learned 94 00:05:22,900 --> 00:05:26,100 so much about PowerPoint having turned And to the dark side and 95 00:05:26,100 --> 00:05:29,900 Consulting, you know, five, six years ago at this point, I use 96 00:05:29,900 --> 00:05:31,700 it for way more than just presentations. 97 00:05:31,800 --> 00:05:34,600 It's a simple. You know, flowchart thing. 98 00:05:34,600 --> 00:05:36,900 It's basic Bare Bones image editing. 99 00:05:36,900 --> 00:05:41,000 So you know, I have a love-hate relationship with it. 100 00:05:41,100 --> 00:05:46,400 I just wish that the feature parity between Microsoft and Mac 101 00:05:46,400 --> 00:05:50,700 OS was a lot closer because it is clearly a first-class citizen 102 00:05:50,700 --> 00:05:53,800 on Windows devices, which, you know, you would I guess expect, 103 00:05:53,800 --> 00:05:58,100 right from our Product to Microsoft Hardware, but I am 104 00:05:58,100 --> 00:06:00,200 glad to see that the Mac OS versions catching up because I 105 00:06:00,200 --> 00:06:02,500 do use. Both OS, has quite a bit and 106 00:06:03,000 --> 00:06:05,900 it's always interesting going from one to another, but I 107 00:06:05,900 --> 00:06:09,800 digress, as I get off, my PowerPoint, soapbox there. 108 00:06:10,400 --> 00:06:13,800 Brian, this is your first time being on the show and one of the 109 00:06:13,800 --> 00:06:16,400 things that we like to ask our guest is is to learn more about 110 00:06:16,400 --> 00:06:19,600 their background and how they got into the infosec or the 111 00:06:19,600 --> 00:06:22,500 identity space. Is that something that that you 112 00:06:22,500 --> 00:06:26,300 chose or did you choose it? So, Oh, it's funny conversation. 113 00:06:26,300 --> 00:06:30,000 So I started my journey back in the day at US Airways, which is 114 00:06:30,000 --> 00:06:33,700 now American Airlines and I was a systems guy, supporting US 115 00:06:33,700 --> 00:06:38,300 Airways.com and I quickly wanted to make sure that I solidified 116 00:06:38,500 --> 00:06:42,100 my position and didn't ever be like, you know, part of a riff 117 00:06:42,100 --> 00:06:48,400 or anything like that and I took responsibility over an F5. 118 00:06:48,400 --> 00:06:50,900 Appliance at that point in time was used primarily for web 119 00:06:50,900 --> 00:06:56,100 acceleration and load balancing. And it was kind of a funny thing 120 00:06:56,100 --> 00:06:59,200 is, he's like this mixed bag of tricks where it was, it was a 121 00:06:59,200 --> 00:07:01,000 layer for device was also later seven. 122 00:07:01,500 --> 00:07:04,200 And I want to be part of the cool group with network security 123 00:07:04,200 --> 00:07:07,500 guys and they didn't like me for some reason I couldn't get them 124 00:07:07,500 --> 00:07:10,700 to accept me and lo and behold it turned out to be a good 125 00:07:10,700 --> 00:07:12,200 thing. They want to nothing, they 126 00:07:12,200 --> 00:07:15,000 wanted nothing to do with the device that can talk over. 127 00:07:15,000 --> 00:07:18,300 Therefore they are seven. That was me in that kind of 128 00:07:18,300 --> 00:07:20,000 opened the door to Pandora's boxes. 129 00:07:20,000 --> 00:07:23,100 And then from there, I moved from there to Apollo Group which 130 00:07:23,100 --> 00:07:26,200 is University of Phoenix. And they said, well, knowing 131 00:07:26,200 --> 00:07:29,100 that 5 is great, but we need you to understand, you know, the 132 00:07:29,100 --> 00:07:32,300 Cisco has say the checkpoint firewall snort IPS. 133 00:07:32,300 --> 00:07:35,400 I mean, you name it, they own that particular product and oh 134 00:07:35,400 --> 00:07:38,700 by the way you're going to be on call here in 30 days or less. 135 00:07:38,700 --> 00:07:42,200 So you better wrap up quick. It's a little bit of a trial by 136 00:07:42,200 --> 00:07:44,600 fire. It sounds like yeah, absolutely 137 00:07:45,000 --> 00:07:48,900 Best Mistake I've ever had. What else do you work on when 138 00:07:48,900 --> 00:07:51,200 you're not doing stuff for Z scale? 139 00:07:51,200 --> 00:07:54,300 Or I know you've got a podcast called PEB kak, maybe you can 140 00:07:54,300 --> 00:07:57,800 talk to us about that as a fellow identity, kind of related 141 00:07:57,800 --> 00:08:01,100 podcaster. Yeah, right on, thanks for the, 142 00:08:01,100 --> 00:08:03,600 the name drop on the area. Me a couple buddies from Z 143 00:08:03,600 --> 00:08:07,200 scalar decided that, you know what, maybe kind of cool idea to 144 00:08:07,200 --> 00:08:10,500 have her own podcast. And so pep kak actually stands 145 00:08:10,500 --> 00:08:14,100 for the, the problem exists between the chair in the 146 00:08:14,100 --> 00:08:17,000 keyboard, right? User are so many times, right? 147 00:08:17,000 --> 00:08:20,900 We get involved, whether it was Network or security, where we 148 00:08:20,900 --> 00:08:23,100 were, you know, we are the ones to be blamed and at the end of 149 00:08:23,108 --> 00:08:26,700 the day, it's always the user. So we go over a lot of security 150 00:08:26,700 --> 00:08:28,800 topics. Sometimes, we do like silly dad 151 00:08:28,800 --> 00:08:30,700 jokes. Reviews and whatnot. 152 00:08:30,700 --> 00:08:33,799 But we are going to be recording episode 7 today. 153 00:08:33,799 --> 00:08:36,000 So we were quite a distance behind. 154 00:08:36,000 --> 00:08:43,200 You guys gotta start somewhere. So Brian one of the things that 155 00:08:43,200 --> 00:08:44,700 we like to do with the podcast, right? 156 00:08:44,700 --> 00:08:46,300 It's called identity at the center, right? 157 00:08:46,300 --> 00:08:50,200 A lot of the focus of our podcasts on identity and access 158 00:08:50,200 --> 00:08:55,100 management, but we think it's, you know, becoming the, the 159 00:08:55,100 --> 00:08:58,500 central tenant of information security strategies. 160 00:08:58,500 --> 00:08:59,600 I mean, that's what we're seeing. 161 00:08:59,600 --> 00:09:04,700 Seeing I think in a zero trust World it resonates very well but 162 00:09:04,700 --> 00:09:09,600 we want to use this as a forum to introduce kind of the other 163 00:09:09,600 --> 00:09:15,500 technologies that make up a full 0, trust information security 164 00:09:15,500 --> 00:09:18,200 portfolio. So maybe what you could do is 165 00:09:18,200 --> 00:09:22,200 kind of talk to us about what your, what your company's e 166 00:09:22,200 --> 00:09:25,700 scalar does and where that fits into a zero, trust architecture. 167 00:09:26,000 --> 00:09:29,200 Gotcha. So if you think about it, Z 168 00:09:29,200 --> 00:09:32,600 scalar, Sí tiene their kind of synonymous and at the end of the 169 00:09:32,600 --> 00:09:35,500 day what we want to do is Federated with identity, right? 170 00:09:35,500 --> 00:09:38,500 Let them be the gatekeeper of the users who you know who they 171 00:09:38,500 --> 00:09:41,500 are, what they do, what groups, they're a part of and take that 172 00:09:41,500 --> 00:09:44,400 and apply that principle to users going out to the Internet. 173 00:09:44,500 --> 00:09:48,700 So allow the good block the bed and then for users that need to 174 00:09:48,700 --> 00:09:53,300 talk to internal applications where they reside at the Legacy 175 00:09:53,300 --> 00:09:55,200 data center or in the private Cloud. 176 00:09:55,400 --> 00:09:58,300 Allow them to interact with those applications based off an 177 00:09:58,300 --> 00:10:00,500 identity. So how does does this actually 178 00:10:00,500 --> 00:10:02,800 work? What's the user experience like? 179 00:10:02,800 --> 00:10:05,700 Is it something that kind of sits behind and the user? 180 00:10:05,700 --> 00:10:09,000 If it's if it's being done? Right, never actually sees or is 181 00:10:09,000 --> 00:10:11,700 this something that is a little more up front and present to a 182 00:10:11,708 --> 00:10:14,800 normal user, who would be accessing resources? 183 00:10:15,500 --> 00:10:18,500 Yeah, we really want to make this as transparent to the end 184 00:10:18,500 --> 00:10:21,600 user as possible. So from a user experience, if 185 00:10:21,600 --> 00:10:24,200 they are sitting in a branch office and they close your 186 00:10:24,200 --> 00:10:27,100 laptop lid, and they go home, or they go to Starbucks, they open 187 00:10:27,100 --> 00:10:28,200 it up. It's like they're already 188 00:10:28,200 --> 00:10:29,500 connected to the network, they do. 189 00:10:29,600 --> 00:10:32,000 Have to do anything. They're not, then roll, they 190 00:10:32,000 --> 00:10:33,600 don't have to re-authenticate things. 191 00:10:33,600 --> 00:10:37,400 Now, you could if you wanted, but the, the premise between the 192 00:10:37,400 --> 00:10:42,300 ztn a right, is that number one, we want to keep users off the 193 00:10:42,300 --> 00:10:44,000 corporate Network. So you need to treat all 194 00:10:44,000 --> 00:10:48,600 applications, like you would Office 365 and so you can't get 195 00:10:48,600 --> 00:10:51,500 into Office 365. Unless we know the identity of 196 00:10:51,500 --> 00:10:53,400 the user, right? You're not actually on the 197 00:10:53,408 --> 00:10:55,900 Office 365 Network, we have access to it. 198 00:10:55,900 --> 00:10:57,800 So even your internal applications to be treated like 199 00:10:57,800 --> 00:11:01,400 that and then the second part, To this is we really want to 200 00:11:01,400 --> 00:11:05,700 reduce your tax surface, meaning you can't hack, what you can't 201 00:11:05,700 --> 00:11:09,400 see, you can't do DDOS, Brute Force, credential stuffing SQL 202 00:11:09,400 --> 00:11:12,800 injection if there's no inbound access to your applications, 203 00:11:12,800 --> 00:11:15,900 wherever they might reside in the last part is, if you're not 204 00:11:15,900 --> 00:11:19,300 on the, the network you eat, there is no lateral movement. 205 00:11:19,600 --> 00:11:24,300 And so really, the idea is the internet becomes the new network 206 00:11:24,700 --> 00:11:29,100 being able to give the company true end-to-end privacy, right? 207 00:11:29,100 --> 00:11:31,000 Beauty It's tunnels right. That way. 208 00:11:31,000 --> 00:11:35,100 You don't have prying eyes, cannot see but at the same 209 00:11:35,100 --> 00:11:36,800 breath, right? You know, what is that user 210 00:11:36,800 --> 00:11:38,700 experience? It, they just connect to it and 211 00:11:38,700 --> 00:11:41,800 they are good to go. Now, the best part I think of 212 00:11:41,800 --> 00:11:45,000 doing this correctly would be a user going to Starbucks 213 00:11:45,500 --> 00:11:47,800 historically on a, maybe a legacy VPN. 214 00:11:48,100 --> 00:11:51,600 They might have to turn that off to interact with like a captive 215 00:11:51,600 --> 00:11:55,500 portal been, but in a true, ztn a world, right? 216 00:11:55,500 --> 00:11:57,700 I just want to allow them to transparently access. 217 00:11:57,700 --> 00:12:00,300 That click the button that says Going to be a good little 218 00:12:00,300 --> 00:12:03,200 internet Citizen and then boom. They are connected back to their 219 00:12:03,200 --> 00:12:06,200 applications without having to attend a Kate, you know, kind of 220 00:12:06,200 --> 00:12:13,200 in my mind to the place that ztn a fills as kind of a replacement 221 00:12:13,200 --> 00:12:19,900 for the traditional VPN, maybe you could validate or re-educate 222 00:12:19,900 --> 00:12:22,200 me on that. But is that the case? 223 00:12:22,200 --> 00:12:25,300 And maybe you talk a little bit about the architecture because I 224 00:12:25,308 --> 00:12:29,400 guess my understanding is that, you know, ztn a at least. 225 00:12:29,600 --> 00:12:36,400 Our is provided as a cloud-based service, but ultimately you're 226 00:12:36,400 --> 00:12:40,000 providing access back into the network so people can reach 227 00:12:40,000 --> 00:12:42,800 applications, file shares on the network. 228 00:12:42,800 --> 00:12:46,200 So maybe you could talk a little bit about the architecture 229 00:12:46,900 --> 00:12:49,400 because I'm assuming, like I said in the first part of the 230 00:12:49,408 --> 00:12:52,700 question that, you know, we should look at this as kind of a 231 00:12:52,708 --> 00:12:56,900 replacement for VPN absolutely. So definitely, I wouldn't say 232 00:12:56,900 --> 00:13:01,700 that, you know, true. Ztn a is If a user is just a VPN 233 00:13:01,700 --> 00:13:04,600 because we don't really want to dumb it down to that and there's 234 00:13:04,600 --> 00:13:07,000 kind of like three moving parts to this entire puzzle. 235 00:13:07,000 --> 00:13:10,700 So one on the end point the end-user right, they're going to 236 00:13:10,700 --> 00:13:14,500 have a client that is used to steer traffic either towards the 237 00:13:14,500 --> 00:13:18,700 cloud, broker the zero trust exchange and then you can also 238 00:13:18,900 --> 00:13:21,400 which is the the policy enforcement everything that goes 239 00:13:21,400 --> 00:13:24,000 on happens in the cloud. It says, who are you? 240 00:13:24,000 --> 00:13:26,800 What groups are you apart of? Can you do this now? 241 00:13:26,800 --> 00:13:29,400 Earlier I mentioned that I don't all out any inbound. 242 00:13:29,600 --> 00:13:31,500 Access. So you're like where's the 243 00:13:31,508 --> 00:13:32,500 Kool-Aid here? Brian. 244 00:13:33,200 --> 00:13:36,600 How are you allowing this user that's working from anywhere to 245 00:13:36,600 --> 00:13:39,100 interact with this application back of the data center or the 246 00:13:39,100 --> 00:13:40,900 private cloud? And that's where you need to be 247 00:13:40,900 --> 00:13:44,400 able to deploy a lightweight VM. Sometimes you refer to it as 248 00:13:44,400 --> 00:13:47,800 like an application connector. But this guy will be reaching 249 00:13:47,800 --> 00:13:51,800 out bound to the cloud. It should do this in a fashion 250 00:13:51,800 --> 00:13:53,900 that doesn't require user name and password, probably 251 00:13:53,900 --> 00:13:57,700 certificate based authentication as well as a connection that 252 00:13:57,700 --> 00:14:00,400 can't be man in the middle or Object to replay attacks. 253 00:14:00,400 --> 00:14:04,200 So doing TLS plus perfect forward secrecy to it. 254 00:14:04,200 --> 00:14:06,300 Basically allow them to meet in the middle. 255 00:14:06,400 --> 00:14:09,800 The end user hits the cloud. The cloud says, yes, you can do 256 00:14:09,900 --> 00:14:13,000 you or you can go to this and that that outbound connection 257 00:14:13,000 --> 00:14:17,100 now becomes a reversed tunnel back in to the network to allow 258 00:14:17,100 --> 00:14:20,500 the end user to interact with the application in the key. 259 00:14:20,500 --> 00:14:24,200 Here really is to be able to support all ports and protocols, 260 00:14:24,200 --> 00:14:26,300 right? You have active directory, which 261 00:14:26,300 --> 00:14:29,100 can be kind of noisy. You got file shares, like sifts, 262 00:14:30,000 --> 00:14:32,000 You have almost all applications. 263 00:14:32,000 --> 00:14:35,700 Now they're running on 84 for three, but we still have a 264 00:14:35,700 --> 00:14:37,800 handful of applications. It could be sequel. 265 00:14:38,400 --> 00:14:42,800 Could be SSH RDP. Those are more of the corner use 266 00:14:42,800 --> 00:14:45,300 cases, right? We don't want to open up like, 267 00:14:45,300 --> 00:14:48,100 SSH and RDP to all the users because now they're back on the 268 00:14:48,100 --> 00:14:51,000 network right now, they become that wild child in the 269 00:14:51,000 --> 00:14:53,400 environment, they can do lateral movements with that's that's the 270 00:14:53,400 --> 00:14:56,800 anti zero trust. We want to basically keep them 271 00:14:56,800 --> 00:14:59,400 off, allow them to access the applications that they have. 272 00:14:59,500 --> 00:15:02,300 Have access to based off of that business logic. 273 00:15:02,700 --> 00:15:05,800 And then all of a sudden, your Cloud becomes a strategic point 274 00:15:05,800 --> 00:15:09,000 of not only control, but visibility what users are 275 00:15:09,000 --> 00:15:11,700 connecting to what applications at any given point in time. 276 00:15:12,900 --> 00:15:17,200 Yeah, and I know from past experience with a VPN, you, you 277 00:15:17,200 --> 00:15:20,700 know, with let's just make a generalization here, with mostly 278 00:15:20,700 --> 00:15:26,100 p.m. products you can limit access to certain IP, ranges, or 279 00:15:26,300 --> 00:15:32,400 addresses and ports, but you know, that very few 280 00:15:32,400 --> 00:15:35,800 organizations that I talked with actually do that, right? 281 00:15:35,800 --> 00:15:39,500 It's more like, you're on the network and you have pretty much 282 00:15:39,500 --> 00:15:43,200 full access, but I think with ztn Technology. 283 00:15:43,200 --> 00:15:46,800 That's not really how it works. But it was interesting is you're 284 00:15:46,800 --> 00:15:52,300 talking about 80 and 443, I'm wondering also about like Legacy 285 00:15:52,300 --> 00:15:55,500 Technologies like, hey, we've run into a lot of organization, 286 00:15:55,500 --> 00:16:00,400 still that have mainframes and those would operate over like a 287 00:16:01,000 --> 00:16:02,700 telnet port or something like that. 288 00:16:02,700 --> 00:16:05,400 Is that all? I'm assuming, that's possible as 289 00:16:05,400 --> 00:16:07,200 well. Yeah. 290 00:16:07,200 --> 00:16:10,000 So not only is it possible as well. 291 00:16:10,700 --> 00:16:13,800 The ability to support all ports and protocols from like a client 292 00:16:13,800 --> 00:16:15,800 to server initiate, a conversation is key. 293 00:16:16,200 --> 00:16:19,400 But the cool part about this is if you think about telnet or 294 00:16:19,400 --> 00:16:22,500 even poor 80 these are protocols that they're like this, it's 295 00:16:22,500 --> 00:16:26,500 clear text in transit. So if you have Jim hanging out 296 00:16:26,500 --> 00:16:30,200 at Starbucks, right and he's making a Mainframe connection or 297 00:16:30,200 --> 00:16:34,900 telnet or Port 80, What would a threat actor? 298 00:16:34,900 --> 00:16:37,300 See right. And that's really the part need 299 00:16:37,300 --> 00:16:40,400 to kind of hone in on so true. Ztn a is going to say. 300 00:16:40,400 --> 00:16:43,000 Basically that threat actor. That's hanging out at Starbucks 301 00:16:43,000 --> 00:16:45,100 is going to see an IP address inside Starbucks. 302 00:16:46,200 --> 00:16:50,000 Is reaching out to the Z to the ztn a cloud and everything 303 00:16:50,000 --> 00:16:53,300 that's going on in between there is completely encapsulated in a 304 00:16:53,300 --> 00:16:56,000 TLS tunnel. That is not subject for prying 305 00:16:56,000 --> 00:16:58,200 eyes to see that. Make sense. 306 00:16:58,400 --> 00:17:03,200 Yes, you're encrypting all the way from the end device. 307 00:17:03,200 --> 00:17:07,200 This case, probably a laptop all the way to that. 308 00:17:09,099 --> 00:17:13,300 I'll call an appliance that you put on the clients Network, 309 00:17:13,300 --> 00:17:16,099 right? So if somebody was to tap, The 310 00:17:16,099 --> 00:17:17,900 wire and kind of see the traffic. 311 00:17:17,900 --> 00:17:20,200 It would just all be encrypted data. 312 00:17:20,700 --> 00:17:22,300 Yeah. At the very best, right? 313 00:17:22,300 --> 00:17:24,599 They can't man the middle it because the connection won't 314 00:17:24,599 --> 00:17:27,300 even set up, right? So the very best they could try 315 00:17:27,300 --> 00:17:29,600 to do a replay attack. But even then, it's completely 316 00:17:29,600 --> 00:17:32,400 encrypted. We're enforcing perfect forward 317 00:17:32,400 --> 00:17:34,200 secrecy. Which means the ephemeral keys 318 00:17:34,200 --> 00:17:36,700 are not in transit, right? So to do a replay attack 319 00:17:36,700 --> 00:17:39,200 through, they're not going to get anything else, you know, get 320 00:17:39,200 --> 00:17:41,400 anything from that. I'm also wondering what's that 321 00:17:41,400 --> 00:17:44,200 implyin. So the thinking of large, you 322 00:17:44,200 --> 00:17:47,700 know, multinational organizations where they have, 323 00:17:48,000 --> 00:17:52,000 you know, data centers on multiple continents, is the 324 00:17:52,000 --> 00:17:56,800 typical approach to put the appliances where the end systems 325 00:17:56,800 --> 00:18:01,900 are or do most clients you see, put those appliances just in one 326 00:18:01,900 --> 00:18:05,700 location like say North America and then once they're kind of 327 00:18:05,700 --> 00:18:08,700 behind that through that firewall then spanned the 328 00:18:08,700 --> 00:18:12,000 traffic globally. So yeah we don't want to try to 329 00:18:12,000 --> 00:18:14,700 hear pin them to you singular areas, right? 330 00:18:14,700 --> 00:18:18,600 Because that creates a back. All scenario which diminishes 331 00:18:18,600 --> 00:18:21,300 user experience. So the idea would be deployed 332 00:18:21,300 --> 00:18:26,700 connectors as close to Applications as possible. 333 00:18:27,200 --> 00:18:30,000 And so if you had, you know, a couple data centers in North 334 00:18:30,000 --> 00:18:31,900 America a couple and a Mia, right? 335 00:18:31,900 --> 00:18:34,700 And you had to users that are hanging out in London, you don't 336 00:18:34,700 --> 00:18:36,700 want them connecting all the way back. 337 00:18:36,900 --> 00:18:39,500 Like let's say I'm taking it back, let's say application one 338 00:18:39,500 --> 00:18:44,400 is been distributed both in a Mia and an in the Americas you 339 00:18:44,400 --> 00:18:45,800 don't want to use her to have to train, you know? 340 00:18:45,900 --> 00:18:49,900 No Traverse the entire Atlantic Ocean to get the application 341 00:18:49,900 --> 00:18:51,900 one. If application, one exists in 342 00:18:52,100 --> 00:18:53,700 Amia somewhere as well. Right? 343 00:18:53,700 --> 00:18:55,900 Right. And so the idea would be as 344 00:18:55,900 --> 00:18:59,600 traffic is coming in and it hits that ztn a cloud. 345 00:18:59,700 --> 00:19:01,500 It can it can do the measurements right? 346 00:19:01,500 --> 00:19:05,300 The the for a lack of better words, free GSL be. 347 00:19:05,600 --> 00:19:07,600 Where's the user? Where's the application is 348 00:19:07,600 --> 00:19:10,500 available in two places, let me stitch together that connection 349 00:19:10,500 --> 00:19:13,100 to the quickest and user experience for them. 350 00:19:14,200 --> 00:19:16,300 Without changing applications at all. 351 00:19:16,800 --> 00:19:20,200 So I'm going to put my project manager had on for a minute and 352 00:19:20,200 --> 00:19:24,600 I'm kind of wondering what do these ztm a deployment. 353 00:19:24,600 --> 00:19:29,100 Usually look like as a kind of a big bang replacement of VPN or 354 00:19:29,100 --> 00:19:33,500 do companies typically go after smaller use cases and kind of 355 00:19:34,300 --> 00:19:39,300 build out either by including more users or you know what is 356 00:19:39,300 --> 00:19:43,100 the approach to kind of get started and then to kind of 357 00:19:43,100 --> 00:19:45,700 reach your end goal. Is the end goal usually 358 00:19:46,100 --> 00:19:51,000 replacement of all VPN it is 100% replacement of all VPN so 359 00:19:51,000 --> 00:19:54,600 pre covid it was little bit more of a corner use case, right? 360 00:19:54,600 --> 00:19:59,000 Like it was a new idea adopting for a lot of customers, didn't 361 00:19:59,000 --> 00:20:02,900 really have a need to have or to replace their vpns, right? 362 00:20:02,900 --> 00:20:05,600 Users were on Prem, they didn't really need it. 363 00:20:05,600 --> 00:20:08,600 Then all of a sudden covid hit and it was like a dis, a ticking 364 00:20:08,600 --> 00:20:10,300 Time Bomb, right? You have all these users that 365 00:20:10,300 --> 00:20:13,000 are now off the network and you have two options. 366 00:20:13,800 --> 00:20:17,900 She won by more Legacy Hardware, deploy that and there was crazy 367 00:20:18,000 --> 00:20:21,300 like whole times for that kind of stuff or adopt a cloud 368 00:20:21,300 --> 00:20:23,700 service friendly architecture, right? 369 00:20:23,700 --> 00:20:28,400 Which is ETA. Now by doing that, I would say 370 00:20:28,400 --> 00:20:33,200 that in large with covid, we saw a lot of big bang actually 371 00:20:33,200 --> 00:20:36,300 happen. I had talked to one customer in 372 00:20:36,300 --> 00:20:41,400 particular, like, on a Thursday, 60 thousand users, right? 373 00:20:41,400 --> 00:20:43,300 And then on a Tuesday, they cut a p.o. 374 00:20:43,300 --> 00:20:45,400 They were ready to move. Like, it was that big of an 375 00:20:45,400 --> 00:20:48,800 issue for them. I think the, the most compelling 376 00:20:48,800 --> 00:20:52,700 thing here, that the story was the ability to on board all 377 00:20:52,700 --> 00:20:55,700 60,000 people. By the end of the month. 378 00:20:55,700 --> 00:20:58,500 So I think the the total time from P0 to the time that they 379 00:20:58,500 --> 00:21:00,900 had rolled this out was like less than three weeks. 380 00:21:00,900 --> 00:21:02,900 Like, they had to move very, very quickly. 381 00:21:03,900 --> 00:21:06,800 That is something you just can't do on Legacy platforms. 382 00:21:07,300 --> 00:21:09,900 Absolutely. That's that's, that's pretty 383 00:21:09,900 --> 00:21:15,600 impressive numbers there. So I want to back you up a 384 00:21:15,608 --> 00:21:19,400 little bit. I think you kind of covered what 385 00:21:19,400 --> 00:21:24,000 the authentication scenario looks like. 386 00:21:24,000 --> 00:21:27,300 But I'm kind of During okay, so walk me through a scenario, 387 00:21:27,300 --> 00:21:30,700 where got a new person, joined the organization, they're 388 00:21:30,700 --> 00:21:35,600 getting a new laptop. How do I get their laptop to be? 389 00:21:36,000 --> 00:21:42,600 You know, do I push the push the client onto their laptop, Etc? 390 00:21:42,800 --> 00:21:44,600 And then how is it authenticating? 391 00:21:44,600 --> 00:21:47,300 Is it leveraging? The authentication into the 392 00:21:47,500 --> 00:21:51,600 laptop and other words like my active directory sign in or and 393 00:21:51,600 --> 00:21:54,600 then you know, the other thing I want to layer in there. 394 00:21:54,700 --> 00:21:56,800 Right, I do this. Sometimes I asked multi-part 395 00:21:56,800 --> 00:22:00,600 questions layer in there. You know, could be a Windows 396 00:22:00,600 --> 00:22:04,700 laptop. It could be a Mac OS, I don't 397 00:22:04,700 --> 00:22:06,400 know. Maybe you could be a Chromebook. 398 00:22:07,200 --> 00:22:10,700 Walk me through that scenario of like, how do I get the client? 399 00:22:10,700 --> 00:22:15,700 And then, what is it doing from an authentication standpoint? 400 00:22:15,700 --> 00:22:18,600 What is it leveraging or am I pushing like some kind of 401 00:22:18,800 --> 00:22:20,600 certificate? Things like that. 402 00:22:21,000 --> 00:22:23,600 So there are a handful of customers that have gone down 403 00:22:23,600 --> 00:22:26,500 the route of Bring your own Best Buy device. 404 00:22:26,600 --> 00:22:29,100 And when they do that, there's a manual enrollment, right? 405 00:22:29,100 --> 00:22:32,400 They'll have the user go to company named OCTA.com, for 406 00:22:32,400 --> 00:22:35,100 example, they'll set their credentials and then from there, 407 00:22:35,100 --> 00:22:37,000 they'll start downloading software to do whatever you 408 00:22:37,000 --> 00:22:39,500 want. There's also the notion of like, 409 00:22:39,500 --> 00:22:44,500 Hey, we're going to, if you are a net new employee, right? 410 00:22:44,500 --> 00:22:48,200 Or I should say, not new to ztn a, you won't be able to push 411 00:22:48,200 --> 00:22:49,800 that out silently to the end point. 412 00:22:49,800 --> 00:22:52,800 You want to be able to pick up whatever the user uses to 413 00:22:52,800 --> 00:22:54,500 authenticate, right? So if it's active directory, 414 00:22:54,700 --> 00:22:56,100 Boom. One of the prove record, 415 00:22:56,100 --> 00:22:59,400 prerequisites for that will be iwa integrated Windows 416 00:22:59,400 --> 00:23:03,700 authentication because I don't want to make it hard to secure, 417 00:23:03,700 --> 00:23:05,600 my users. I want to make it more or less 418 00:23:05,600 --> 00:23:08,800 transparent. And so the, when you talk about 419 00:23:08,800 --> 00:23:13,100 the client, that's being pushed out, the secret sauce behind 420 00:23:13,100 --> 00:23:15,800 there, is that the authentication is going on the 421 00:23:15,800 --> 00:23:17,900 background. You can, you can push it out 422 00:23:17,900 --> 00:23:21,300 like, with SCCM or your MDM of choice, but it can be told. 423 00:23:21,300 --> 00:23:25,100 Hey, go ahead and try to connect by the way, this is the Vacation 424 00:23:25,100 --> 00:23:27,100 to main pick up the local credentials. 425 00:23:27,100 --> 00:23:29,500 If they've already signed in once and take that and 426 00:23:29,500 --> 00:23:34,700 transparently, put him through. Now on the back end that's 427 00:23:34,700 --> 00:23:38,300 that's basically sam'l right ID. The in this particular use case, 428 00:23:38,300 --> 00:23:41,800 your IDP would be peeing, OCTA Azure active directory. 429 00:23:41,800 --> 00:23:43,000 Some of the big ones that are out there. 430 00:23:43,300 --> 00:23:46,800 So the ztn a cloud is going to be the service provider, all we 431 00:23:46,800 --> 00:23:49,000 really want, is a valid sam'l assertion. 432 00:23:49,500 --> 00:23:54,500 But the, the next bigger part is that with the identity comes to 433 00:23:54,600 --> 00:23:58,300 Things one you have users going out to us as based applications 434 00:23:58,600 --> 00:24:01,000 but they also have access to internal applications. 435 00:24:01,300 --> 00:24:04,200 So, when I fed her eight, I also want to support skim. 436 00:24:04,500 --> 00:24:07,000 I want to make sure that I have the latest and greatest group 437 00:24:07,000 --> 00:24:10,000 attributes for that user. So let's say that Jeff is 438 00:24:10,000 --> 00:24:13,500 working diligently and then one day he has been promoted to 439 00:24:13,500 --> 00:24:17,700 customer or he decides to lead the organization if you burn him 440 00:24:17,700 --> 00:24:21,500 Bert you know completely any anything he has in his device 441 00:24:22,400 --> 00:24:25,600 Now, he could upload it to his own personal OneDrive Dropbox 442 00:24:25,600 --> 00:24:28,100 and things like that. The appropriate way to do this 443 00:24:28,100 --> 00:24:32,100 is from a, ztn, a perspective is no matter what happens if he's 444 00:24:32,100 --> 00:24:35,200 going out to the internet, whether it's SAS or naked, 445 00:24:35,700 --> 00:24:38,600 always protect that always keep that in line and always 446 00:24:38,600 --> 00:24:41,100 protecting it. But if he has access to 447 00:24:41,100 --> 00:24:44,200 mission-critical, internal applications, go ahead and 448 00:24:44,200 --> 00:24:47,700 immediately revoke that once you have burned that user in 449 00:24:47,700 --> 00:24:50,700 identity, whether that's you know, your ping OCTA, you name 450 00:24:50,700 --> 00:24:54,900 it and you're my Will vary based off of the IDP that you're using 451 00:24:55,300 --> 00:24:57,100 some of them like an OCTA, right? 452 00:24:57,100 --> 00:25:00,800 The Integrations are so tight that the moment that you revoke 453 00:25:00,800 --> 00:25:04,200 access for Jim, Jim or Jeff, going into an application, it's 454 00:25:04,200 --> 00:25:07,600 immediately picked up versus like in Azure active directory. 455 00:25:07,900 --> 00:25:10,800 It's synchronized like every I think 15 minutes maybe 45 456 00:25:10,800 --> 00:25:14,200 minutes or on demand but spelling that out for customers 457 00:25:14,200 --> 00:25:16,300 like, Hey, listen, this is what you're going to do, let's 458 00:25:16,300 --> 00:25:19,700 operationalize this and then that way if Jeff decides that he 459 00:25:19,700 --> 00:25:22,200 wants to put his two weeks in and you want to burn his Has 460 00:25:22,200 --> 00:25:24,800 access to internal applications. Now, you don't have to worry 461 00:25:24,800 --> 00:25:27,300 about him, grabbing this stuff and then uploading it to his own 462 00:25:27,300 --> 00:25:30,400 personal Dropbox. You can be able to block that 463 00:25:30,400 --> 00:25:32,700 and secure the company of minimize the risk. 464 00:25:32,800 --> 00:25:36,200 And I think that's an important part here is is, you know, we've 465 00:25:36,200 --> 00:25:40,300 been talking about network access and, you know, getting 466 00:25:40,300 --> 00:25:42,200 access to data. But, what happens, once the data 467 00:25:42,200 --> 00:25:45,200 is on the device is typically challenge, we see things, you 468 00:25:45,200 --> 00:25:49,000 know, like sandboxing and DMS and, you know, all kinds of 469 00:25:49,100 --> 00:25:53,100 exotic ways right to protect the data, that's no longer And it's 470 00:25:53,100 --> 00:25:55,900 at rest on a device. I think that's part of the 471 00:25:55,900 --> 00:25:57,300 challenge. You mentioned, a couple things 472 00:25:57,300 --> 00:26:01,500 are as you were talking around the transparency to the end user 473 00:26:01,500 --> 00:26:04,700 is obviously a big deal, right? For a security perspective 474 00:26:04,700 --> 00:26:07,700 because if it just works, you're going to gain alignment. 475 00:26:07,700 --> 00:26:11,400 And you know that people are using the, the secure Pathways. 476 00:26:11,400 --> 00:26:19,100 I've been defined when it comes to the price of ztn, a versus a 477 00:26:19,100 --> 00:26:23,300 traditional kind of VPN only. Network access. 478 00:26:23,700 --> 00:26:27,300 How do you see the comparison between the two is cost a 479 00:26:27,300 --> 00:26:30,900 factor? That is something that, you 480 00:26:30,908 --> 00:26:32,900 know, might be prohibitive for some companies? 481 00:26:32,900 --> 00:26:36,200 Or is it pretty equivalent? I guess, help me understand if I 482 00:26:36,200 --> 00:26:37,900 may say so. And, you know, I'm thinking 483 00:26:37,900 --> 00:26:41,100 about making the spend to address this ZT. 484 00:26:41,100 --> 00:26:44,000 N a, you know, where do I make the spend and how does it 485 00:26:44,000 --> 00:26:47,000 compare to what I already have in place through something like 486 00:26:47,000 --> 00:26:48,800 a VPN? We can anyconnect. 487 00:26:48,800 --> 00:26:51,200 Yeah, exactly. So the first thing you have to 488 00:26:51,200 --> 00:26:54,800 really identify Is that you really are subscribing to a 489 00:26:54,800 --> 00:26:59,100 premium cloud, service for ztn a write-in that you were doing so 490 00:26:59,100 --> 00:27:02,000 based off of identity. So, to figure out exactly what 491 00:27:02,000 --> 00:27:05,400 your cost is. When adopting cloud is very 492 00:27:05,400 --> 00:27:09,300 easy, if you have 5,000 users, where I need 5,000 licenses, and 493 00:27:09,600 --> 00:27:12,900 I don't need to buy an appliance that can go from 5,000 to 494 00:27:12,908 --> 00:27:15,100 10,000, right? Because now you have this thing 495 00:27:15,100 --> 00:27:17,100 that you've you're hedging about that. 496 00:27:17,100 --> 00:27:19,700 If I buy this one particular, Appliance it's going to be good 497 00:27:19,700 --> 00:27:21,200 for the next seven years. Maybe not. 498 00:27:21,200 --> 00:27:23,700 What happens if we We acquire a lot of companies, I'm going to 499 00:27:23,700 --> 00:27:26,500 have to rip and replace that. And so that's one of the, the 500 00:27:26,500 --> 00:27:29,700 definitely, the nice things about ztn a, from a cloud 501 00:27:29,700 --> 00:27:33,300 perspective, and I can't speak on behalf of all the vendors 502 00:27:33,300 --> 00:27:36,600 that are out there, but I know for my organization right at 503 00:27:36,600 --> 00:27:41,400 user 5001, we are not going to start blocking them randomly, 504 00:27:41,400 --> 00:27:43,200 right. In fact, we're just not allow 505 00:27:43,200 --> 00:27:45,300 them to keep can keep connecting. 506 00:27:45,400 --> 00:27:48,000 But at some point, I'm going to have a true up, whether it's at 507 00:27:48,000 --> 00:27:50,900 a quarterly Business review or the annual renewal and say, hey 508 00:27:50,900 --> 00:27:56,600 you know what you buy. Thousand you had 5500 From This 509 00:27:56,600 --> 00:27:58,500 Moment forward. We're going to start charging, 510 00:27:58,500 --> 00:28:00,600 you 5,500 will forget the past, right? 511 00:28:00,600 --> 00:28:03,600 This is an adult relationship. We're going to, you know, it 512 00:28:03,600 --> 00:28:07,100 behooves us both the, you know, be having a good time here and 513 00:28:07,100 --> 00:28:10,000 not be tripping over, you know, silly things in life. 514 00:28:10,200 --> 00:28:12,100 Yeah, I think we see a lot of things like, you know, monthly 515 00:28:12,100 --> 00:28:14,800 active users and kind of an average over a year, period, 516 00:28:14,800 --> 00:28:16,600 time frame. I think that's pretty common. 517 00:28:16,600 --> 00:28:18,500 I've seen that with a lot of different vendors that have play 518 00:28:18,500 --> 00:28:21,900 in the sophistication space and you certainly hope that it is a 519 00:28:22,100 --> 00:28:27,800 A mutually adult conversation and approach to services at 520 00:28:27,800 --> 00:28:31,100 least until, you know, our procurement and maybe legal 521 00:28:31,100 --> 00:28:33,900 friends, get involved and start cranking over some things. 522 00:28:34,600 --> 00:28:37,300 I've certainly seen things get rude, dear Elder on that. 523 00:28:37,900 --> 00:28:40,000 One of the things that I'm alternate is also interested in 524 00:28:40,000 --> 00:28:45,500 is around the privileged access management component, 40 trust. 525 00:28:46,300 --> 00:28:50,300 When you have resources that are maybe on the network, Windows 526 00:28:50,300 --> 00:28:52,000 servers like a domain controller. 527 00:28:52,100 --> 00:28:56,300 Unix boxes or even just you know any server that's been 528 00:28:56,300 --> 00:28:59,000 identified as kind of sensitive and under-privileged kind of 529 00:28:59,000 --> 00:29:03,700 management in addition to the cloud is that something also 530 00:29:03,700 --> 00:29:07,000 that zero trust can help? Or is it more focused on stuff 531 00:29:07,000 --> 00:29:09,900 outside the firewall? I would say that we complement 532 00:29:10,000 --> 00:29:13,600 that scenario right there in the be transparent, what I want to 533 00:29:13,608 --> 00:29:17,100 do is bring to the front door of that server and however, you do 534 00:29:17,100 --> 00:29:19,600 privileged access management today, that's fine, right? 535 00:29:19,600 --> 00:29:22,700 That's that's between the server and however your chicken In your 536 00:29:22,700 --> 00:29:25,100 credentials and what not. But one of the things that I 537 00:29:25,108 --> 00:29:28,400 would like to say is that, you know, I see a lot of customers 538 00:29:28,400 --> 00:29:30,200 that are doing multi-factor authentication. 539 00:29:30,200 --> 00:29:32,800 Like, you can't even talk to the front door that server unless 540 00:29:32,800 --> 00:29:37,900 you've done MFA MFA, like, if you're bored, go out and watch a 541 00:29:37,908 --> 00:29:42,500 video, zon something called evil Jinx and how incredibly it easy, 542 00:29:42,500 --> 00:29:46,800 it is to fish a user, get them to sign in take their session 543 00:29:46,800 --> 00:29:49,800 keys and have access to everything OneDrive in all the 544 00:29:49,800 --> 00:29:53,700 chaos that I can do from there. So MFA can be We defeated, so 545 00:29:53,900 --> 00:29:55,500 from my perspective, I love like. 546 00:29:55,500 --> 00:29:57,900 If I'm going to pick on conditional access I would love 547 00:29:57,900 --> 00:30:00,700 to see like hey, you know what, if you want to come in and talk 548 00:30:00,700 --> 00:30:03,800 to this the segment of the network where it's a Windows 549 00:30:03,800 --> 00:30:07,700 server is a database server has all of our PCI information, then 550 00:30:07,700 --> 00:30:10,300 how about our posture it right? Make sure you coming from a 551 00:30:10,300 --> 00:30:14,600 domain join door, Jim domain, join PC as opposed to Grandma's 552 00:30:14,600 --> 00:30:18,100 PC where there might not be any point security that's running on 553 00:30:18,100 --> 00:30:20,700 there. I can posture for certificate, 554 00:30:20,800 --> 00:30:21,600 right? I can do it. 555 00:30:22,000 --> 00:30:26,000 Two different things that to do the Integrity of the user coming 556 00:30:26,000 --> 00:30:28,200 in. But probably the coolest thing 557 00:30:28,200 --> 00:30:33,100 that I have seen recently is around an integration that my 558 00:30:33,100 --> 00:30:37,200 company has with crowdstrike. And basically the agent that's 559 00:30:37,200 --> 00:30:42,300 running on Jeff's Windows PC can talk to crowdstrike and it can 560 00:30:42,300 --> 00:30:45,900 actually posture for what he's called a zero trust access 561 00:30:45,900 --> 00:30:49,300 score. So zero meaning you are like, 562 00:30:49,300 --> 00:30:51,400 it's bad news. There's something terribly wrong 563 00:30:51,400 --> 00:30:54,400 with your PC. 100 being benign, like you're a good dude. 564 00:30:54,500 --> 00:30:57,700 We allow this stuff and then I can marry that's core to policy 565 00:30:57,700 --> 00:31:01,100 like, hey, you can get in and talk to anything with a score of 566 00:31:01,100 --> 00:31:03,300 a risk score of 70 or higher, right? 567 00:31:03,400 --> 00:31:06,700 But if you want to talk to the PCI DMZ, before we even give you 568 00:31:06,700 --> 00:31:09,000 that front door, you need to have a risk score of the 90 or 569 00:31:09,000 --> 00:31:13,100 higher and it gives the, you know, the end users or the 570 00:31:13,100 --> 00:31:15,600 people that the stakeholders in this, the Peace of Mind knowing 571 00:31:15,600 --> 00:31:18,200 that it's going to have some random person coming in, its 572 00:31:18,200 --> 00:31:21,400 true zero trust, they're going to get him past the cloud. 573 00:31:21,600 --> 00:31:24,600 The It stops there. So Brian you're our expert on 574 00:31:24,600 --> 00:31:29,300 the ztn a industry. We don't know the industry and 575 00:31:29,300 --> 00:31:34,100 what we would like to ask would be your you to be a Visionary, 576 00:31:34,100 --> 00:31:37,700 put on your Visionary cap for a second and tell us what's coming 577 00:31:38,300 --> 00:31:40,700 down the road. In terms of what is the future 578 00:31:40,700 --> 00:31:46,000 for the industry terms of, you know, big changes and features. 579 00:31:46,000 --> 00:31:50,600 You see ztn a becoming like a platform where a third party 580 00:31:50,600 --> 00:31:55,100 Developers. Go to or do you see ztj being 581 00:31:55,100 --> 00:31:58,500 folded into other platforms likes? 582 00:31:58,500 --> 00:32:02,300 A single sign of platforms, OCTA, or Microsoft. 583 00:32:03,400 --> 00:32:05,800 Do you see a consolidation in the industry? 584 00:32:05,800 --> 00:32:09,600 What's your perspective on where the industry is? 585 00:32:09,600 --> 00:32:12,000 Heading? All bets are off with Microsoft, 586 00:32:12,000 --> 00:32:14,200 right? They used to have like that that 587 00:32:14,200 --> 00:32:16,500 VPN platform. I forget what it was called, 588 00:32:16,500 --> 00:32:19,500 it's soon to be retired, right? But if they see a need right, 589 00:32:19,500 --> 00:32:24,600 they tend to bake that into their X, I would say that when 590 00:32:24,600 --> 00:32:27,900 you look at zero, trust one of the biggest Achilles heel, 591 00:32:27,900 --> 00:32:29,800 right? Especially if you move very, 592 00:32:29,800 --> 00:32:34,700 very fast because I always tell customers, users 1 to 100, are 593 00:32:34,700 --> 00:32:37,500 going to be far more difficult on board than users 100 to 594 00:32:37,500 --> 00:32:39,900 60,000. Right, once you work out the 595 00:32:39,908 --> 00:32:42,900 Kinks there, it's pretty much streamlined, but you need to 596 00:32:42,908 --> 00:32:47,000 have at some point in time, you go back and take the information 597 00:32:47,000 --> 00:32:49,600 that's coming through, right? You might have a wild-card 598 00:32:49,600 --> 00:32:53,800 policy that either ends in allow or deny But as that you traffic 599 00:32:53,800 --> 00:32:57,000 is flowing through, like you might know about 70, internal 600 00:32:57,000 --> 00:32:59,600 applications, but you'll be, you'll be shocked to find out 601 00:32:59,600 --> 00:33:03,400 that your end users actually access like 700, right? 602 00:33:03,500 --> 00:33:06,600 How do you actually get the true zero trust on that per 603 00:33:06,600 --> 00:33:09,400 application Level? Now I know on our platform we're 604 00:33:09,400 --> 00:33:11,000 going to basically show it as a bubble like this. 605 00:33:11,000 --> 00:33:15,100 These are the bit the top talkers that have been learned 606 00:33:15,200 --> 00:33:18,500 more or less, but I wanted to see an evolution a little bit 607 00:33:18,500 --> 00:33:20,400 more granular. I not only don't want to see it 608 00:33:20,400 --> 00:33:23,500 to be like these are the top That are being accessed to have 609 00:33:23,500 --> 00:33:26,900 not been defined yet, but I also want a recommendation of what 610 00:33:27,000 --> 00:33:30,300 active directory groups or group membership in general, should be 611 00:33:30,300 --> 00:33:32,300 assigned to those. I love to see some machine 612 00:33:32,300 --> 00:33:34,900 learning on that to be transparent. 613 00:33:35,100 --> 00:33:37,900 You got me thinking there that there's could be some machine 614 00:33:37,900 --> 00:33:42,600 learning, another cool feature might even be some self service 615 00:33:42,600 --> 00:33:46,500 for the users where they kind of are able to go in. 616 00:33:46,500 --> 00:33:54,400 And, and make the system, make ztn a We're of applications that 617 00:33:54,400 --> 00:33:57,700 they need access to that kind of happens today, right? 618 00:33:57,700 --> 00:34:00,900 If you have a user that is requesting access to something 619 00:34:00,900 --> 00:34:04,000 whether they have it or not, it would populate the dashboard is 620 00:34:04,000 --> 00:34:07,400 a defined or recently discovered application. 621 00:34:07,900 --> 00:34:09,900 The self-service part would be nice because then the, you can 622 00:34:09,900 --> 00:34:13,000 say one part of HR and I need this to do my job, right? 623 00:34:13,000 --> 00:34:16,600 That helps narrowing the focus a little bit there, so you've been 624 00:34:16,600 --> 00:34:18,500 really generous with your time. And I want to make sure that we 625 00:34:18,500 --> 00:34:22,100 kind of stay on on with that one. 626 00:34:22,300 --> 00:34:26,199 Things that we have started to do more recently is to get into 627 00:34:26,199 --> 00:34:28,699 a little bit of non. I am trivia or questions. 628 00:34:28,699 --> 00:34:31,699 And you know I think one of the questions that we were talking 629 00:34:31,699 --> 00:34:35,300 about earlier might come up with this is kind of like our prep 630 00:34:35,300 --> 00:34:37,600 session Jim. You want to ask the the question 631 00:34:37,600 --> 00:34:39,600 that we came up with. Yeah, sure. 632 00:34:39,600 --> 00:34:43,600 Because we're all either fathers of human or fur, baby children 633 00:34:43,699 --> 00:34:46,400 and I probably most of our listeners have one or the other 634 00:34:46,400 --> 00:34:49,300 as well. The question for this week is, 635 00:34:49,300 --> 00:34:53,000 if you were able to go back and give yourself, Some fatherly 636 00:34:53,000 --> 00:34:55,400 advice. What would it be? 637 00:34:55,900 --> 00:34:59,000 We'll start with you Bryan. Yeah, so this one is near and 638 00:34:59,000 --> 00:35:03,600 dear to my heart, my oldest is leaving for college, she's 18. 639 00:35:03,600 --> 00:35:06,500 She's graduating this year, she's done a phenomenal job and 640 00:35:06,500 --> 00:35:12,000 has full ride offers in state and it definitely brings me to 641 00:35:12,000 --> 00:35:13,400 tears. Sometimes it's to think about 642 00:35:13,400 --> 00:35:15,300 her not waking up in my house, right? 643 00:35:15,300 --> 00:35:18,600 Is this weird end? I've gone back and I thought 644 00:35:19,500 --> 00:35:21,200 what are some of my biggest regrets? 645 00:35:21,300 --> 00:35:24,300 My biggest regret So they're kind of threefold in, hopefully 646 00:35:24,300 --> 00:35:27,200 they're easier. But number one, when they were 647 00:35:27,200 --> 00:35:31,000 younger, my recommendation to any new father is to just hold 648 00:35:31,000 --> 00:35:33,000 them as much as you can because before, you know, it they're 649 00:35:33,000 --> 00:35:35,300 just they're too big and that's just not, that's not going to 650 00:35:35,300 --> 00:35:38,300 happen. I miss that so much and then the 651 00:35:38,300 --> 00:35:42,300 second one would be to really get into their world. 652 00:35:42,400 --> 00:35:46,500 I was always a basketball guy, track guy, and my daughter, she 653 00:35:46,500 --> 00:35:48,600 loves soccer. I didn't know anything about it 654 00:35:48,700 --> 00:35:52,200 and I did my best to kind of Ruin from the stands, but I 655 00:35:52,207 --> 00:35:57,200 regret not taking the time to really learn the sport becoming 656 00:35:57,600 --> 00:35:59,800 great at being a forward myself, right? 657 00:35:59,800 --> 00:36:01,500 That way, I can help teach her coach. 658 00:36:01,500 --> 00:36:05,900 I think I missed the ball on that in the last one is, you 659 00:36:05,900 --> 00:36:07,600 know, celebrating the smaller Victory. 660 00:36:07,600 --> 00:36:11,300 So in the DH household. Like if you want to cell phone, 661 00:36:11,400 --> 00:36:12,500 then you need to have straight A's. 662 00:36:12,500 --> 00:36:15,000 And if you don't have straight A's, then you don't have a cell 663 00:36:15,000 --> 00:36:16,200 phone, right? I'm not going to work harder if 664 00:36:16,207 --> 00:36:18,200 you're not going to work hard now. 665 00:36:19,600 --> 00:36:22,800 She did great in high school, obviously, she's getting full 666 00:36:22,800 --> 00:36:24,700 ride scholarships right to be able to do stuff. 667 00:36:25,200 --> 00:36:30,400 And what I didn't know about that statement was that I was 668 00:36:30,400 --> 00:36:34,000 slowly crushing her self-esteem every single time she brought 669 00:36:34,000 --> 00:36:36,500 home anything lower than a, right? 670 00:36:36,500 --> 00:36:38,700 So, when it came time for college, she was like, I don't 671 00:36:38,700 --> 00:36:41,900 know if I want to do this, I don't really want to apply. 672 00:36:42,200 --> 00:36:45,000 And then it took this this, this leap of my wife saying, we're 673 00:36:45,000 --> 00:36:47,600 going to apply today and we see what happens and she gets 674 00:36:47,600 --> 00:36:50,700 accepted and since the full ride She's blown away and then it 675 00:36:50,700 --> 00:36:52,900 went from, I don't really want to do this too. 676 00:36:53,300 --> 00:36:56,200 I can't get her to stop applying to colleges like it's insane. 677 00:36:56,200 --> 00:36:57,700 So those are my big three hold him. 678 00:36:57,700 --> 00:37:00,200 As much as you can get. In the world, celebrate the 679 00:37:00,200 --> 00:37:02,300 small victories and I'll leave it at that. 680 00:37:02,700 --> 00:37:06,500 That's that's well, thought out Jeff, how about you? 681 00:37:07,000 --> 00:37:08,100 Yeah, it's another good question. 682 00:37:08,400 --> 00:37:12,200 So I have dogs, those are my children. 683 00:37:12,300 --> 00:37:16,400 My two dogs Layla and Duncan and you know the first thing 684 00:37:16,400 --> 00:37:19,100 obviously is stay active and take those pups her away. 685 00:37:19,200 --> 00:37:21,000 Walk every day, it's like the greatest thing in the world for 686 00:37:21,000 --> 00:37:24,400 them, but from the human perspective, you know, I think 687 00:37:24,400 --> 00:37:26,500 about it. If I'm looking back when I was, 688 00:37:26,500 --> 00:37:29,400 you know, younger, you know, really think about what you want 689 00:37:29,400 --> 00:37:33,400 to be when you grow up, if you don't know, take the Time, 690 00:37:33,500 --> 00:37:36,100 explore figure it out, right? I think sometimes there's a lot 691 00:37:36,100 --> 00:37:39,000 of pressure, especially, maybe in, you know, the high school or 692 00:37:39,000 --> 00:37:43,000 early kind of college, folks that they're being pressured 693 00:37:43,000 --> 00:37:47,400 into careers that they don't really want to be in, and they 694 00:37:47,400 --> 00:37:49,100 may be doing it for any number of reasons, they don't know. 695 00:37:49,300 --> 00:37:50,900 They're just kind of going through the motion or whatever, 696 00:37:51,700 --> 00:37:53,800 I think they should take the time and, you know, this is what 697 00:37:53,800 --> 00:37:56,300 I would have done is, you know, take the time to figure out what 698 00:37:56,300 --> 00:37:59,600 way what I want to do when I grow up, I spent 10 years in the 699 00:37:59,600 --> 00:38:02,500 food service industry, before I even got into it. 700 00:38:02,500 --> 00:38:06,100 So, you know, I've taken a certainly, a different approach 701 00:38:06,400 --> 00:38:07,700 than that. Maybe some others. 702 00:38:07,900 --> 00:38:10,900 I think, you know, Brian, you brought up initial part about, 703 00:38:10,900 --> 00:38:13,100 you know, we're learning the fundamentals, right? 704 00:38:13,300 --> 00:38:16,000 Basketball learning how to box out, right, simple. 705 00:38:16,000 --> 00:38:18,100 Things like that. And I think that applies really 706 00:38:18,100 --> 00:38:20,500 to anything is, you know, learn the fundamentals of things that 707 00:38:20,500 --> 00:38:23,300 interest you don't try to skip ahead and read the last chapter 708 00:38:23,300 --> 00:38:26,100 before you get to it. You know and and that'll help 709 00:38:26,100 --> 00:38:30,200 you truly understand things. And I think my last one is to 710 00:38:30,200 --> 00:38:34,400 travel learn from other cultures, their cultures other 711 00:38:34,400 --> 00:38:38,600 people don't stay in your bubble and get that, you know, recchia 712 00:38:38,600 --> 00:38:41,300 reinforcement of all the things that you think are true that may 713 00:38:41,300 --> 00:38:43,400 or may not apply to other people out there in the world. 714 00:38:43,400 --> 00:38:47,600 So I think everyone should, you know, take the opportunity to 715 00:38:47,600 --> 00:38:51,100 get out into the world. Do some international travel. 716 00:38:51,100 --> 00:38:53,800 See how other countries are approaching, you know, their 717 00:38:53,800 --> 00:38:59,200 lives and their issues and take that as a data point to inform 718 00:38:59,200 --> 00:39:02,700 your world view rather than you know maybe being focused on just 719 00:39:02,700 --> 00:39:05,300 your little corner of it. Good question Jim. 720 00:39:05,300 --> 00:39:10,300 What about you? So I also have three the first 721 00:39:10,300 --> 00:39:13,200 to the reason I have three is kind of went through the first 722 00:39:13,200 --> 00:39:15,200 two. I'm like, yeah I kind of got 723 00:39:15,200 --> 00:39:18,600 that advice and I did that but I think there were keys, right? 724 00:39:18,600 --> 00:39:23,000 The first One was save your money so you can't just like 725 00:39:23,000 --> 00:39:26,300 spend all your money and especially live in debt, right? 726 00:39:26,300 --> 00:39:29,000 I think that's probably one of the most important things you 727 00:39:29,000 --> 00:39:32,300 can do in your life is live below. 728 00:39:32,300 --> 00:39:34,900 Your means and save some money for the future. 729 00:39:36,700 --> 00:39:42,100 The second thing was try to find balance between kind of the 730 00:39:42,100 --> 00:39:44,400 things you enjoy doing and working. 731 00:39:45,500 --> 00:39:50,400 And I was that way where, you know, I I went out. 732 00:39:50,400 --> 00:39:54,500 I enjoyed my life, but at the same time, I carved out the time 733 00:39:54,500 --> 00:39:58,000 to make sure that I was, you know, getting educated learning 734 00:39:58,000 --> 00:40:02,300 new things. And I'm working the third thing, 735 00:40:02,300 --> 00:40:06,000 which, you know, I never really got this advice, but I realized 736 00:40:06,000 --> 00:40:08,700 it today I was having a call with Asha motto. 737 00:40:08,700 --> 00:40:12,900 Allah, who is the co-founder of ident rupee like company that 738 00:40:12,900 --> 00:40:17,200 Jeff and I were with prior to now being over approachability 739 00:40:17,500 --> 00:40:21,200 and You know, we got into the conversation about accounting 740 00:40:21,200 --> 00:40:24,100 and I really I said, you know, both of my grandfather's were 741 00:40:24,100 --> 00:40:28,100 accountants and what I realized is that they are very 742 00:40:28,600 --> 00:40:31,900 risk-averse, right? And I'm I learned a lot from 743 00:40:31,900 --> 00:40:35,200 them was very close to my grandfather's and I am a very 744 00:40:35,200 --> 00:40:39,700 risk-averse person but I look at Oshkosh and there and the reason 745 00:40:39,700 --> 00:40:45,000 is Click was Josh went out and you know, start got became like 746 00:40:45,000 --> 00:40:48,900 a business entrepreneur and took risks and there were times She 747 00:40:48,900 --> 00:40:52,600 told me stories, where, you know, you don't know if you're 748 00:40:52,600 --> 00:40:55,700 going to get that next contract and make that next paycheck in 749 00:40:55,700 --> 00:40:58,900 order to be able to pay your employees, but taking those 750 00:40:58,900 --> 00:41:02,400 risks, obviously, it kind of goes back to bounce. 751 00:41:02,400 --> 00:41:05,500 You have to balance taking risks with, not taking risks, but I 752 00:41:05,500 --> 00:41:08,400 was always very risk-averse. So, I think especially while 753 00:41:08,400 --> 00:41:11,800 you're young while you have kind of less to lose than where you 754 00:41:11,800 --> 00:41:15,600 can take some more risks, don't live in fear of risk you have to 755 00:41:15,600 --> 00:41:19,600 be willing to take some some risks and I think you're 756 00:41:19,600 --> 00:41:22,200 starting a business while you're young yet, so it's a great way 757 00:41:22,200 --> 00:41:25,100 to do it. Dude, we are like, 100% on the 758 00:41:25,100 --> 00:41:28,400 same page about being risk-adverse in in pushing the 759 00:41:28,400 --> 00:41:32,600 kids that to do that, right? And I didn't know the 760 00:41:32,600 --> 00:41:37,000 expectations of like, hey, Azor Azor, expected, bees are. 761 00:41:37,000 --> 00:41:39,700 Okay, if you ask for help and Seed like don't come home right? 762 00:41:39,700 --> 00:41:43,900 Like that was like the Mantra that I had and what the way that 763 00:41:43,900 --> 00:41:47,100 that kind of bit me in the butt was my son's sophomore year in 764 00:41:47,100 --> 00:41:48,600 high school. He's a junior. 765 00:41:48,700 --> 00:41:52,600 Now where I openly saw, like him becoming risk-averse, like I can 766 00:41:52,600 --> 00:41:55,300 either go out with my friends for an hour or I can study, 767 00:41:55,300 --> 00:41:56,500 right. And he just kept doing the whole 768 00:41:56,500 --> 00:41:58,100 like I'm going to study all the time. 769 00:41:58,100 --> 00:42:01,500 So there's definitely a lot of fruit in, you know, doing well, 770 00:42:01,500 --> 00:42:03,100 but also taking some risk and having it. 771 00:42:03,100 --> 00:42:05,900 And once he found that out, like, hey, there are things that 772 00:42:05,900 --> 00:42:09,500 I can do and I can still achieve good grades right now. 773 00:42:09,500 --> 00:42:12,800 I don't have to study 12 hours a night to be able to get it done. 774 00:42:13,300 --> 00:42:18,900 And then Jeff to your point on travel, we took the all the 775 00:42:18,900 --> 00:42:23,000 kids, my wife included, we went to Belize and on, you know, the 776 00:42:23,000 --> 00:42:27,500 first like 100 yards, right? It's a resort in his beautiful 777 00:42:27,900 --> 00:42:30,600 beyond that, right? This the extreme poverty. 778 00:42:30,700 --> 00:42:34,600 And what's interesting about that is the perspective is like 779 00:42:34,800 --> 00:42:37,400 you, see those kids, you know, seeing, you know, in a full 780 00:42:37,400 --> 00:42:40,300 dress, the girls and boys that in long, you know, long sleeve 781 00:42:40,300 --> 00:42:45,100 T-shirts Longstreet paint and long long pants, sitting in the 782 00:42:45,100 --> 00:42:50,100 sun, in 98% humidity, they paid The school right? 783 00:42:50,100 --> 00:42:53,800 Like that was that was kind of shocking to see that in the 784 00:42:53,800 --> 00:42:55,000 kids. Looked at that and said, all 785 00:42:55,000 --> 00:42:57,800 right this is you know never would have believed it until you 786 00:42:57,800 --> 00:42:58,700 saw it. Yeah. 787 00:42:58,700 --> 00:43:01,900 I'm a big fan of the phrase, first world problems and really 788 00:43:01,900 --> 00:43:05,400 kind of understanding is this really a big deal or not? 789 00:43:06,100 --> 00:43:08,400 You know, and maybe this little bit goes back to my restaurant 790 00:43:08,400 --> 00:43:11,400 business, where, you know, maybe maybe he was just say, you're 791 00:43:11,400 --> 00:43:14,600 working at Chili's and it's a 5 table section on a Friday night. 792 00:43:14,800 --> 00:43:17,500 And someone's ranch dressing is not the most important thing in 793 00:43:17,500 --> 00:43:19,500 the world at that moment. I'm just saying, right? 794 00:43:19,500 --> 00:43:24,500 That could be something that's out there so yeah, I think yeah, 795 00:43:24,500 --> 00:43:26,600 travel is a good one. So, all right. 796 00:43:26,600 --> 00:43:29,700 Well, I think you know, we covered a lot of ground today. 797 00:43:29,700 --> 00:43:32,200 I think, you know what I like to do is just pass it around the 798 00:43:32,200 --> 00:43:34,000 horn real quick to see if there's any kind of final 799 00:43:34,000 --> 00:43:36,500 thoughts. That the group here has Brian 800 00:43:36,500 --> 00:43:40,500 wants to go to why don't you go first any final words of wisdom 801 00:43:40,500 --> 00:43:44,200 that you want to drop on us and our listeners man you know 802 00:43:44,200 --> 00:43:48,000 there's this whole idea in zero trust of the the concept of 803 00:43:48,000 --> 00:43:49,600 browser. Solution as well. 804 00:43:50,200 --> 00:43:51,500 That's something we can talk about today. 805 00:43:51,500 --> 00:43:54,800 That's something I definitely see coming full line in line, 806 00:43:55,000 --> 00:43:57,200 especially since so many applications are web-based. 807 00:43:57,200 --> 00:44:00,700 So look that up. And, you know, I am very 808 00:44:00,700 --> 00:44:02,600 grateful to be on this podcast today. 809 00:44:02,600 --> 00:44:06,500 I definitely appreciate you guys time, you know letting me bark 810 00:44:06,500 --> 00:44:09,900 at you for about 30 minutes. So thank you guys so much and as 811 00:44:09,900 --> 00:44:13,100 always if there's anything that I can do for you, you know, feel 812 00:44:13,100 --> 00:44:14,900 free and that goes for the listeners. 813 00:44:14,900 --> 00:44:17,300 Well, call text email, find me on LinkedIn. 814 00:44:17,500 --> 00:44:21,000 I'll be happy to Assist you guys to the best to my ability. 815 00:44:21,800 --> 00:44:24,800 Yeah, it's very much appreciated and I'll have links to Brian on 816 00:44:24,800 --> 00:44:29,500 LinkedIn as well as his podcast and Z scalar there. 817 00:44:29,600 --> 00:44:32,400 He, you know, Brian you did a really great video on LinkedIn 818 00:44:32,400 --> 00:44:36,200 explaining what Z scalar does and it really kind of applies to 819 00:44:36,207 --> 00:44:38,000 that ztn a model. You know. 820 00:44:38,000 --> 00:44:41,400 I definitely recommend people check that out and you know 821 00:44:41,400 --> 00:44:43,200 those links will be in the show notes so people can check it 822 00:44:43,200 --> 00:44:44,200 out. Jim. 823 00:44:44,200 --> 00:44:46,400 What about yourself? Any final words of wisdom? 824 00:44:46,700 --> 00:44:51,000 I mean you know meeting with Brian to hearing you know let's 825 00:44:51,000 --> 00:44:52,900 see. TNA is all about, it's been 826 00:44:52,900 --> 00:44:56,500 tremendously educational to me. I hope it was to our listeners 827 00:44:56,500 --> 00:44:59,700 as well. And I really encourage people 828 00:44:59,700 --> 00:45:02,100 that if this is the kind of content, you want to keep 829 00:45:02,300 --> 00:45:05,200 hearing more about, or you have some other ideas for things, 830 00:45:05,200 --> 00:45:09,700 you'd like us to talk about on the show, let us know. 831 00:45:09,700 --> 00:45:12,500 And I think LinkedIn is probably the best way to do that. 832 00:45:12,700 --> 00:45:14,900 Yeah, it's very, very great way to get a hold of us. 833 00:45:15,200 --> 00:45:18,100 You know, real quick thing. I just, I just remembered there 834 00:45:18,100 --> 00:45:22,100 was an Vigil who reached out to me on LinkedIn and I'm going to 835 00:45:22,100 --> 00:45:24,800 look up his name real quick cuz I'm going to probably butcher it 836 00:45:25,300 --> 00:45:30,300 but he tapped a article that I had written for ident Rafi way, 837 00:45:30,300 --> 00:45:36,000 way way back in the day around Star Wars and identity and 838 00:45:36,000 --> 00:45:37,900 access management. His name is ekrem. 839 00:45:37,900 --> 00:45:42,200 I hope it pronounced correctly algrim Alcock and he did a spin 840 00:45:42,200 --> 00:45:45,700 on that that was for voice Biometrics. 841 00:45:45,700 --> 00:45:48,500 So he tagged me on LinkedIn. I was very nice as I go. 842 00:45:48,600 --> 00:45:49,800 Okay, cool. Alright, this is something I 843 00:45:49,800 --> 00:45:51,600 wrote like five years ago or something like that, you know, 844 00:45:51,600 --> 00:45:54,500 just kind of getting into the space and he has a pretty 845 00:45:54,500 --> 00:45:57,100 interesting take on voice Biometrics. 846 00:45:57,100 --> 00:45:59,000 And maybe that's something that we could maybe bring to the 847 00:45:59,000 --> 00:46:01,800 show. At some point around Androids 848 00:46:01,800 --> 00:46:04,000 and computers talk to each other and you know what does voice 849 00:46:04,000 --> 00:46:07,300 Biometrics mean? If it's too if it's C-3PO and 850 00:46:07,300 --> 00:46:10,200 R2-D2 talking to each other, how do they Afeni Kate through voice 851 00:46:10,200 --> 00:46:11,400 Biometrics? How does that even work? 852 00:46:11,400 --> 00:46:14,100 Right so I thought was a very interesting spin so that you 853 00:46:14,100 --> 00:46:16,300 know, that's a, that's a great example of kind of the LinkedIn 854 00:46:16,300 --> 00:46:17,500 Community. I think that, you know, they've 855 00:46:17,500 --> 00:46:22,000 been reaching out To folks like us but I think you know this is 856 00:46:22,000 --> 00:46:23,500 a good spot that will go ahead and leave it. 857 00:46:23,500 --> 00:46:27,600 I think my last words of wisdom is it's okay to get smarter you 858 00:46:27,600 --> 00:46:31,200 know mistakes made or in hindsight's 20/20 and it's okay 859 00:46:31,200 --> 00:46:33,200 to move on from those and figure out what worked and what didn't 860 00:46:33,200 --> 00:46:36,500 they move forward from there. So with that, we'll go ahead and 861 00:46:36,500 --> 00:46:39,700 close it out for this week. I would highly suggest checking 862 00:46:39,700 --> 00:46:44,400 out Brian and his podcast. It's the pep kak PEB KAC 863 00:46:44,800 --> 00:46:48,400 podcast, you can find out an apple podcast. 864 00:46:49,000 --> 00:46:50,300 They're actually, did I get that right brain? 865 00:46:50,300 --> 00:46:52,200 Or is it the other way around? It's yeah. 866 00:46:52,200 --> 00:46:53,600 Unfortunately, that one was already taken. 867 00:46:53,600 --> 00:46:58,800 So the pbca Casey AKA PEB cak my bad and want to make sure we get 868 00:46:58,800 --> 00:47:03,100 the right plug on there as a fellow, you know, identity 869 00:47:03,100 --> 00:47:06,300 information security podcaster. So it's very much 870 00:47:06,300 --> 00:47:09,000 conversational, just like ours. So definitely recommend checking 871 00:47:09,000 --> 00:47:10,700 it out and showing some support over there. 872 00:47:10,700 --> 00:47:13,900 And like I said, I'll have a link to their apple podcast 873 00:47:13,900 --> 00:47:16,000 page, so you can check it out in the show notes. 874 00:47:16,000 --> 00:47:20,000 So with that, you can also check our Site at identity of the 875 00:47:20,000 --> 00:47:22,900 center.com and we're on Twitter at idea. 876 00:47:22,900 --> 00:47:26,700 See podcast and I think that's a pretty good spot to leave it. 877 00:47:27,100 --> 00:47:29,000 Thanks everybody for listening. Thanks Brian. 878 00:47:29,000 --> 00:47:32,600 Thanks Jim for being part of the conversation today and we'll 879 00:47:32,600 --> 00:47:33,900 talk with everyone in the next one. 880 00:47:34,100 --> 00:47:39,700 Thanks. Thanks for listening to the 881 00:47:39,700 --> 00:47:42,500 identity at the center podcast. If you like what you heard, 882 00:47:42,500 --> 00:47:45,800 don't forget to subscribe and visit us on the web and identity 883 00:47:45,800 --> 00:47:47,000 at the center.com.