647 IT Nation Secure: Matt Lee & Bobby Jacobs
647 IT Nation Secure: Matt Lee & Bobby Jacobs
This episode features two interviews from IT Nation Secure 2024 in Orlando. The first is with Matt Lee, Senior Director of Security and Com…
June 14, 2024

647 IT Nation Secure: Matt Lee & Bobby Jacobs

This episode features two interviews from IT Nation Secure 2024 in Orlando. The first is with Matt Lee, Senior Director of Security and Compliance at Pax8, discussing passwordless authentication, biometrics, and the future of cybersecurity. The second interview is with Bobby Jacobs, Head of Growth at Thread, last year's winner of the ConnectWise Pitch It Accelerator program. Bobby shares updates on Thread's service experience platform, including new features like the Planner for dispatchers and upcoming integrations.

Matt Lee, known as the "most ethical hacker," joins the podcast to discuss the latest trends in cybersecurity. He shares insights on passwordless authentication using pass keys and FIDO protocols, which eliminate the risk of stolen passwords. Biometrics are also becoming more prevalent, combining factors like facial recognition, fingerprints, and behavioral patterns for stronger authentication. 

Matt previews some of the sessions he'll be leading at the upcoming Pax8 Beyond event, including a "wrong answers only" panel discussing controversial security topics in a lighthearted way. He emphasizes the importance of raising cybersecurity standards and continuous learning in the industry. 

In the second interview, Bobby Jacobs from Thread provides updates on their service experience platform since winning the PitchIT Accelerator program. They've rebranded their AI as "Magic AI" and released new features like the Planner for dispatchers, with a JIRA-like interface for scheduling tickets. Upcoming integrations include Time Zest for scheduling and Roost. 

Bobby discusses Thread's focus on providing a secure support experience through authenticated chat platforms like Teams and Slack. He also shares insights into the Pitch It Accelerator community and the coaching process for this year's participants.

Key Takeaways: 

  • Passwordless authentication and biometrics are the future of cybersecurity
  • Continuous learning and raising security standards are crucial in the industry
  • Thread's service experience platform is expanding with new features and integrations
  • The PitchIT Accelerator fosters a supportive community for startups in the MSP space

Episode Sponsor: Thread (www.getthread.com)

 

=== Show Information

Website: https://www.itbusinesspodcast.com/

Host: Marvin Bee

Uncle Marv’s Amazon Store: https://amzn.to/3EiyKoZ

Become a monthly supporter: https://www.patreon.com/join/itbusinesspodcast?

One-Time Donation: https://www.buymeacoffee.com/unclemarv

=== Music: 

Song: Upbeat & Fun Sports Rock Logo

Author: AlexanderRufire

License Code: 7X9F52DNML - Date: January 1st, 2024

Transcript

Welcome to the IT Business Podcast, powered by NetAlly. The episode that you are about to hear was filmed live in Orlando, Florida at IT Nation Secure, and is presented by Thread, last year's winner of the ConnectWise Pitch It Accelerator program. Thread's mission is to help IT service providers deliver service magic.

They do this by providing seamless and conversational service experiences for their clients. Their platform is transforming IT support with real-time collaboration and AI-driven efficiency. Experience the magic of seamless service with Thread.

Visit them at www.getthread.com. ♪♪♪ Hello, friends. Uncle Marv here at IT Nation Live with another episode of the IT Business Podcast. And that check-check you heard was a good friend, Matt Lee, with PAX8 in the house, walking by.

I said, man, sit. Check. And I sat.

It's been forever since we've had it. Probably two years, I bet, since we've been live or recorded together. Sounds about right.

Yeah. And actually, it was funny because I was, like, at another state. Yep.

Oh, that's right. We Zoomed. I forgot.

We weren't even in the same room, were we? We did a Zoom. Well, here we find ourselves. And I was at a client.

That's right. And they had asked me to stay an extra day. And I forget where you were, but you're always over the place.

Who knows? Anything. But we're both here live at IT Nation Secure, Orlando, Florida, the lovely Gaylord Palms Resort. Day three, closing it out, man.

How's it been for you? You know, this is like homecoming for me, right, Marv? I was a ConnectWise shop the whole time, 11 years of it. I was presenting with Continuum and with other things. So this is like all my friends, right? These are all the people that I know that I respect, that I've worked with over the years.

And then the other side of it is, for me, it's always just about the conversations and the hallway con, if you will, right? And it's just so good. On a personal note, I'm on a mission, right? It's about raising the tide. It's about us meeting some level of cybersecurity standard.

And everybody gets smarter every year, and they mature. And I, ah, yeah, it's been great, man, as a summarization. So I should let people know, if there are people out there who don't know who you are, I mentioned you with Pax8, the Senior Director of Security and Compliance.

Yes, sir. But you are known as like the most ethical of all hackers. That's fair, I suppose.

I don't know if that's, there's some gray probably in there. Yeah, ladies, but you're all about showing us, man, this is what you got to pay attention to. This is what's happening to your networks now.

Yep. Fix it or forget it. Grow, mature, or lose it, is your call.

Yeah, 100%. So now you're here in advance of next week's Pax8 Beyond. Yes, sir.

Which I assume that you'll be doing, what, multiple sessions there, all of that stuff? Yeah, I'll give you a little sneak preview, maybe a little bit. Yeah, we're doing the security track, is what I own a little bit of that, with Andrew Morgan and a couple others. And we've got some fun stuff cooking.

One of the ones that I would hate to see people miss, is we have a 7 a.m. breakfast session on day two, Tuesday. I know. But we're going to do wrong answers only.

We're going to talk about some tough topics like quantum and AI will save us. Really? And we're going to give wrong answers only and talk about it and bat it around. It's going to be a blast.

But yeah, I'm excited about the security track at Beyond. That sounds interesting. So you're going to ask a question and people have to intentionally give wrong answers? Yeah, so for example, let's say we're talking about, instead of us using MFA and strong passwords in that nature, maybe we're better off if we actually just stored one password and wrote it on a sticky note.

And what the purpose of it is, is really to kind of hyperbolize and laugh about all of the things people have actually said, the wrong answers to things. But we're going to have a panel of people only answering the wrong answers and arguing it for fun at 7 a.m. on the stage. And then the correct answers will be given by the venerable Wes Spencer as we wrap that up.

So it'll be a fun way to play with the problems we talk about. And some of them are salacious, like should I use SSO versus multiple strong passwords? Those get into some things that as a security practitioner, you've heard people give arguments that I think are wrong for some of those statements. I'll let you guess which one's right when we get down the path.

All right, we'll be there and do all that next week. So in terms of, well, let me just ask this weird question. Passwordless.

Yeah. That's the way that part of our industry is pushing us. You think that's truly going to happen? Yes.

What passwordless takes, at least in its current iterations as we think about it, is the sense of pass keys. Well, what is authentication, right? So we need to identify, authenticate, authorize, and audit. Those are I-triple-A.

Identify, as Marvin got it. He's identified, he's put in a username, he's presented himself in some way. Okay, authenticate.

Well, that's where we talk about MFA. Password, something I know, something I have, something I am, those three categories of those MFA. Well, password is one of those that is something that I can take a $5 wrench and make you give it to me.

When you think about what are pass keys, pass keys take away that password, but bring in something that is cryptographically, must be on this phone, or in this little physical device, and now there isn't something to steal from me. I can't take that password from me. You either have to have this and be in physical possession or not.

And so I think passwordless is the next extension of how we increase the capabilities of authentication, right, and is that really Marvin? So yeah, I think pass keys drive forward without getting too nerdy. It also makes it very, very hard when you're using FIDO protocol or other methodologies like that to phish. I can't steal that token in the middle.

It actually fails. And so the reduction of risk vis-a-vis not having passwords and usernames as simple methodologies is huge when it comes to what the benefits of a pass key or a FIDO token or something of that nature gives. All right, and then, of course, the next extension of that, biometrics.

Yeah, well, biometrics already play into some form of that, right? Because when you talk about something I know, we're kind of removing that a little bit. Maybe there's a pin on your FIDO token. That's something you know.

Removing something you know, something I have, my FIDO token, my phone, and biometrics are already part of it because it's something I am. Think about your iPhone holding your pass key or your Android if you're an Android guy. But if you're looking at it, I have to show my face.

I have to have my thumbprint. I have to have, so we are already mixing, mixed modal types to access that, right? So I have access to the device to then give me access to the TPM. That TPM gives me access to the nonce that allows me to sign in from that pass key.

So yes, Marvin, you're reading the tea leaves. We are adding more of those types of authentication as well outside of the password. And MFA doesn't say password and this and this.

It just says multiple factors. Multiple, yeah. Determine who I am.

And so it's a shift. And I could see biometrics being a part of it. There was a ring that had a FIDO token in it and you had to put your fingerprint on it first, authenticate, and then slide the ring on.

And then after that, it would always work, right? But if you took it off, it no longer works. So you're seeing biometrics be a part of a lot of these models. I've even seen methodologies where one of the pass key providers that are out there, I won't name names, actually does the heuristics of how Marvin uses his phone.

Like Marvin always swipes up with his right thumb halfway up the screen and then types this way. They're using those as additional biometrics to determine heuristically, is that Marvin or not? And they won't issue the pass key if it's not really Marvin. Even though they have the same phone, they have unlocked it, they have had biometrics to get there, they're saying, that's probably not Marvin.

Somebody else's wife's using his phone or somebody else is using his phone. Yes, thanks for getting me going. You pulled my string real good on that one, brother.

Thank you. Listen, I know it's easy. I know it's easy.

Now, listen, you got your wife, Kat, here. You guys extending the stay, doing Disney. I mean, you guys have been here so often, right? Well, it's not that, it's that for me and Kat, it's always this to this, to that, to that.

And so we're leaving here and going to Ohio. We're going to ride a charity bike ride on Saturday for 50 miles. And then I fly in on Sunday morning to Denver to do that.

And then fly home for a magical two or three days and then do it again. So, yeah. Always on the road, but.

It's a mission. That's right. But thank you very much for always being out there, being a champion, helping us out, guiding us.

Yeah, brother, ditto. In all ways secure. So good to run into you and I'll let you get going.

Thank you, my man. And thanks for hanging out and that's going to do it, folks. And we are done here at IT Nation.

And we'll see you next week at PAX8 Beyond. And until then, holla. Hello friends, Uncle Mark here with another episode of IIT Business Podcast.

And we are into day three of IT Nation Secure. And we are having a great old time. I'm back out on Radio Row outside of the Solution Pavilion.

And this morning, I have the privilege of presenting with the people that you see on the banner behind me. Thread, last year's Pitch It winner, is also the sponsor of our vendor profile shows for 2024. And I am joined by Bobby Jacobs.

Did I get that right? Head of growth at Thread. So, Bob, how are you doing? Doing good, Mark. Oh, hang on.

Gonna have to edit that out because I didn't have your volume up. All right, there we go. How are we doing, Bobby? Doing great, Mark.

Great to be here. Love to be sponsoring the podcast. Love everything you're doing.

Hanging out here for a few days, getting content out about all the awesome things vendors are doing here. It's been a great show. I appreciate it.

I enjoyed the rollercoaster of last year for your guys' Pitch It competition. Let me ask, how's life been since then? It's been awesome. You know, more and more MSPs that we get to help experience service magic.

We're on a service experience revolution. So ConnectWise has been a great partner through that. It's been a fun ride.

All right. So I'm trying to tell if you guys upgraded the garb. We did, we did.

So at IT Nation Connect last year, we were pilots, maybe a little confusing. Our AI was branded co-pilot, actually before Microsoft made it theirs as co-pilot. So it wasn't going to be a long-term costume play for us anyways.

We are pirates. Death to the Titan is the core of who we are. We did pilots for a minute to talk about our AI, but it brings up a good point.

We have rebranded our AI to be Magic AI. Hopefully there's not a Fortune 500 company that decides to name their AI Magic, but you know, we got threads, we've got co-pilot. Who knows? All right.

So let's talk about what has changed since then, because obviously, you know, you won the competition. You probably had to do a little, you know, world tour just to say hello to everybody and thank you and all of that. But in terms of the product itself, tell me if there have been any changes.

I know it's only been six months. Yeah, Marv, we have at least monthly releases. We are always focused on expanding that footprint of service experience.

There's a lot of things that the team at an MSP is responsible for doing, whether it's the service desk, the dispatcher, the level three techs, onsite management. And so when we think about the holistic experience of that team, something we've really been focused on is the dispatcher. So you may see last month we announced our planner release, which is for the dispatcher.

It's more of like a JIRA drag and drop type experience when they're putting tickets on people's calendars, and it all integrates back to the PSA. So if it's not a ConnectWise, it didn't happen, right? Right. But we're giving it this new interface with more of a like JIRA software type experience, making that dispatcher's life better.

Okay, so it's not the AI scheduling, it's still your dispatcher that's kind of manning the ship there. It is. Now, our AI is setting the category and the priority on every ticket.

Okay. So, you know, Mark, our CEO, likes to say, it's not hard to tell the future, it's just hard to do the future, right? And so like, obviously automated dispatch is something a lot of people want. Like when people see that we do auto category and auto prioritization, people are always like, hey, how far off is auto dispatch? Well, this planner release is a big step in that direction.

All right. And how far along do you think you are before the bulk of the users will be able to truly experience it? Yeah, so we announced it about a month ago at the Kaseya Connect show. We are about to come out with a Time Zest integration.

I'm kind of previewing that a little bit. Time Zest, really? That's right. So it'll be a part of this planner experience where you can just schedule time really easily through our platform with Time Zest.

And then, yeah, it should be available in production in the next few weeks. All right. I didn't think MSPs use Time Zest.

MSPs love Time Zest, Marv. Are you kidding me? Everyone has Time Zest. Oh my, okay.

What if, I mean, it sounds like you guys are going to integrate with just about anything out there. So, I mean, of course all the PSAs are probably, you know, tugging at your coattails there. Sure, yeah, you know, we don't have a long list of integrations today.

We're really focused on that experience and, you know, making the integrations with the PSAs really, really good. We do integrate with some things like IT Glue and Avik and some things where you want to bring the right context into the conversation of the configs and such. We are working on a Roost integration.

We're really excited about that. I mentioned Time Zest. To your point, there is a long list of things that it makes sense for us to integrate with.

You know, there's some things, SmileBat, Crewhu, a lot of low-hanging fruit that just make a lot of sense. But the nice thing is, because we're the conversational interface, you can already send links, send forms through our chat and have unofficial integrations. All right.

Let's see here. I'm going through the notes here. So service magic is still basically the core.

Magic.ai. Now, did you get the magic.ai site? We don't have magic.ai. So getthread.com is our main domain. We do have deathtotheticket.com. We have a lot of fun domains that you'll see us play with over time. I don't think we have magic.ai, though.

I would imagine that's a pretty expensive domain. It probably is. We should go look into it.

Yeah, well, let's see if Sean Lardo's got some more money to spread your way. It can't be that much to get. You never know.

You never know. So how has your experience here been here at Secure? It's awesome. You know, we don't talk about security a lot with our platform.

We're here because the people that we want to work with are here. But on top of that, chat is one of the most secure ways to provide support. Right.

The end user, especially when it's in Teams or Slack, is already authenticated. So you see a lot of people here talking about end user authentication, whether that's through SMS or 2FA. There's a lot of ways to do it.

If they're in Teams, they're already authenticated. So that's something that we're going to start talking more about. But, you know, IT Nation is an incredible platform and we want to work with the people that are here.

Yeah. And you guys got yourself a booth that's, it's not right at the front door, but it's pretty close. Yeah, we're in Startup Alley hanging out with PitchIT and Sean.

You know, we've got Defense X. There's, you know, Infima is a PitchIT contestant that has a proper booth. They're not hanging out with us. They're going a little bigger.

They have Uncle Larry as part of their team there. So, and actually, there he is down the hall there walking by. That's awesome.

Yeah, but you know, last year, NodeWare, VCO Toolbox, we're all in that same row. So it's cool as PitchIT's become, and it has been, but it's continuing to become more of a community and not just like this year competition. Yeah.

I'm in a Slack channel with the PitchIT contestants from this year, and it's really awesome to collaborate. It's kind of like a brotherhood to some degree, you know, kind of like being rookies in the, you know, the NBA or NFL, you know, you come in with certain people, you identify with them, you know, you're competing against them for 16 weeks, but you guys become pals. Yeah, yeah, absolutely.

And it's a lot more than who wins PitchIT or the money. It's, you know, the collaborations, helping each other, learning, and I give Sean a hard time that PitchIT, I don't think should be called PitchIT because that only encapsulates the very end of it when you're pitching against each other. Most of the program is more of an accelerator where you're learning how to start a business and help MSPs.

Yeah, I didn't want to get into that debate with him, but yeah, they need a better name, but I think he likes the PitchIT because he can rhyme it with other stuff. Yeah, and it's got the IT pun in it, which is always a good piece, but it's a great program. All right, well, I want to say thank you for stopping by.

Of course, thank you for being a sponsor for this year and look to do more stuff with you later. And are you guys coaching? We are. Yeah, I was on the first call with the PitchIT group for this year.

And then the coaching really comes into place when you have the three finalists, then you get in with your specific group. Right now it's more general, but absolutely pretty involved. All right.

I know I'm probably not supposed to ask this, but any favorites? No, I love, well, so I don't have any favorites, but I do think it's really cool that there's a lot of people in PitchIT this year that have already had successful runs with other companies. Like Larry, for example, walking by, right? There's a lot of really impressive people in the program. Yeah.

All right, well, look forward to it. I will be starting my interviews of this year’s; I hate saying contestants. It just sounds kind of weird.

Yeah, I don't know, members. There's got to be a better word out there somewhere. All the participants in this year's program.

And then of course, we'll look to catch up with you guys later on at Connect as we go through the final three and see how it goes. Awesome, thanks Marv. Thank you very much.

And folks, we'll be back with another interview on the last day here at IT Nation Secure in Orlando, Florida. Holla. 

Matt Lee

HTTPS://cybermattlee.com/media

Bobby Jacobs Profile Photo

Bobby Jacobs

Head of Growth

Bobby Jacobs is an experienced entrepreneur and growth leader who currently serves as the Head of Growth at Thread. With a background spanning multiple industries, Bobby has co-founded companies like REEcycle and Logo Clothing Co. before joining Thread.

At Thread, Bobby is focused on helping managed service providers (MSPs) deliver exceptional customer experiences through the company's innovative chat support solution. By integrating seamless chat channels with PSA ticketing systems, Thread enables MSPs to meet customers where they live while streamlining processes and reducing resolution times.

Bobby is passionate about leveraging technology, including AI and automation, to empower technicians, dispatchers, and support teams to work more efficiently and provide better service. His entrepreneurial mindset and growth expertise make him a valuable asset to Thread as the company continues to revolutionize the way MSPs engage with their customers.

Outside of work, Bobby enjoys outdoor adventures, reading, and spending time with his family. He is excited to share his insights and experiences on the IT Business Podcast.