Loading summary
A
Hello everyone, this is Tom Uren. I'm here today with another Risky Business sponsored interview. I've got with me today Shane Harding, who is the CEO of Devicee. G'day, Shane. How are you?
B
Hey, Tommy. How good. Yourself?
A
I'm well. So Devicee makes a platform that sits on top of Microsoft Intune and helps you manage all your mobile devices, phones, laptops, etc. And you sell to both managed service providers, but also enterprises that have their own IT shop and want to look after their own devices. And today we're going to talk about two big trends that you've seen in that kind of market. So it's the market where people know that they've got problems and want to solve them for those kind of mobile devices. So what have you really noticed?
B
Yeah, so there's two really interesting pieces. If I sort of start off with, I think the biggest macro trend that we're seeing sort of in marketing. It really gets down to the heart of the problem we've identified and the problem we've been looking to solve, particularly in the endpoint space. It's this transition, right, or move past the traditional software as a service model and into services software. And this is happening at a rapid rate where the focus has moved from delivering buttons and workflows, which often trap organizations and they have to build teams around getting the software to work into actually delivering outcomes. Now, the key ability here, right, and why this is happening is it's the ability to infuse workflows and codified knowledge and then automate the process to drive an outcome. This is a huge step change. And we think personally, right, and we're betting, you know, sort of everything on it, right, that this will redefine how we personally think about how we interact with software and how soft interacts with us in the workplace moving forward.
A
Yeah, yeah. So I guess my interpretation of what you've said is Risky Business does product demos and quite often on a product demo, you have this ubu amazing product and they are generally good, but there's always a user interface which is pointy clicky. So you're telling me the problem is that there is a user interface that is pointy clicky.
B
So yes or no, the problem sits in the fact that there's just too many clickies, right? It's like instead of actually solving the problem, we just add another button and as this happens, and then organizations integrate these platforms and these pieces of software into their organization and then their teams almost become slaves to the grind of running the software as opposed to focusing on running the business. And so it's interesting, right, you sort of have these conversations sort of more broadly, and you often ask sort of business owners and you, you ask them, have you designed and defined your processes? Are you actually running it off the back of the SaaS software that you've integrated? And if they sort of take a long, hard look at it, Right. They actually start to realize that actually a lot of their business process is designed by the software that has been put in and the teams that they built around it to run it.
A
Right. And so the trend here is what, those interfaces go away and you have fewer buttons to point or how does that work?
B
Yeah, so we think it also works in two ways, I think. Yes, you're exactly right. I think there'll be a consolidation around the software space, right. Where a lot of point solutions will end up becoming less relevant and there'll be these key foundational platforms that organizations build around for us. And if we sort of have a look at the cyberspace and endpoint in particular, Microsoft's Intune is a key one for this. It's the best, most powerful endpoint management system sort of on the planet. Gartner, top right. It's incredibly, incredibly powerful, but incredibly complex. As an example.
A
Right. So just, it'll help you manage like iPhones, phones, Android devices, laptops, computers. It does everything, right?
B
Exactly, yeah. Across the board, across device, mobile desktops, actually you can also manage pointer service solutions, kiosks, et cetera. And so it really just manages all sort of endpoints, particularly that are interfaced with the user. And so you have this as a foundational platform, incredibly powerful, but incredibly complex to use. Right. Because of the power that it has. Right. And so there's thousands of configuration policies and settings that you can all interact with each other at any point in time. And then you take that with the complexity of the changing environment and updates and the complexity inside of an organization, and then the need to show up every single day to keep that system up and running and humming. Right, right. With a resource squeeze, where you have people in organizations that are working these IT teams who do a ton of work but have an endless to do list. And what we end up with is a situation where there's just not enough time in the day. In the market and in cyber in particular, we often like to talk about new frameworks, new tools, the latest and greatest, the shiny objects. I often like to think about this in terms of a medieval castle. Right. So we sit there and you've got the king, you've got the queen, you've got all the generals and they're sitting in the turret at the top, right. And they've got all these lasers around them, they've got screens, they've got drones, they've got cameras, they've got all these like bells and whistles and they've got these confused look around their face because the barbarians are just running all over the castle and they have no idea where and why. Until you turn around and you realize the drawbridge is down. Right. And that drawbridge is down because you've got two or three people who are sitting there trying to maintain the drawbridge, trying to lift it up, trying to roll it through, trying to read the instructions while they're getting completely overrun. And so when we sort of talk about where we focus, most vulnerabilities sit in the fact that there's an unmanaged device, something's not updated, it hasn't been patched. Doing the basics and doing them consistently and doing them at a scale ends up becoming really hard. Particularly when the work that we do and the demands that are put on us pull us in a whole bunch of different directions. And so when we think about how software as a service has sort of let us down, it's given us 1,000 buttons to press. Right?
A
Right.
B
But hasn't helped us understand what buttons to press and in the way they need to be pressed to ensure that the outcome that we want is achieved. And the shift then becomes that services software allows us to codify the world class knowledge and something we're doing at Devisee needed to understand what the workflow needs to be so that the organization can achieve the outcome. But then the benefit is that once we've achieved that ideal outcome, we can then maintain that outcome indefinitely and then build on that foundation. So we avoided drift because you can have the constant automation running in the background, keeping you in that ideal state and then providing collective visibility across, in our example, your endpoint, fleet. Right. Understanding exactly where everything is at and how things are shifting in the environment. And so, you know, when we think about this, it's like we want to swap buttons and workflows for actual control and clarity. And that clarity and control infused with automation drives efficiency and better outcomes. And then we can end up with, I guess, the panacea.
A
Right.
B
Of secure devices and productive teams without the conflict that happens.
A
Right. So just to paraphrase, it seems like you're seeing this big shift away from workflows that you have to maintain every day to workflows that are kind of set and forget until the environment changes. And so then if you need a person to analyze and make changes, then you would do that. And then it's again set and forget until you see that something has changed. Is that a fair summarization?
B
Yeah.
A
Yes.
B
And we can take it even a step further. Right. We can have these automated and sort of knowledge infused workflows. Right. Working in the background, but then the workflows or agents right underneath that are running these workflows can then identify anomalies or proactively react to things that are happening in the market and then alert the IT manager CIO to these problems. So then they know when to take a problem. Right. Something we often hear in the market is I just wish I didn't have to be so reactive.
A
Right. So it's not really set and forget, it's more set and alert or set and monitor. So there is a sort of feedback loop that helps you stay on top of what you need to do.
B
Absolutely spot on. So it's this idea of getting to the right state, keep it in the right state and then build on that as your business evolves and as the market evolves and then provide you with the information that we need and find the signals through the noise. Right. So you can kind of move forward.
A
Great. So there was a second big shift and when you were talking to me just before we started recording, this actually really did seem very significant as well.
B
Yeah. And it's somewhat related right into this because we actually think that in order to take the most advantage of this shift that I'm about to sort of, you know, sort of speak through and it's Microsoft sort of push into the SME space with a real hyper focus on security. The organization that can be best placed to take advantage of this are going to be the ones that can find efficiency and to free up these incredibly valuable but time poor resources to move upstream and provide that additional value. So what are we seeing? And I think that people in the market currently aren't paying enough attention to it. Right. Well, Microsoft has recognized and is dubbing down on SMEs which is going to accelerate consolidation around the Microsoft technology stack, which is something we're already seeing as a big trend as people try to get off a whole bunch of the point pollution solutions. That funny kind of a Freudian slip, I guess. Point solutions, point pollutions. But the bulk that really happened over Covid and everyone's wanting to simplify their lives again as we sort of spoke about down to these really core Platforms that they can kind of build their businesses on top of. Now, if we sort of take a step back and lay the foundation of why this shift for Microsoft, focusing on SMEs is so important and what it's going to do to the security space, let me just paint the picture of how big this market actually is. So from an SME perspective, let's define that as 500 seats and under, or we can even go 300 seats and under. That's 98% of businesses worldwide in the US alone, that's 34 million companies. Right. This is an enormous, enormous market. 43% of them have indicated from internal Microsoft surveys that they want enterprise grade software. And compliance is a major component and concern for them in terms of how they stay protected.
A
Grade security software.
B
Oh well, yeah, so that was the wording that was used. But I think what they really think is how do we get compliance? Right, right. How do we stay compliant, how do we keep our user safe, our data safe, our company safe? Right. We don't understand this space. Right. And this is why as well, 80% of these businesses rely on MSPS to fill in this gap. They know they have a gap, they have a security gap. And there's a need and a want to fill this. Now, up until, I mean, a month ago, these organizations who are already in the Microsoft ecosystem, utilizing all the Microsoft tools, Windows, Word, maybe having the devices managed on intune, we'd have to look elsewhere in order to get security.
A
Right, Right. Microsoft just didn't sell it to them.
B
Just didn't sell it or they'd have to upgrade right through the ranks into the enterprise plans, which became incredibly expensive. And so a month ago they announced that for $12 extra a month, they're going to be able to bundle in the E5 security into business premium licenses. And so without getting into the details, this sort of opens up Entra P2 and sort of all the Defender suite, which gives them really advanced enterprise grade security. Right now for that call it SME or small mid market. And we see this as an absolute massive shift. Now we know from a history from Microsoft as they bundle, this isn't quite a bundle. Right. But it moves the market. And we're already seeing organizations that we work with and MSPS in particular, getting ready to take advantage of this massive swell of people who are coming in and asking why am I not getting better value out of my Microsoft license? Why do I have all these other tools and how can I consolidate down? And this is just another reason for them to try to drive into that.
A
Right, right. So the LinkedIn page I see about this, it says that a premium business license is $22 per seat per month and the security add on is an extra $12 per seat per month. So it's actually like 50% more. So it is quite significant. Right, but you still think that it's. Would you call it a no brainer? Why is that?
B
Yeah, it's interesting when we look at it in isolation, I think the price is like, oh wow, 50% more. But when we think about what a lot of these businesses are already playing for other solutions that are fragmented or if the MSPS are providing other solutions to these organizations. Right. And this is causing a fragmented technology stack as well. And the inefficiency that involves within that. What you'll see is that $12 very, very quickly actually becomes a revenue saving or an OPEX saving for the business and then an efficiency gain off the back of having a collected and consolidated stack across one, as we said, sort of major platform. And then particularly if you can then start to think about how to then automate across all of these stacks. Right. To get, as we sort of spoke about that complete visibility and clarity of what is happening across their environment, the control and then the efficiency that's driven through automation.
A
So I guess these two big shifts kind of play together in that what you're seeing is that more and more SMEs will have both a common operating system and also a common security system or security platform, whatever. And that'll allow other software, service as software, so services delivered by software to really be able to scale and be deployed in a lot of different places. Because it's just one massive playing field instead of a really diverse ecosystem of solutions.
B
Yeah, it sort of sits in two veins. The people who want to sort of commit to the Microsoft side of things, obviously there's a huge play. Right. And the people who want to sit sort of outside of that ecosystem to just have a look around their shoulder and know that it's coming. We believe in a diverse ecosystem. We're not pushing a sort of a, sort of a single piece, but it's important to understand what's happening in the space and the fact that the sights are very, very soundly set on the SME market. And then when we shift that into why the services software revolution is going to be so powerful is because the biggest constraint to what I would say is meaningful and foundational security is really a lack of resources and time. Right. An endless to do list, you know, reacting to fires and just like the malls that pop up, bang, bang, bang, bang, bang, right? Like we struggle with that and people are overwhelmed, right? Just waiting for where they're going to get caught out and be surprised. And when we have a look at where services software is going, we're able to in a lot of ways and if I sort of stretch it, get to a point where every organization can have what is the equivalent of a world class digital employee or agent obsessively focused on a single area, ensuring that it's not only in the best state, but it's kept in that state on an ongoing basis. And then when there's a decision to be made about something, the decision makers or the people managing the broad sort of infrastructure and ecosystem are alerted and then are able to make that decision in a proactive manner. And so we're starting to see this out, right? You know, some of the feedback we've had from like MSPs and sort of the mid market that we serve is they've had 80% efficiency across sort of managing their intune environment. Their endpoints are more secure, the users are more productive, the devices are performing at a better rate and their team have freed up their time by over 80% to go and work on other key issues because that to do list just, you know, never seems to get shorter.
A
Well, that sounds actually like a wonderful new future. So it's nice to have some positive news. So Shane Harding, CEO of Device, thank you very much, I appreciate it.
B
Tom, thank you so much for these, huh?
Risky Bulletin - Sponsored Episode: Two Big Shifts That Will Change Security
Release Date: April 20, 2025 | Host: risky.biz
In this insightful episode of Risky Bulletin, host Tom Uren engages in a compelling discussion with Shane Harding, CEO of Devicee. The conversation delves into two transformative trends poised to redefine the cybersecurity landscape. Here's a detailed summary capturing the essence of their dialogue.
Shane Harding kicks off the conversation by highlighting a significant macro trend within the cybersecurity market:
[00:53] B: "It's this transition, right, or move past the traditional software as a service model and into services software."
Harding explains that the industry is shifting from merely providing software functionalities ("buttons and workflows") to delivering tangible outcomes through services software. This evolution emphasizes the automation of processes and the infusion of codified knowledge to drive efficient and effective results.
He further elaborates:
[06:00] B: "Services software allows us to codify world-class knowledge and automate processes to drive outcomes, maintaining the ideal state indefinitely and providing collective visibility across the endpoint fleet."
This shift aims to reduce the reliance on manual interactions with complex user interfaces. Instead of navigating numerous buttons, organizations can achieve greater control and clarity through automated workflows, enhancing both security and operational efficiency.
The second major trend discussed revolves around Microsoft's recent strategic movements targeting the SME sector. Harding underscores the significance of this shift:
[08:41] B: "Microsoft has recognized and is dubbing down on SMEs, which is going to accelerate consolidation around the Microsoft technology stack."
By bundling advanced security features, such as the Entra P2 and Defender suite, into more accessible business licenses, Microsoft is making enterprise-grade security solutions available to a broader range of businesses. This move not only simplifies the technology stack for SMEs but also addresses their pressing need for compliance and data protection.
Harding notes the market implications:
[12:05] B: "The $12 add-on might seem significant, but it quickly becomes a revenue and OPEX saving by consolidating fragmented solutions into a unified platform."
This consolidation enables SMEs to achieve higher efficiency and security without the complexity and cost of managing multiple disparate tools. Additionally, it fosters an environment where services software can thrive, enabling scalable and automated security solutions tailored to smaller organizations.
The convergence of these two trends—services software and Microsoft's focus on SMEs—has profound implications for the cybersecurity ecosystem:
Efficiency Gains: Organizations can automate routine security tasks, freeing up valuable IT resources to focus on strategic initiatives.
Enhanced Security Posture: With consolidated and advanced security tools, businesses can better protect against vulnerabilities and manage compliance requirements.
Opportunities for MSPs: Managed Service Providers can leverage these shifts to offer more integrated and effective security solutions, addressing the needs of a vast SME market.
Harding summarizes the envisioned future:
[15:51] B: "Every organization can have the equivalent of a world-class digital employee ensuring their systems remain secure and productive, all while freeing up human resources to tackle more critical issues."
In conclusion, the episode underscores a pivotal transformation in the cybersecurity domain driven by the evolution of software delivery models and strategic market focuses. Tom Uren and Shane Harding illustrate how these shifts not only enhance security outcomes but also streamline operations for businesses of all sizes.
[16:01] B: "Thank you, Tom, for these insights."
Listeners gain a comprehensive understanding of how embracing services software and aligning with major platform providers like Microsoft can lead to more secure, efficient, and resilient organizations.
Key Takeaways:
For those navigating the evolving cybersecurity landscape, this episode offers valuable perspectives on leveraging emerging trends to bolster security and operational excellence.