3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48

RWS_Q3_22

VOLUME 2 ISSUE 3 | Q3 2022 | rwsmagazine.com Sponsored by A Hybridized World Remote Work V.2 API Security Dilemma FIDO FUD CC AGENT EXPERIENCE RMM BUYERS GUIDE Scan to Register for

Enable hybrid workers. Simplify IT. Modernize the delivery of secure cloud desktops and apps with Ericsson Wireless Office. Much more than traditional VDI and DaaS, without the complexity. Request a demo today. 833.991.9679 | wo-partner@ericsson.com #wirelessoffice

REGISTER YOUR OPPORTUNITY TODAY #ChannelChampions Why partner with CallTower? At CallTower our partners are our family. We know the secret to our success is our partners, providing great support to your clients and making your relationship with CallTower financially rewarding Register your deal today and start earning 300% Commissions! TERMS & CONDITIONS 300% spiff requires a minimum of a 36-month term. More than $3,000 monthly minimum revenue commitment is required to qualify. Monthly Recurring Charges are not eligible for discount. Non-Recurring Charges are not eligible for discount. Maximum SPIFF payout is capped at $30,000, or $10,000 of eligible minimum revenue commitment x 3. Accounts that do not meet those qualifications may be eligible for a reduced spiff, between 75% and 150% of the Monthly Recurring Charges. Over $3,000 MRR with discounting on MRC’s or NRC’s = 150% and Under $3,000 MRR = 75%. Existing accounts do not qualify for SPIFF; must be initial order from new logo clients. No Spiff is paid out on Network, SIP Trunks, Circuits, Usage, Equipment (including handsets and headsets) and Contact Center Solutions. Spiff will be paid out approximately 60-days after the first full billing invoice. Must be billing 90 days after contract execution date; exception is when CallTower cannot provision customer due to issue not related to Partner or Customer. CallTower reserves the right to charge back SPIFF at any time if the customer cancels prior to contract expiration date. SPIFF may not be combined with any other promotions or SPIFFs. CallTower, Inc. reserves the right to alter these terms and conditions without notice as the company sees fit. ONLINE PROVISIONING IN Cisco Webex Voice Solutions UCaaS Solutions Contact Center Solutions Conferencing & Collaboration Network Optimization COMMISSIONS + RESIDUALS

8 26 14 30 12 CONTENTS VOLUME 2 ISSUE 3 | Q3 REMOTE SECURITY 8 Identity or Authentication The risk of the ‘passwordless’ approach By Brady Hicks 12 The API Dilemma How to secure what you may not even see By Brady Hicks 14 A Unified Front Consolidated security could become key to peace of mind By Brady Hicks REMOTE CONTROL 16 Destination Desktop The post-pandemic journey to modern desktop delivery By Dan O’Farrell 18 20 Reasons to Give Managed VDI a Try By Val King REMOTE INTELLIGENCE 22 NHC’s Position in the Evolving Work Landscape A conversation with co-founder, Steve Gibbs By Brady Hick 26 Remote Work V.2 It’s a hybridized world By Martin Vilaboy REMOTE RESOURCES 30 ‘Great Resignation’ Resistor Stanford study shows hybrid work lowers employee attrition By Bruce Christian 34 The New State of Contact COVID changed contact center agent experience (probably) forever By Bruce Christian REMOTE NETWORKS 38 Regaining Control Buyer’s Guide to Remote Monitoring & Management Software By Martin Vilaboy REMOTE PREMISES 45 Virtual Workspaces Must Transcend Zoom and VR Headsets By Adam Riggs 6 Letter from the editor 46 Advertiser index 46 Contact RWS 4 REMOTE WORK SOLUTIONS rwsmagazine.com

We proactively monitor the dark web for compromised account data. The sooner end-users are notified of a breach, the sooner they can change their passwords. DARK WEB MONITORING Unlimited and Automated. Routine simulated phishing has been proven to minimize the risk of end-users falling victim to a malicious phishing attempt. AUTO PHISHING Weekly 2-minute microtraining video & short quiz combined with a monthly security newsletter keep cybersecurity short, engaging, and interactive. CONTINUOUS EDUCATION Security policies and employee acknowledgement are key to establishing expectations and explaining repercussions to protect your organization. WRITTEN SECURITY POLICIES We identify the human vulnerabilities and their related risks. Based on NIST standards, our Security Risk Assessment (SRA) is a yearly free audit of your organization. YEARLY SECURITY AUDIT INNOVATIVE CYBER-SECURITY SOLUTIONS Our Breach Secure Platform uses innovative cybersecurity training methods, dark web monitoring, phishing simulations, and yearly NIST security audits to build your employees from the weakest link to the strongest defense. Happen Because of an Untrained Employee Threat Protector helps turn your weakest links into your strongest assets. www.threatprotector.com Are your company assets in danger? Get a complimentary dark web scan to find out if any of your employees' credentials have been exposed.

Martin Vilaboy Editor-in-Chief martin@bekabusinessmedia.com Bruce Christian Senior Editor bruce@bekabusinessmedia.com Brady Hicks Contributing Editor brady@bekabusinessmedia.com Percy Zamora Art Director percy@bekabusinessmedia.com Rob Schubel Digital Manager rob@bekabusinessmedia.com Jennifer Vilaboy Production Manager jen@bekabusinessmedia.com Berge Kaprelian Group Publisher berge@bekabusinessmedia.com (480) 503-0770 Anthony Graffeo Publisher anthony@bekabusinessmedia.com (203) 304-8547 Beka Business Media Berge Kaprelian President and CEO Corporate Headquarters 10115 E Bell Road, Suite 107 - #517 Scottsdale, Arizona 85260 Voice: 480.503.0770 Email: berge@bekabusinessmedia.com © 2022 Beka Business Media, All rights reserved. Reproduction in whole or in any form or medium without express written permission of Beka Business Media is prohibited. RWS and the RWS logo are trademarks of Beka Business Media Results from a recent report on worker productivity presented by Robert Half Talent Solutions might hold interesting answers to some of the trickiest questions surrounding hybrid work schedules: determining which days workers come into the office and who makes that decision. For starters, the data suggest workers are productive at similar rates throughout the day and the week whether they are on-site or remote. And remote working hasn’t had much impact on the times and days people are most and least productive. Results from 2022 are consistent with a similar survey conducted in 2019, before the rise of remote and hybrid work, said the researchers. If anything, we are shifting more of our workloads to Mondays (and we’re likely doing more during the weekends), with Monday mornings, in particular, being the most productive time of the week. The pinnacle of productivity appears on Mondays among in-office workers, at 46 percent, followed by Mondays among at-home workers at 40 percent. That seems to be in some conflict with the common scheduling practice of Mondays being a remote day, with Tuesdays through Thursdays being the primary in-office days. One could make a case for the idea of bringing employees together into a collaborative space during the moments of peak productivity, to build a type of collective productivity, with lower-productivity minutes being better suited for remote work, where employees can be productive at their own pace. In other words, Mondays and the early part of the week should lean more toward in-office, with remote days coming later in the week. Going even a step further, rather than limiting things to hybrid work weeks, what about hybrid work days? In such a scenario, hybrid employees could come together in the office during their most productive morning hours, returning home for lunch and then booting back up and logging back on during that post-lunchtime second wind. Or maybe they take a longer lunch and work into the late evening. It’s all about worker flexibility, right? The upshot is that workers would be brought together and on-site primarily during their most productive hours. During the least productive hours, the data shows very little difference whether one is at the office or at home. If nothing else, the worker productivity analysis suggests there are certain days and times that workers should be asked to come into the office rather than allowing each individual employee to randomly choose when they work on-premises and when they work remotely. Hybrid’s ‘Which Day’ Dilemma ! How will you approach SASE technology selection? If your employer decides not to oŒer opportunities for you to work remote some or all of the time long term, how likely would you be to look for opportunities for employment with other organizations? Source: Gallup 44% 19% 19% Separate vendor for networking and security Single vendor for networking and security Consumer via an MSP or Telco Exclusively remote % who chose “extremely likely” Hybrid On-site 37 60 19 29 11 15 June 2021 June 2022 Most Productive Day for Workers Source: Robert Half 46% 40% 35% 25% 11% 12% 6% 7% 6% 43% 31% 20% 13% 11% 5% 6% 5% 12% 29% 27% 5% 5% 4% MON TUES WED THURS FRI SAT+SUN MON TUES WED THURS FRI SAT+SUN Remote In-o‘ce 2019 2022 Most Productive Ti e of Day for Workers Source: Robert Half 6-9 AM 9 AM-12 PM 12-1 PM 1-4 PM 4-6 PM 6-9 PM 9 PM-12 AM 31% 66% 10% 36% 14% 4% 3% ! How will you approach SASE technology selection? If your employer decides not to oŒer opportunities for you to work remote some or all of the time long term, how likely would you be to look for opportunities for employment with other organizations? Source: Gallup 44% Separate vend r for networking and security % Exclusively remote % who chose “extremely likely” Hybrid On-site 37 60 19 29 11 15 June 2021 June 2022 Most Productive Day for Workers Source: Robert Half 46% 40% 35% 25% 11% 12% 6% 7% 6% 43% 31% 20% 13% 11% 5% 6% 5% 12% 29% 27% 5% 5% 4% MON TUES WED THURS FRI SAT+SUN MON TUES WED THURS FRI SAT+SUN Remote In-o‘ce 2019 2022 Most Productive Time of Day for Workers Source: Robert Half 6-9 AM 9 AM-12 PM 12-1 PM 1-4 PM 4-6 PM 6-9 PM 9 PM-12 AM 31% 66% 10% 36% 14% 4% 3% 6 REMOTE WORK SOLUTIONS rwsmagazine.com

SECURE REMOTE NETWORKING BUILT TO ASTOUND To learn more, visit us at: astoundbusiness.com Virtual Office from Astound Business Solutions. The rise of remote options for employees requires a cloud-based, integrated communications platform that delivers a seamless work-from-home environment. That means minimizing hassles for your workforce while maximizing peace-of-mind for your IT administrators with an easy-to-deploy turnkey solution that ensures compliance. Virtual Office extends SD-WAN to the home and helps you maintain control of your network environment— wherever that network happens to reach. With a new name that reinforces our legacy of providing reliable, nimble network solutions from coast to coast, Astound Business continues to be your trusted partner to deliver a secure and consistent network experience for remote employees.

By Brady Hicks Identity or Authentication The risk of the ‘passwordless’ approach SECURITY With traditional logins come inherent problems. Remote users can grow weary from having to manage, remember and update their credentials. They may turn to dangerous shortcuts such as password re-use and sharing. It also can become difficult for businesses to track their teleworkers’ activity, monitoring for bad habits that may expose the corporate network – or worse. Then, there are the malicious bad actors, constantly scanning an expanded attack surface in search of any new opening to exploit. For many, such as the Fast Identity Online Alliance (FIDO), the answer has been to advocate for total elimination of passwords in favor of truer verifiers of identity. Under this type of system – which is set to be supported by FIDO partner platforms such as Microsoft, Apple and Google – users would have to verify that they are who they say they are, via a unique pin, pattern or personal biometric identifier, often on a separate device. For many, however, the risk is far too great. According to Julia O’Toole, the founder and CEO of MyCena Security Solutions, FIDO’s recommendation to eschew passwords promotes a dangerous precedent that blurs the very lines between access and identity. Instead of critical corporate data falling to risk, it may in fact be your workers’ own identities at stake. “In the physical world, the difference between applications is straightforward,” wrote O’Toole, in a piece for www.globalsecuritymag.com. “Your identity is used to identify yourself … not [to] automatically give you access, just validates that you are who you say you are … Moving into the digital world, people lose their reference points and start mixing the two.” And this reality, she continued, “has led to the current state of digital insecurity we live in.” O’Toole contends that biometric identifiers provide strong verification but are in many ways far too personal. While it is easier for the casual criminal to uncover a password than, for example, a fingerprint, facial scan or voice, the stakes are considerably Julia O’Toole, founder & CEO, MyCena Security Solutions 8 REMOTE WORK SOLUTIONS rwsmagazine.com

For More Information, Contact Your Fusion Connect Channel Manager Industry’s Best and Most Comprehensive Service Guarantee Customer Satisfaction ©2021 Fusion Connect, Inc. All rights reserved. Fusion Connect Service Guarantee INSTALLATION GUARANTEE Fusion Connect will meet the agreed-upon installation date(s) for UCaaS and/or SD-WAN services. If the targets are not met, the customer is credited with one month’s MRC for the service. 100% UPTIME GUARANTEE A 100% uptime guarantee for customers who purchase both UCaaS and SDWAN, or Fusion Connect provides a credit. RATE LOCK GUARANTEE Rates for Unified Communications and SD-WAN services will not change for the life of the customer’s contract. FUTURE-PROOF TECHNOLOGY GUARANTEE Ongoing upgrades to the next generation of UCaaS and SDWAN technology will be implemented at no additional cost. CUSTOMER SATISFACTION GUARANTEE Customers will be satisfied with the quality of our Unified Communications (UCaaS) and SD-WAN services, and any issues will be resolved to their satisfaction, or the customer may cancel the service(s) without penalty.

higher. The issue is a delicate balance between your information’s security and your staffer’s privacy. According to O’Toole, the risk is that biometric information could fall into the wrong hands. Whenever you’re collecting sensitive data for verification, there is always the risk that it could be intercepted. And based on the idea that a biometric identifier can be intercepted, it can also be used for anything from accessing sensitive financial and other personal information, stealing an identity or committing any other number of scams. Compounding the issue are the facts that compromised biometric information can be used across multiple personal and corporate accounts; there is a constant threat of identity or physical theft; and your employee’s biometric identifiers are uniquely theirs and can never be changed if stolen. With so much at stake, what is the answer? In a separate interview, O’Toole noted that today’s businesses need a savvy, multi-pronged plan of attack that goes beyond traditional passwords, while not going so far as storing such unique, sensitive physical data. Segmenting Systems O’Toole argued that one of the most effective ways of keeping your network information (and remote employees) safe is a technique known as segmentation. Network segmentation is a physical or virtual approach that divides the system into multiple, tiered, accessible areas or “segments.” The best part is that each segment can act as its own sub-area, extending extra layers of security and control as needed. Think of it like peeling back the layers of an onion. By establishing separate perimeters around different pieces of information, O’Toole believes that you can help to cut back on most forms of risk. Segmentation can help to restrict access to multiple devices, stored information and other applications, all while also limiting or eliminating any communication between networks. This is, of course, a multi-tiered approach. Organizations should turn to firewalls to block the wrong traffic, while allowing access to that which is needed. At the same time, by streamlining your corporate policy and practices, remote employees face fewer questions about their own habits. These resources allow you to better oversee the types of access and traffic that your corporate network encounters. Password Management Alongside the idea of extending resources to your workers, it helps to enforce your own password-management rules for those employees. In particular, this includes mandating regularly scheduled password changes and eliminating reliance on previously used credentials. It is also assistive to create specific parameters around your workers’ logins, including: • Minimum of 8-12 characters. • Containing multiple character types. • Limiting login attempts to five tries. • Setting a backup email account for cases where one is locked out. • Options to reset credentials at any time. Of course, the key to all of this is enforcing proper authentication among your users, as this can ultimately be preventative of allowing password sharing in any form. Staying SAFE Companies should also consider employing proper SAFE authentication. The concept here is to demonstrate that the user (a) is who he or she says they are, and (b) has permission to view the informational tier to which they are attempting to gain access. Traditionally, this is accomplished by combining the above password-management techniques with multi-factor authentication (MFA). “There’s a big confusion in business, in general, between authentication and identification,” said O’Toole in her interview. “The confusion has really created a mismatch of solutions, which amplify the problem of access insecurity. So, when it comes to authentication itself, the misconception about passwords is that you actually need to know them. “No one,” she concluded, “needs to know a password ever.” In other words, turn to automatically generated logins that are unique, frequently change and validated by another type of verifier. While FIDO’s plan, at first glance, appears a convenient way to ascertain proper login, there are many who are concerned about what it ultimately represents. Your employees’ actual identity should belong exclusively to themselves. They’ll need it for everything from applying for a passport, opening and maintaining a bank account, traveling, taking out a personal loan and so much more. The goal is to identify who is logging in without risking every piece of sensitive information that is so unique to only them. In O’Toole’s own words, use a physical house key as your example. “Identity is used to identify yourself, for example, when you cross a country border. It does not automatically give you access, just validates that you are who you say you are,” she noted. “Your front door doesn’t recognize your identity; instead, you use your keys to unlock access.” No key, she continued, “simply means no access, regardless of who you are. Using common-sense, companies would hand over keys to employees needing access, and take them back when they leave.” J SECURITY 10 REMOTE WORK SOLUTIONS rwsmagazine.com

For many companies, APIs (application programming interfaces) allow them to more easily share data and streamline app development. This software go-between provides accessibility for applications to interact with one another. Whether you’re accessing work software from a mobile device, sending a message or checking your social media, you’re – even unknowingly – using an API. Many businesses employ this technology to make information and functionality more available to internal staff, partners and third-party developers, allowing them to seamlessly communicate across multiple applications. The problem, unfortunately, lies just beneath the surface. According to recent data, instances of API-based attacks have outpaced actual API traffic growth. Salt Labs recently noted that – despite a three-fold increase in using them – API attack instances increased by 681 percent, year-toyear (2021), with a staggering 95 percent of businesses experiencing some form of dangerous incident. “We moved from a model where tracking APIs and swagger files was enough,” said Curtis Simpson, the chief information security officer for IoT security company – and Salt partner – Armis. “We needed to continually build APIs in a rapid manner, monitor those APIs to ensure that they were protected [and] being used in a sound capacity … and to safeguard those APIs against potential exploitation.” In today’s climate, the demand for such WAAP (web application and API protection) functions has become huge, with Gartner noting that 40 percent of companies believe that “advanced” API will be their top concern in selecting third-party services by 2026. While there are many convenient benefits to using this technology, it is increasingly apparent that the dangerous potential for security incident should not be ignored. How, then, can your organization move to ensure data remains safe, despite the very necessary reality of having to rely on APIs every day? Stay Proactive Like most forms of security, success is contingent on remaining aggressive rather than reactionary. Options such as web application firewalls and malware scanners can play a hand in helping to keep your information safe, but they can also at times fall short. “Traditional security solutions only scan traffic … looking for anomalous behavior,” noted Filip Verloy of SC Media in a recent report. “Organizations should invest in modern API security solutions that identify API misconfigurations and also leverage AI (artificial intelligence) and ML (machine learning)-based models The API Dilemma SECURITY rwsmagazine.com By Brady Hicks How to secure what you may not even see 12 REMOTE WORK SOLUTIONS

to intimately understand how APIs behave in real-time.” Verloy recommended owning your API security infrastructure, albeit not in the manner that you would expect. Organizations should actively work to identify and address vulnerabilities in the same way that they should remain hands-on in creating and managing their APIs. This measure helps to prevent potential holes from becoming worse, thus helping to reduce or eliminate possibly devastating API exposure. Consider Cloud In its aforementioned report, Gartner estimated that 70 percent of all businesses will turn en masse to cloud-based protection service options over traditional WAAP software during the next two years. Although this option is by no means the catchall solution that many would hope, the prevalence of cloud-based security alternatives continues to make them an effective choice for many organizations with fewer resources or limited technical understanding. Cloud services, after all, are designed to take the day-to-day management onus away from the subscriber in favor of an outsourced services provider’s care. Plus, their very nature allows them to be constantly, automatically updated to better address the latest and most pressing known threats in the sector. API Management/ID If your business doesn’t have a clear view of its APIs and how they function, then it is very difficult to prevent information breaches, stem the attacker tide and maintain your bottom line. SC Media noted that companies are either unaware of – or fail to manage – as much as 30 percent of the APIs that they use. For this reason, modern organizations need to take any necessary steps in order to minimize dangerous issues such as misconfigurations, suspicious activity and outright cyberattacks. Particular recommendations include becoming more aware as to how your information flows, tracking and cataloging API info/metadata and classifying this information in a tiered, threat-level ranking system. By striving to accomplish this, your business becomes better equipped to not only be aware of configurations but to identify improper and weak ones that expose the API, and thus your data. Like many other areas, API security concerns will only mutate with time. By focusing on understanding the nature – and underlying context – of attacks, today’s organizations can become more adept at handling how their APIs are used and, in way too many cases, misused. Staying ahead of the day-to-day emerging trends in cybersecurity – and API security in particular – is by no means an easy endeavor. Shifting activity and constant, emerging threats are enough to confound most companies that are left to their own devices due to insufficient resources. Still, there are options available. The issue has become so prominent in recent years that there have even been conferences – such as April 2022’s APIsecure – that are dedicated solely to promoting improved API awareness and security posture. With APIsecure and other similar events, cybersecurity experts, attackers, defenders and developers collaborate to promote API security and improved public awareness and discourse. Particular areas of coverage tend to include how to improve efficiency in pinpointing and analyzing penetration, drafting more secure code and considering other options to maintain API integrity. Of course, this is all withgood reason. As API use continues to grow with increasing reliance on web apps, pay-per-use services and other areas, the all-too-real security implications can hit harder than ever. The API security policy that you enact has to be the right choice for your own organization’s need, and at least as important as other considerations. Where your data resides, how it interoperates with other digital infrastructure and the degree of its reliance on third-party agents and sensors are all factors in making the right decision. Regardless of where your company lands on this need to enforce firm API awareness and security, however, one thing remains all-tooobviously clear: the malicious bad actor has no concern that you’re not aware of your API security risk. J rwsmagazine.com 0 2 4 6 8 10 Modernizing the Digital Workplace Volunteers Non-Volunteers Source: Freeform Dynamics, March 2022 Attrition Rates Over 2021H2 Source: Stanford University; Trip.com 1 is unimportant and 5 is highly important On a scale of 1-5 how would you rate the value of each of these attributes of an API security platform? Source: Salt Security Stop attacks Identify all APIs, including undocumented APIs Identify which APIs expose PII or sensitive data Implement shift-left API security practices Streamline API incident response and investigations Cover the OWASP API Security Top 10 Meet compliance or regulatory requirements 5% 3% 6% 26% 26% 40% 10% 38% 28% 22% 9% 35% 32% 23% 3% 6% 3% 6% 28% 26% 32% 25% 30% 39% 7% 36% 27% 27% 12% 22% 21% 41% 1 - Unimportant 3 - Somewhat important 5 - Highly important 75% 28% 47% 68% 25% 43% Strongly agree Agree Neutral Disagree Sgrongly disagree As we move forward, it doesn’t make sense to just perpetuate old ways of doing things We need to get away from IT teams having to spend so much time on desktop delivery 5.0 4.5 6.1 9.6 7.2 4.7 0 2 4 6 8 10 Control Tr ated Control Treated Percent Percent 13 REMOTE WORK SOLUTIONS

We all face extensive security demands every day. Whether you’re seeking to tighten access to your remote network assets, keep your teleworkers safer or just get a better handle on your business-critical information, the demand is in place. For many – potentially even most businesses – the answer has been to adopt a “best-of-breed” approach with close coordination over a series of smaller investments. According to Palo Alto Networks, however, there can be complications to this purchasing strategy. For one, this plan can obstruct the ability to add, integrate and scale new security technology as needs shift. Others point to a limited scope for management. Increasing staff demand and cost both contribute to an inability to maintain adequate coverage, all in the face of an increasingly dangerous cybersecurity threat-scape. As a result of these and other issues, many now turn to an outsourced, allencompassing platform to handle virtually all aspects of security. Palo Alto recently published new data from certain anonymous clients examining this dynamic and its many considerations in greater detail. According to Palo Alto, most of the 83 company representatives surveyed believe that their ultimate goal for cybersecurity is an infrastructure that can “procure, manage, operate – and reduce risk.” Researchers identified as many as 17 different unique benefits to implementing a consolidated security platform – in this case, Palo Alto Networks’ product. Positives tended to center around three key areas: procurement, rollout and security operations. Procurement and Acquisition According to Palo Alto, 28 percent of respondents believe that they drastically cut their investments of time and money by choosing its consolidated security platform. Of note, companies witnessed diminished time spent obtaining the necessary coverage (25 percent) and less financial investment (19 percent). And a recent report by TechTarget’s ESG division, for its part, called this need for a streamlined, consolidated approach one of the single most important challenges faced by a modern, often ill-equipped security crew. In particular, Palo Alto recommends choosing a platform that “breeds integration, enterprise-wide visibility and easy scalability.” New threats continue to arise almost daily, after all, while the older ones constantly adapt to do more damage. Implementation and Deployment The act of deciding what actual types of products to buy is one thing. Rolling them out as part of what Palo Alto calls a “comprehensive, smoothly functioning system” is entirely different. The traditional path of implementing several “best-of-breed” disparate systems to cover all aspects of security means an organization will need additional resources in order to maintain, update and replace those individual platforms with time. Scalability comes at a premium that leaves little room for the “plug-and-play” aspect that keeps a security system fresh and most up to date. After all, there’s rarely a universal, underlying infrastructure or APIs (application programming interfaces) to support newer features with time. The conventional approach also tends to require dedicated, experienced By Brady Hicks SECURITY The All-In Platform Can you have more security with less investment? 14 REMOTE WORK SOLUTIONS rwsmagazine.com

personnel to oversee all of the aspects of security. In contrast, respondents noted that having a consolidated platform boasts advantages such as streamlined complexity (29 percent), as well as – each hitting about 23 percent of those surveyed – timeto-deployment, effort, reduced budget overrun risk and smoothed training processes. Security Operations After you’ve gotten your allin-one platform up and running, there’s still that voice in the back of your head. Exactly how secure is it? According to Palo Alto, that may actually depend on the coverage you have in clutch areas such as product flexibility, predictability, intelligence and energy and effort conservation. Of those surveyed, the top observed benefits of running such a platform included security policy update times (26 percent); threat analysis completion times (22 percent); incident timeto-response (19 percent); and alert comprehensiveness (17 percent). And those are just the quantifiable advantages. Respondents also listed other benefits that are not so easy to measure, but can also have an immeasurable impact on your ultimate bottom line. These “unquantifiable” positives include security policy standardization / unification, management reporting, reduced risk, lessened human error and staff coverage issues. There are, of course, many other benefits to a consolidated security platform. Whether you’re mulling ways to save time or cost, reduce staff stress, make timeto-value improvements or just cut down on commonly known risks, Palo Alto makes a case for the singular platform. Reduced Human Error Consider, for example, costly “human error” or even intentional maliciousness. By choosing a consolidated platform, you actually relinquish a degree of control over your security infrastructure but gain access to automated features that remove these types of concerns. In turn, a comprehensive, “all-in” system can free your team to focus on other operational aspects and business-critical areas. Upon platform activation, there is little need to track the latest threats as they surface or change, thus making crucial network architecture and data safer. Coverage updates are pushed through, while potential human-caused security holes are either never opened or immediately addressed. Product Coverage Integration Another benefit to the platform approach is coverage uniformity. By turning to a single provider to handle all security aspects, you can know that your assets are integrated and can communicate with one another, seamlessly working in conjunction as part of a unified approach instead of working independently of one another and risking middle-ground exposure. Next-Gen Coverage Then, there’s the cutting-edge technology. Unified security platforms tend to include constantly updated technology to keep pace with the rapid growth of cybercrime, especially with more remote workers than ever. These areas tend to include – but are not limited to – artificial intelligence (AI), machine learning (ML) and automation. Despite many of the factors outlined here, the decision between multiple security products and one outsourced platform asset isn’t an easy one. For many, ultimately, it comes down to available financial resources, level of control needed, staff limitations and cost demand. Having adequate cybersecurity coverage can be an issue for the best of us. Organizations of virtually any size are forced to address new and emerging threats on an almost daily basis. And for those with a remote workforce of virtually any semblance, the search for an allencompassing solution can be even more complex. Compounding this issue is a widespread shortage in the number of security professionals that are available for hire. Basically, the threats get bigger, the attackers smarter, the costs higher and the resources thinner. Let’s face it: remote organizations need an improved vantage point that lets them better detect, process and address threats, tracking them across multiple potential points of entry. The answer for many has been to adopt a comprehensive platform, essentially outsourcing all cybersecurity needs to a subscription-based services provider. J Percentage of Paid Full Day Worked from Home Source: WFH Research Potential implementation savings based on deploying multiple products from Palo Alto Networks vs. multiple products from multiple vendors Source: Palo Alto Networks Solution complexity and number of integration points Deployment time Risk of time and budget overruns Deployment eŒort Amount of training 29.0% 23.3% 23.6% 23.3% 22.9% 0 20 40 60 80 100 Apr20 Jul Oct Jan21 Apr Jul Oct Jan22 Apr Jul22 All respondents Respondents who ever worked from home during COVID Current Working Arrangements: Full-time Employees Able to Work From Home 40 50 60 15 REMOTE WORK SOLUTIONS rwsmagazine.com

Destination Desktop The post-pandemic journey to modern desktop delivery By Dan O’Farrell The COVID-19 pandemic has changed so many aspects of our lives, it’s challenging to even begin a list of things it affected. Our personal lives were turned upside down, and we did things in our professional lives we never thought we’d ever have to do. It has significantly changed the way we face the world, and some things may never get back to the way they were before. From a workforce standpoint, the pandemic forced many companies to quickly transition workers to a WFH model, and it was tough getting it going initially. The immediate pandemic response was, “Just make it work, and now!” Short-sighted pragmatism, supply shortages and the need to act fast often took precedence over cost savings implications and planning for the future. Now, more than two years after the initial lockdowns, many are left to ask themselves, “What’s next for desktop delivery?” Although there is considerable technical debt to deal with, we should avoid any instinct to just go back to the former way of doing things. In a recent industry survey, 75 percent of respondents agreed that, as we move forward, it doesn’t make sense to just perpetuate old ways of desktop management, control and operation. User needs and expectations have changed dramatically, and there are now new and smarter ways to deliver desktop services. Clearly, it is time to rethink desktop delivery and build a new foundation for the future. The initial wave of pandemic activity created an ongoing ripple effect where desktops are more efficiently and productively delivered via the cloud. Desktop management and control approaches and techniques that were bleeding-edge a few years ago – such as app virtualization, VDI and application streaming – are now mainstream and available almost off the shelf. This modern approach to desktop delivery is reducing dependency on the heavy, costly and cumbersome “fat client” computing model and has many advantages, including the following: • Greater agility for the business long term. Desktop delivery in the cloud enables business agility by reducing complexity. This is achieved by simplifying CONTROL 16 REMOTE WORK SOLUTIONS rwsmagazine.com

internal operation and enabling greater automation. It also simplifies the management of IT resources in the long term. • Lower costs and overhead. Desktop delivery in the cloud provides natural economies of scale, allowing businesses to pay only for what they need. This reduces costs by optimizing both software licenses and hardware or storage purchases both on-premises or within the cloud. • Defense against ongoing supplier shortages. The supply chain and supplier shortages in the IT industry were heavily impacted by the COVID-19 pandemic. Desktop delivery in the cloud gives organizations the ability to defend against these issues. • Simple to support and manage. In a desktop delivery in the cloud model, the provider manages the back-end responsibilities of data storage, backup, security and upgrades, freeing up the organization to focus on other pressing issues. • Long-term viability. The reduced costs, strengthened security and increased productivity offered by desktop delivery in the cloud sets an organization up for long-term success. In the journey toward a modern desktop delivery model, organizations can benefit from the flexibility desktop delivery in the cloud has to offer – 81 percent of respondents from the previously mentioned survey identified flexibility as “critical” to their organizations. They could supply all users with the same services and resources, but that’s unlikely to be the most efficient, easily managed or secure solution. The former “one-size-fits-all” approach to desktop deployment is largely responsible for the mess that many IT departments continue to find themselves in. The truth is there are many other solutions available now and an organization would be well suited to explore all the options. There’s no one technology that’s ideal for everyone, and the many options available are not mutually exclusive. Organizations can pick and blend preferred technologies and tactics to build a complete solution based on the needs and expectations of their end-user communities, which have changed significantly since the beginning of the COVID-19 pandemic. It’s time to rethink how organizations deliver the desktop digital workspaces that they now depend on. This will in turn impact the network and security infrastructure. For instance, WFH means the when and where users work has changed, as has how they connect, and the combination of devices and applications that they use. The short-term success of the switch to WFH came with longerterm costs. Fortunately, it also confirmed that IT departments that have adopted modern desktop delivery models and platforms are more likely to see better outcomes in areas such as user satisfaction, cost of ownership, manageability and security. The modern desktop delivery model is specifically designed to accommodate change quickly and flexibly, but it also has the potential to ease crucial tasks such as those around desktop deployment, management and support, and in particular when it comes to patching and updating endpoint devices across a widely dispersed enterprise. In the end, the opportunity now is not to simply settle into a new stability, but to turn the disruption caused by the pandemic into transformation. Organizations need to look for ways to continually simplify desktop management and cut delivery costs via endpoint unification and consistency. They also need to explore the different ways of delivering digital workspaces to users, and how they can be combined to best support differing user needs. Above all, like so many things in IT, organizations must realize that modern desktop delivery is a continual journey and not a destination. J Dan O’Farrell is the VP of product marketing for IGEL, provider of the managed endpoint OS for the secure delivery of any digital workspace. 0 2 4 6 8 10 Modernizing the Digital Workplace Volunteers Non-Volunt ers Source: Freeform Dynamics, March 2022 Attrition Rates Ov r 2021H2 Source: Stanford University; Trip.com What are the top 3 benefits of working from home? Percent of respondents 75% 28% 47% 68% 25% 43% Strongly agree Agree Neutral Disagree Sgrongly disagree As we move forward, it doesn’t make sense to just perpetuate old ways of doing things We need to get away from IT teams having to spend so much time on desktop delivery 5.0 4.5 6.1 9.6 7.2 4.7 0 2 4 6 8 10 Control Treated Control Treated Percent Percent 60 50 40 30 20 10 0 60.4 49.1 46.9 37.8 15.7 36.7 17 REMOTE WORK SOLUTIONS rwsmagazine.com

According to Indeed.com, it takes an average of more than 50 days to fill an open Citrix or VMware Horizon engineering role. It can take considerably longer to find talent that also has Azure, AWS, and Google Cloud expertise. What does waiting two months to fill an open role do to end-user productivity? Let’s just say it doesn’t help. With managed VDI, you could have the expertise you need in place in two weeks, which is much better than the alternative. If you have 400 employees or less, having the Citrix Virtual Apps and Desktops or VMware Horizon VDI environment managed or comanaged will be less expensive than hiring someone. Everything necessary to have a thriving VDI environment, managed VDI provides. Savings on tooling, consulting services, etc., usually leads to net cost reduction for even the largest environments before taking improved end-user productivity into account. Managed VDI can offer 100 percent goal alignment. Companies want their employees to be as productive as possible, with no IT issues preventing them from completing their jobs. Managed VDI can ensure goals are aligned, incentivizing the group managing the virtual environment to avoid problems or resolve them as rapidly as possible, keeping end-users productive. CONTROL Reasons to Give Managed VDI a Try For many years, organizations worldwide have turned to virtual environments to help their IT teams minimize costs and ensure their IT environments are running as efficiently as possible. However, regardless of the kind they implement – Citrix, VMware, or something else – virtual environments can be challenging to maintain at optimal performance. Many organizations employ IT staff members that specifically deal with keeping virtual environments running at favorable levels, but these individuals can leave for a similar position at another company, leaving open positions for weeks and even months at a time. When open positions go unfilled by quality candidates, organizations and end-users may suffer unnecessarily and negatively affect their productivity by waiting for new employees to fill this specialized role. During the last decade or so, a new option for addressing VDI (virtual desktop infrastructure) environment staffing has emerged – managed VDI. This approach removes the traditional risks and unknowns associated with the new hire process and guarantees VDI performance. Here are the top 20 benefits that managing or co-managing VDI and virtual environments provide for companies: By Val King 18 REMOTE WORK SOLUTIONS rwsmagazine.com

Learn more about our advanced communications solutions: channel-sales@granitenet.com 877-884-5200 Join us! Bridgepointe Tech Summit, Sept 12-15, Ojai MSP Summit, Sept 13-16, Orlando Sandler National Summit, Sept 14-15, San Diego Avant Special Forces, Sept 19-24, Austin Intelisys Channel Connect, Oct 2-5, Nashville ChannelVision 22, Nov 2-4, Scottsdale

CONTROL One person can work only on one support issue or one project at a time. Support efforts and/or project timelines can suffer from a lack of attention. Managed VDI groups typically have teams of engineers, architects and other specialists to address all environmental needs simultaneously. Get more than 3,000 percent more time to manage and support the environment than a single employee can work. The average engineer works 1,850 hours a year after all holidays, vacations, etc., are considered. Managed VDI is available 24/7/365 or 8,760 hours a year, never taking a day off, never getting sick, never on vacation needing someone else to cover. There are more than 1,500 VDI environment optimizations and counting that managed VDI groups have cataloged over the years that can be incorporated into every environment they manage or co-manage, making them as efficient and stable as possible. Every client benefits from the discovery of new optimization or performance improvements. Co-managed or managed VDI eliminates the risk of a bad hire or hiring someone that does not fit the culture. The engineers assigned always can do the job, and alternatives are available if there is a cultural fit problem, all without disrupting operations. Generally, more skills and expertise are included with managed VDI. It is hard to find a Citrix Virtual Apps and Desktops or VMware Horizon resource that can manage VDI and networking appliances successful, such as NetScaler or F5s. These are the kinds of skill sets that can be available at an expert level to all clients with managed VDI. Managed VDI generally offers expertise beyond just VDI. VDI relies on many different supporting technologies to deliver the best VDI experience. Managed VDI offerings may include expertise in all the areas required to support VDI properly, be it networking, active directory, SQL, hypervisor, storage, servers or endpoints. Faster login times are virtually a guarantee for Citrix Virtual Apps and Desktops or VMware Horizon environments managed or co-managed. Access to managed VDI’s proof-of-concept environments allows new ideas, applications and technologies to be tested and validated, reducing risk and confirming clients have all the information necessary to make the best possible purchasing decision. Environment reporting and support incident analysis provide full transparency to IT and executive leadership into how the Citrix or VMware environments are performing. Communication is key to having a clear understanding of what is happening in an IT environment. Optimized communication includes ticketing system integration, chat, phone, email, monthly reporting, quarterly reviews, leadership meetings and regular project cadence meetings to ensure all levels of the organization have clarity on how the VDI environment is performing. Managed VDI clients get an assigned project manager to help keep projects moving forward. The project management team generally averages a higher on-time project completion percentage than in-house staff. Every client has access to their own Citrix or VMware Horizon architect, along with senior engineers and support staff. Hiring Citrix or VMware Horizon architect-level talent can be difficult to justify from a salary perspective for small to mid-sized environments. However, managed VDI clients have this level of expertise available to them. It is easier to find Unicorns in the aggregate. Unicorns, or people with more than 10 years of expertise across various technologies including Azure, Cisco, Microsoft, AWS, etc., can be challenging to find and expensive to hire. It is far easier to access the expertise needed in all these areas in the aggregate, with experts in each area available as required. With some managed VDI providers, every Citrix and Horizon environment includes free version upgrades. Never pay consultants or have internal staff spend extensive hours doing a Citrix or VMware environment upgrade again. Keeping you on the latest stable version of the platform right for the organization is included. Get the benefit of knowing what versions of applications are good, stable and consistent and the ones to avoid. Not every version of Windows Server, Windows 10, Citrix Virtual Apps and Desktops, or VMware Horizon are entirely stable, and it can be tough to know a good version from a lousy one without testing them first. Managed or co-managed VDI providers generally do this testing internally for clients to ensure stability and avoid problems. 20 REMOTE WORK SOLUTIONS rwsmagazine.com

Managed VDI provides clear guidance and expertise for vGPU workloads. vGPU, adding graphics cards to VDI environments, has become a more critical part of Citrix and VMware VDI during the last 18 months as streaming media, webcams and communications platforms, such as Teams, Zoom, GoToMeeting and WebEx, have become more common in VDI environments. Architecture, engineering and construction firms explore vGPU to deliver graphics-intensive applications such as AutoCAD, Revit, Enscape, Bentley and SolidWorks. Media and entertainment companies and the energy industry also have several specialized applications that are graphics-intensive that take special care and sizing to get right in a VDI environment. Every client with a VDI environment should feel confident in their ability to deliver a great end-user experience to anyone, anywhere in the world, with a good internet connection where it makes sense to do business. Published applications, shared desktops or VDI delivered with Citrix’s Virtual Apps and Desktops or VMware Horizon should be enabling productivity and allowing employees to work from any device, anywhere. Anything less is unnecessarily robbing productive time from employees, which is counter to the core mission of IT – to keep the environment secure and employees productive. Organizations want VDI environments to enable employees to be productive, deliver a good, consistent end-user experience and squeeze every drop of performance out of the VDI investment that does not cost too much to maintain. The managed VDI model solves these challenges and removes the risk of having anything less than a high-performing VDI environment. If you have a dedicated or shared Citrix or VMware Horizon role open, you should explore the managed or co-managed VDI model. There is not a faster, more consistent way of finding needed expertise. J Val King is president and CEO of Whitehat Virtual Technologies, a virtualization integrator, managed services provider and consulting services firm focused on creating virtual environments that are built, measured and managed through the eye of the end-user. 21 REMOTE WORK SOLUTIONS rwsmagazine.com

RkJQdWJsaXNoZXIy NTg4Njc=