Ashley Smith:Welcome to Automox's Autonomous IT podcast where you're watching the heroes of IT where we interview people who we consider our heroes of IT. Today we are with Jennifer Cortnell, who is a part of Pulsant as their vulnerability coordinator. Welcome, Jennifer.
Jennifer Courtnell:
Hi there.
Ashley Smith:
Well, I like to start off every podcast with asking, you know, how you got into the realm of IT and security and what you do for work.
Jennifer Courtnell:
Yeah, I fell into the IT world by accident. So over here, we finished school at 16. And I didn't know what I wanted to do. So I ended up on an IT apprenticeship. We literally, was around the time where personal computers were starting to become popular in the home. So, you know, I had this new toy, you wanted to know how it worked.
So I started an IT apprenticeship around about the age of 17, 18. And I just moved my way around from doing hardware, software, end user support, through various different companies. I Started at Pulsant 16 year ago. Now I've had a few different IT hats then as well. So I've been first line tech support, second line tech support, escalations coordinator.
I was looking for something different, the whole, you know, going in and fixing things when they're broke, helping clients. I've done it for a long time. You know, well over 16 years, I wanted a change. And our cyber director at the time approached me and asked me if I wanted to help him set up a new vulnerability management team for remediation of client and internal.
vulnerabilities both with servers and networking kit and that's where I am today. I've been doing the job about a year and a half, two years.
Ashley Smith:
That's awesome. I love when it kind of feels like the universe is just pushing you in one direction and you kind of fall into something and then it's, wait, I love this. That's kind of how I feel about.
Jennifer Courtnell:
There's also to tinker about with and to pique your interest.
Ashley Smith:
Yeah, yeah, definitely. Alright, well, why don't you give the audience a little taste about what does pulsant do and how you use Automox there?
Jennifer Courtnell:
Yeah, so Pulsant started off like any other MSP fully managed networks, know, hardware, software and user support. We are currently moving more to edge cloud solutions. So we provide co-location and data center hosting for our clients. So part of that was part of the contract. Some of our clients do take up our patching program. So with Automox it's the only patching system we have where, or we've utilized, sorry, where we can keep all of our customers separate. And we use, although we do a lot of the patching too, that the biggest draw actually is the reporting and the information we can give to our clients.
up to the minute data say this is where you are vulnerable, this is where you are secure, this is where we need to expand on your network security.
Ashley Smith:
Yeah. Yeah. And for those of you who are listening, who might be wondering, you know, how are you able to keep all of your clients separate? Automox uses multi-zones. So that way, if you're an MSP or even if, you know, you might be someone up in a big corporate organization and you have, you know, a couple of different franchises or a lot of large departments, you're able to use those zones to separate out your end points. So you're able to tackle.
you know, maybe one location at a time or set a certain policy for a certain department. And we believe that helps a lot with organization. And then it also makes it a little bit easier when you take, you know, thousands and thousands of endpoints or even if it's just hundreds and you break it down into smaller, tiny groups, it feels a lot more manageable.
Jennifer Courtnell:
Yeah, that's one of the biggest draws we had. Because we started off using all the marks on a month by month basis. Testing wise, we've just signed a three year contract upgraded to premium support. Even before we were on premium support, your support staff are amazing. Absolutely amazing. But the multi zones and the ability to provide reporting in that way.
It's just, every time I log in there's always something new, always something better.
Ashley Smith:
Yeah, definitely. I know our product team has been working like, like mad-men trying to improve the product and iterate on, you know, what's inside the console and how do we make it better. there's actually an entire Slack channel at Automox just dedicated to customer and prospect feedback and what people need.
Jennifer Courtnell:
Yeah, we literally had the updated road map presentation yesterday and between November last year when we seen it and January, the changes in the road map, it's just spectacular. We're really excited what's coming on.
Ashley Smith:
Yeah, definitely. For anyone listening, we actually have a product roadmap fireside chat coming up in February. So it'll be about a couple of weeks after this episode airs, I think, if I have the air dates correct in my head, where we're bringing in Brandon Shopp, who is our VP of Product and Jason Kikta, who's both our CISO and SVP of Product to talk about everything coming and everything that's been coming down the pipeline for product and updates and what they see for the future of the product. So I have to plug that here because I think it's going to be a really good one.
Automox's Autonomous IT podcast talks about certain themes every single month. This month we're talking about how to work with your executive team. So as a managed service provider, how do you position your work and what you do to outside executive teams?
Jennifer Courtnell:
So I think what we do is most exec teams, they know that, you know, vulnerability and security has to be done. They just don't understand why, or they can't visualize what benefit it will give. Now, by using border marks, we are able to show monthly, weekly, daily, how effective our patching systems are.
and how effective we are internally at mitigating our own vulnerabilities and also our clients. We actually use our client service managers a lot to help us engage with our execs, both client-based and internally, because they also use Automox to go in daily, weekly. They get the weekly summary reports.
They can use that as part of their client service reviews to show how, you know, how effective the patching is, where there's an issue, where things are end of life. There's not a lot of products that will actually actively tell you what's end of life. You've got to go digging for that.
Ashley Smith:
Yeah. No, that's a good one. I think that when people see reporting inside of a console, especially for, you know, patching and vulnerability management, they use it as a tool to show their their bosses their direct management on you know, what's been done in the day to day. But I think there's something to be said for trends over time and what you've been able to do.
Jennifer Courtnell:
the way the dashboard set up, you can click on one thing and it'll show you, you've got some critical vulnerabilities and then it'll drill down to which server and then it'll drill down to which vulnerabilities. And it's a nice flow of information and should a zero day exploit ever get released, we are easily able to identify those exploits. Before my team came into play, you know, it could take
three, four weeks for an entire client's estate to be remediated against a zero day. We are now looking at about nine days tops. Because we have to go through change control and obviously client approving out of bound reboots you know, we've reduced our remediation time internally and externally, which again, the execs don't really see the value in that until you tell them, well, it's now boosting our.
NIST score, it's now boosting our, our favor with our insurers. So our insurance comes down because we're showing, know, running best practice. And I think once you start talking about things like that, that the execs understand, and the execs see the, the client service coming back, showing how happy the clients are with the product and how happy the clients are with the remediation programs, then
the execs start to really understand the value of it.
Ashley Smith:
Yeah, I think that's an interesting point that you make about insurance as well. I've heard that from a couple of different customers that they're able to use it to prove that they're within certain guidelines with insurance companies or even in some cases, bring down
Jennifer Courtnell:
insurance companies like have that evidence there and some of the other products we've used beforehand, don't give us that granular reporting, where we can actually just provide, you know, a screen print, a PDF, and export a spotted CSV file, you know, whereas Automox just gives us everything that we actually need. We're actually starting to look into integrating it with service now. So that our clients
we're looking to see if we can integrate it in service now so when our clients use the company portal they can get that data themselves as well. Yeah. So it makes it more client focused.
Ashley Smith:
Yeah, yeah, that's really cool. that's interesting. Sorry, I'm just imagining that integration. in my head
Ashley Smith:
literally something we've after it was after the roadmap yesterday. We saw that the integration with service now was there. So it was like light bulb moment. How can we utilize this, you know, for our own efficiency, but for client experience.
Jennifer Courtnell:
So when it comes to explaining the value of your service, obviously it's something that Holson does very well that you've discussed. How can that translate to others in IT and vulnerability management if they're trying to explain the value of what they do? Do you have any tips and tricks for them?
Ashley Smith:
think the best thing to do is word of mouth is always the best form of marketing and advertising. I'll always say that. I think the best thing to if you're trying to show the value is to make sure you have a test zone set up and actually just demo the product as you use it, if possible. So I have done that with a few of my colleagues and things where they're like, how can we use this?
support, I demoed it with our support team. Now support team actually uses remote control function and some of the audit functions in there. Does that actually find that, yes, they might not be patching, but they can utilize that product in a different way. yeah, so they're supporting our clients one way or another. With other people in the IT industry, the best thing I can suggest is give you guys a call.
book that demo, speak to your teams because you guys just sell it. You can sell it way better than I ever could.
Jennifer Courtnell:
I couldn't say it better myself. No, I'm just kidding. that's, that's a really good tip, though, the demoing and the seeing it for yourself and showing it to other people. always feel like seeing is believing to take a line from
Ashley Smith:
It is actually one of the ways we did get our exec team on board. Yeah. By showing them and we were taking snapshots of dashboards throughout the year and saying look at it change.
Jennifer Courtnell:
There is nothing better than this.
Ashley Smith:
Be able to prove things are changing for the better is always one of the best ways to advertise
Jennifer Courtnell:
Yeah, for sure. Awesome. Well, thank you so much for joining us today. This has been an awesome conversation. I think there are a lot of actionable tips and tricks that you've given us in how people can interact with both, you know, outside teams, their clients, their executive teams that people can put into practice. So if you've been listening, this is the Autonomous IT podcast. We release episodes every Tuesday and Thursday rotating across topics. So whether that's CISO IT with our CISO Jason Kikta or Patch Tuesday podcasts on Patch Tuesday, you can always find us here. Thanks so much for joining.
Start your free trial now.
By submitting this form you agree to our Master Services Agreement and Privacy Policy
