The Convergence Of IT And OT With Matthias Haas At IGEL Now And Next

[00:00:04] Welcome back to the Tech Talks Daily Podcast, where I'm recording this one a little differently today. I'm in Miami at the IGEL Now And Next event. I have to say, this one feels a little bit special. Yes, there are 23 announcements, big conversations around security, resilience and the future of endpoint computing. But for me, I've noticed there's something else going on here too.

[00:00:32] There's a real connection between music and technology that you don't always expect to see at an enterprise tech event. My guest today walked on stage to Rock You Like a Hurricane by The Scorpions, which set the tone perfectly. And he's also something we had a good conversation about. And then there was Mark Templeton on stage, former Citrix boss, of course, legend. He shared his love of the moody blues and how that shaped his thinking over the years.

[00:00:59] And at the closing event, James Mellington from IGEL is also going to be heading to the Live Nightclub, ready to spin his wheels of steel. So yeah, this is a tech conference I'm at this week. But it's also a reminder that culture, creativity and technology have always been more connected than we give them credit for. But now, on with the tech.

[00:01:23] I'm going to beam your ears directly to the show floor here at IGEL's Now and Next, where I'm going to introduce you to my guest. So thank you for joining me on the podcast again, exactly one year since we last spoke. Can you mind everyone listening a little about who you are and what you do? Absolutely. And thanks for having me again. I remember the last time was really fun and I really enjoyed talking to you. My name is Matthias Haas. I'm the CTO at IGEL.

[00:01:51] I'm running the field CTO teams and the organizations around where we're taking IGEL next. And yeah, looking forward to having a conversation with you today. Yeah, me too. Because I mean, we're recording this on day one of Now and Next in Miami. 23 announcements. Talk of a 75-second recovery. 30 minutes before mentioning AI. So kudos to you all for that. And you even rock the stage coming onto the Scorpions, Rock Me Like a Hurricane.

[00:02:21] It's shaping up pretty well so far, isn't it? It does, absolutely. And I'm a huge Scorpions fan, I have to admit. So that's my song. I love to be coming on stage with Rock You Like a Hurricane. And I think we have a lot of things to share. And it's a packed two days here. Now we just started with day one, part one. It's another keynote this afternoon. So it's really going to be fully packed with news and updates from IGEL partners. And already you've just come off stage to sit there and talk with me.

[00:02:49] And you describe this as a moment of real transformation for endpoints across both IT and OT. So what has fundamentally changed that makes this moment different from maybe a previous year or a previous attempt to rethink that endpoint strategy? What's changed? I think as I was alluding to it during the keynote, it's a lot about the way how we need to look at endpoints in a way that the traditional models of protecting endpoints,

[00:03:16] the traditional model of how you're managing endpoints, is leading us towards a scenario. I think you cannot pack another type of agent solution on top to secure them. I think we see this across the place globally, that not only IT infrastructure is under attack, but in particular also the endpoints are under attack. And what we figured out was that a lot of people have great strategies to recover their data centers or cloud infrastructure.

[00:03:44] But there's literally not that much people have in play for endpoints. And even today, Klaus was mentioning this just briefly around the chip shortage or the RAM shortage, right? You just can't go into the next Best Buy or whatever type of electronic shop you have in your country because there's literally no hardware left that you can just buy. We had a customer just recently that tried to replace the aging endpoint infrastructure.

[00:04:11] And it was a big, big struggle to even get close to what you need to have to replace at a reasonable price. Let's put it like this. That's the one thing. The other piece is, I think, you know, as also Gartner mentioned in their report about the immutable OS, I think we have to fundamentally change how we think about what an endpoint actually needs to do. I think it's about simplicity. It's about the manageability and, you know, security being built in from the beginning.

[00:04:39] And I think we are in a very good spot on this one. And that's the transformation actually, making sure that you not only have ring fences around your infrastructure, but you have more resilience built in by default. And, you know, you see that also zero trust is growing more and more globally. It's not only here in the US. You also see Europe picking up the zero trust trend dramatically. And zero trust is not a single product. It is an architectural setup.

[00:05:08] It's a design that you need to think about. How do I build the fundamental capabilities of zero trust into my infrastructure? And with iJill, we have a very good solution to have a platform that actually supports zero trust principles. So many great points, especially about the cost of RAM at the moment. It's something that everybody's feeling right now. I mean, you're positioning the adaptive secure desktop as more than a product, almost as a blueprint for how work is delivered.

[00:05:35] So when you're talking to customers, do they immediately see and buy into that vision? Or are they still thinking in terms of devices rather than platforms? And I think also that's a shift. And again, with that, a transformation that we see people start to think more in platforms. The idea of platformization is established. And that's not only for specific segments. That also is something that is very relevant on endpoints.

[00:06:00] What this means is the ability to build that platform in a way how you need it. Not every customer is the same. So you have not a single solution. You need to have an ecosystem, the ability to adapt, to integrate, to have open APIs, allowing you to address the use cases you need. The second thing is about the adaptive secure. We need to think about an endpoint in a more holistic way. That's what I was talking about, the four layers, right?

[00:06:27] The device layer, that's what we know since forever, pretty much, right? The persona layer, which allows you to have more of a user-centric type of approach without the complexity of looking at every single user. But to think about, these are the personas that I have in my infrastructure, right? And that's how I adjust the way how they can work. I can personalize this. And the last piece is the conditional component, you know, where you need to think about, again, zero trust principle, am I granting access?

[00:06:57] I don't grant access by default. I need to validate, check that this device is eligible to connect to my network. And then I can make this decision point. And last but not least, the contextual layer on top, which is giving me a full-blown picture of what's happening. That's where Agile Insights is really key because we're sharing a lot of telemetry data. And because we have this sharing, the open API also in that telemetry data, we are able to really make best use of this and give this to any policy engine that is connecting to the Agile infrastructure.

[00:07:26] And it's also outlined six different ways to deliver applications through just a single platform. So at what point does that flexibility become complexity? How do you stop organizations from recreating the same problems that they're trying to solve? I'm sure you hear this a lot, but tell me more about that. Yeah, I think this is something, number one, I don't think that any organization will use all six. It's about the flexibility to put the workload where it's best located.

[00:07:54] Meaning that, you know, if you run a VDI infrastructure, you can keep running VDI. If you want to probably have some of your workloads more located towards the endpoint where you have all of the compute power, you have less network complexity, you can do this by using the item managed hypervisor, for instance. So it's about providing customers the flexibility to make the right decision, how and where they want to have their data, where the workload's happening, and how you create the experience for the endpoint user.

[00:08:23] And this is especially important if you have a look on our focus around making sure that IT and OT can be managed in both directions. So the IT-OT converge, or as we say, IT for OT, is allowing us to enable customers to make the right decision, but still have the same management layer in place.

[00:08:45] I think that's one of the things that makes you guys stand out, the providing of those options and the flexibility for whatever works best for each individual business and industry, of course. And a lot of your approach relies on orchestration across OS management and application layers. So where do you see the biggest friction point today when organizations are trying to bring those layers together in practice?

[00:09:08] Because you must talk to a lot of businesses around the world, and I think it'd be great to shine a light on that, because there's a lot of businesses that are listening thinking, oh, we're not on our own, because a lot of people are having the same problems, right? And it's interesting that you mentioned that, right? So if you have a look back where we are coming from with IGEL OS 11, which was a monolithic approach, a classic firmware, right?

[00:09:28] And enabling customers to make this shift from that single type of code base towards a platform that has apps and different configuration capabilities in place, it is an ask for customers, right? Because they were just in the past, oh, I updated once and then I let it run forever. That's over, right? You need to make sure that you have an infrastructure that's up to date, that has the stability and the functionality as required.

[00:09:54] And with that, I think it's not realistic to say there is no complexity in it. You need to be able to manage and automate it as much as you can, making sure that you actually are just deploying what is required on your endpoint. That's number one. Number two, that you have the control of reconfiguring and automating those reconfigurations based on device posture, the user, coming back to the adaptive secure desktop.

[00:10:21] And I think it's a lot about automation that is required to make this happen. And you've also introduced contextual access as a new way of thinking about endpoints. So what does context actually mean in a real enterprise environment and how confident can organizations be in making decisions based on that context? Number one, it's all about how many signals you want to process. So we don't require customers to use all of the layers that we just introduced.

[00:10:49] The contextual layer makes sure that you process the signals that you have on hand. So if you have insights, you can have a lot of signals around the telemetry data that we're sharing. If you have users logging into that device, which is the majority of our users are doing, you can use that data point as a relevant decision point. But also making sure that, you know, we are integrating with third party technologies, as we mentioned Cisco Ice and Forescout and others that are joining our platform going forward.

[00:11:19] The idea here is that I, as a customer, can define what matters to me. So the example that I gave with the radiologist, right? So that just moves away from the healthcare campus to probably a cafe on the other side of the street. You don't want to have that device to actually show any patient data, right? So we've seen this all in internet cafes or on a train. You can actually see what people are doing. And sometimes you don't want to see it because it's secret stuff, right?

[00:11:46] So these are things that we want to enable, that you control what's happening. And an important part of that context is the context can change while you're operating. And that's the beauty of that we have this continuous evaluation of the security and the posture of the device. And with that, we can change configuration on the fly. This is not the case with the other layers, right? Those are more event triggered.

[00:12:12] The contextual layer that we are going to introduce is going to have that continuous evaluation. And with that, you have a policy engine in place that allows you to react on specific setups. And this, there's no one way to do that, right? Customers need to identify what their security policies are, what their device policies are. And based on this, they can make the right decision. I love that. And of course, moving from device-based policies to persona-based and then conditional access

[00:12:41] sounds incredibly powerful and certainly the right thing to do. But it's also, again, a big shift operationally. So what are the hardest part of the transition like this for IT teams? What kind of stories do you hear from those IT teams? Number one, I think it's not easy at all. So I think everybody claims, hey, this is just like a finger snap that that's not happening. So what we are doing, we are helping our customers with our field teams and the CX teams to actually

[00:13:09] understand how they can make best use of the technology they have. Because the way how IGEL is built, it's giving you choices and giving you the flexibility to decide how you want to set up your infrastructure. We understand in the verticals that we're in, there's not one glove fits all type of approach. It needs to have adjustments. And this is what our customers are valuing, that we work with them to find out how is the best use? How can you integrate IGEL?

[00:13:36] So it's a seamless experience and it's actually improving their endpoint deployment. And we see this across multiple industries, right? In healthcare, just recently I worked a lot with pharmaceutical companies in their production lines. This is really a high complex setup. And I will briefly talk about this also in the keynote, I think tomorrow it is, on how we are solving those problems.

[00:14:00] And this is by the ability to integrate with technology partners, to combine this onto our platform, making sure that we are addressing the workflow that a particular customer needs. And this is the core value of IGEL, making sure that we are providing consistent experience, we adopt to the user, to the customer's needs, and at the same time we are continuing to support them over a long time. This is all enterprise. It's about longevity.

[00:14:26] It's about the ability to stabilize that workflow as much as you can and keep you always at the bleeding edge of what technology and security means. Something else that really stood out to me from your approach is you talked about continuously evaluating risk and adapting access in real time. Refreshingly, it is so reassuring to hear that because there is no once and done. It is a journey rather than a destination.

[00:14:51] But where do you draw the line between strong security and also creating friction in the user experience? It's long been a tough balance, but how do you get that right? So, again, this is very much tied around what the policies and the outcome of our customers needs to be. And this is, again, this is the ability of the platform to adapt to the needs and educating our customers what they can do. But very often it's about, oh, I didn't know that this works.

[00:15:21] So, these are things where we need to closely work with those customers, making sure that they are using the platform to the extent it's capable to drive. And, again, it's about us helping the customer making the right decision. And what we very often see is that we come in and it's an either or decision. So, it's either I have high security or I want to have great user experience.

[00:15:48] What we need to make sure with what we are implementing in the workflows is that we are improving the security. And at the same time, we are also improving the user experience, which is a tough job. And we see this very often that this requires some iterations. We have a lot of POCs. We are really investing time to make sure that we are getting the best capability. And sometimes it's driven by company policy. Very often what we see, if you look in healthcare, there's clear requirements here in the US.

[00:16:17] It's HIPAA. In Europe, we have things like NIST2 and other local regulations that kind of like give you clear directions what's possible and what's not. If you look into manufacturing, there's a lot of requirements. If you have car manufacturers, for instance, TSACs is something that you need to meet. Or in process automation, it's about the IEC 62433. I think that I'm not sure that I'm 100% clear on this.

[00:16:46] But again, it's a regulation that sets specific requirements. And we need to make sure that we're meeting those requirements and at the same time keep the user experience as easy as possible. And there just seemed to be a clear move towards non-persistent, no trace environments. But what does that mean for industries that maybe still rely on legacy applications or local workflows? We all know those small enterprises that might have a server sitting on a chair that nobody knows what it does, but they don't touch it. Don't touch it. Totally.

[00:17:15] I think this is something that, you know, us continuing to invest in the IT managed hypervisor. At least we can provide a secure operational layer for those legacy workloads. Still, those workloads are super critical and they are super fragile. But by us enabling backup and restore on those legacy machines, we are taking away the risk of, hey, I need to, someone needs to go there.

[00:17:45] And probably it's even not a USB drive in there, right? So you have to, I don't know, disks or CDs or whatever. I don't know. So I think these are things that help customers to kind of like lift the burden of keeping those devices running. And very often I talk to customers and I said, oh, do you really need this? And they say, we can't turn it off because we don't know what, you know, the chain reaction is, right? So the ripple effect of turning this device off.

[00:18:14] So this is definitely something that, you know, IMH will help customers. What IMH also does is gives you a controlled environment. So you know which data is being stored where and the foundation of all of our virtual machines is encryption. So no matter whether you are running a modern Windows 11, which has BitLocker in there by default, but if you go down to older versions of Windows or even sometimes we have old Linux systems, we are making sure that all of this data is encrypted.

[00:18:44] And you're also bringing together IT and OT under one model. And there will be some people listening that will be saying, oh, that's great. But in reality, both these environments often have very different priorities and risk tolerances. What has been your biggest challenge in unifying them? So talking to a lot of customers, I see, basically I see three different stages of this IT-OT-converge story.

[00:19:07] So you see those, and lucky, good enough, or I'm really happy to see this is not the maturity anymore, people that have totally separate. So there's OT and IT. I think that's IT people don't talk to the OT people in the other way around. So you don't see this that often anymore. Then there are people that have started on that journey to migrate into more of an IT-OT approach. And still, those teams are kind of separate, but they talk to each other,

[00:19:35] where you have to fill in the gap of, hey, what about the network stuff? Oh, this is being done by IT. I don't care. I'm the OT guy. So this is where we need to kind of like help to bridge the gap. The way on how you manage things and the core principles of IGEL has always been manageability, stability, and security. And this applies to both of our target audiences, the IT team and the OT team.

[00:20:00] Now, the OT team might say, I only want to update once a year, which are like every seven years. I heard this also. I don't want to say that this is okay, but that's a requirement, right? With the control and the manageability, we don't push auto updates. We give the customer the choice to do the risk assessment, whether they want to update something or not. And I think that's a key priority for IGEL, making sure the admin is in control of what's happening.

[00:20:27] And then you have the third type of people, which is they actually talk about IT for OT, which is great because they already have moved further the line down of that journey towards a real IT-OT which doesn't mean that IT and OT are different requirements. It's about defining, you know, what's the playground? What are my requirements? And IT can react to this. And I've seen this now with more and more customers. They talk about, hey, we have a team that does IT for OT, which is great. And this is exactly what we are supporting, right? With IGEL.

[00:20:58] I love that. And this week, as we've said, 23 announcements. You do have quite a reputation for lots of announcements at each event. That's twice a year. That's what, nearly 50 announcements a year. But if we fast forward three to five years, that's probably about another 250 announcements. What does a fully realized adaptive secure desktop, what do you see it will actually look like in day-to-day use? And what still needs to happen to get there, do you think? Totally.

[00:21:25] So, number one, it's not only announcements from IGEL. It's an announcement we do together with partners. So, this is one of our core principles as we're thinking about a platform. And we've always done this in a way. In the past, we talked about the IGEL ecosystem. But it's about integrating solutions with our partners for our customers. That's number one. Number two, I think the adaptive secure desktop is something that if people don't realize that there is an adaptive secure desktop, we've done a great job.

[00:21:55] So, the idea here is a user gets access to the data and application he needs for his day-by-day job. Controlled in a way that the risk for the company is always respected. As I did the joke on stage here. If I'm in Thailand in an internet cafe, I probably don't get access to the company crown jewels, right? So, these are things that people need to adjust in the future.

[00:22:23] That you, based on your posture, based on your confidence level that you have, you get different layers of access. And at the same time, you know, us investing in IGEL Insights, we also want to be able to report what's going on in infrastructure. Not necessarily that we take actions on this. This is where we're working together with our ecosystem, but we can report the necessary data points that allow those third-party policy engines making the right decisions and securing the infrastructure.

[00:22:51] And I'm conscious we are talking very early on day one. You've probably spent all day on the last couple of days living and breathing your keynote and getting that practice. And you've got another one tomorrow. But from the conversations you're having from the atmosphere here and what you hear people talking about, what kind of vibe are you getting from people? What are they excited about? Yeah. So, number one, what I hear a lot about, it's the community. Yeah.

[00:23:14] It's people coming together at this event, not necessarily only to talk about IGEL, which I would love everybody to talk about IGEL, and I hope they do. But it's about coming together, sharing, discussing industry trends. It's also helping me a lot to, you know, kind of like have a finger on the market and understand what are the dynamics, where people want to go, what are the pain points, and these types of things. But the big thing here is exchange, communication, sharing, discussing.

[00:23:42] And I think this is the most important piece for IGEL. So, we stay at the pulse of what's happening. We listen to our customers. We listen to our partners. We also listen to our prospects that are here at that event. And we want to learn and want to understand how we can make a better job helping people to achieve their operational targets.

[00:24:06] And for everybody that's here, I think enjoying the time and not only listening to what I talk about at the keynote, that might be a little bit boring. But, yeah, to have that exchange with your peers, partners, and colleagues. Yeah, I completely agree with you. I would echo everything you've said there. I get that real sense of community here and people meeting up with people that they see twice a year as well from different businesses. But thank you. I know how busy you are. And I know you're already preparing for tomorrow's keynote.

[00:24:35] But just thank you for sitting down with me again. I really appreciate it. Thank you for spending time with me. I'm looking forward to next time. So, that's a wrap on my first recording here in Miami. And honestly, it feels like one of those events that sticks with you more than just the headlines and the announcements. Because, yeah, there is always big stuff. The strategy, announcements, press releases, the future of security and endpoints. But then there's also the soundtrack to it all.

[00:25:03] From the walk-on music that gets a room moving to conversations shaped by decades of music influence. To moonlighting DJs taking over the night after a full day of deep tech discussions. For me, it's a reminder that behind every platform, every architecture and every innovation, there are people, communities. And those people bring their passions, their influences and their stories with them.

[00:25:31] And maybe this is one of the many things I'll be taking away from Miami. It's not just what's next for technology. But I think when you go to an event and speak to people in person, face to face, it's people that continues to connect with everything else around us. But what do you think? Are we starting to see more of the human side coming back into tech events? Or has it always been there? And that's why we all attend these events. Love to hear your thoughts. Techtalksnetwork.com

[00:26:01] There's an event calendar on there where you too can meet me in person. If you want to have a hot coffee or a cold beer, I'm your guy. Let me know if I am heading to somewhere near where you live. And it'd be great to catch up and say hello. But now it's time for me to hit the show floor once again. And I'm going to prepare tomorrow's guest for you. Speak with you again tomorrow. Bye for now.