Sign New Jersey Travel Agency Agreement Secure

Document type sign travel agency agreement new jersey secure

hi everyone we'll be starting in just a few minutes I'm just letting everybody else kind of violin thank you hey everyone we're going to give it about one more minute and then we'll get started hi all thank you so much for joining our webinar today on how to sell more security services with our security audit tool this will be presented by Justin Gilbert our senior director of channel marketing I would like to kick us off with a few housekeeping notes we'll have time for Q&A at the end but please submit any questions in the Q&A box at the bottom at any point this recording will be sent out to everyone and if you have any questions please feel free to reach out to partners at 6 Corp comm thank you okay so before I get into this because we want to give people who are just now logging in because outlook is just reminding them I want to do something a little different that I didn't tell anybody about panelists I'm gonna give you my email address once you send me a picture of whatever the weirdest thing is on your desk so for me that's this solar-powered cat so my email address is JG I'm sorry Jay Gilbert at six core comm and I really want your weirdest picture of what you have on your desk so that way I can post it on LinkedIn and a big collage of all of your craziness all in one place so yeah that's gonna get this is going to get recorded by the way so people who are listening to this after the fact can do the same thing and for posterity I'll record this so we always have this to live in infamy alright here we go so we're gonna cover a little bit about who we are for those that are new to who you know except River is gonna cover some of the threat landscape this is one of my favorite parts the threat landscape will show you some of the things that you need to know about for your customers it helps you to be able to sell more effectively to them if you know that threats that they are facing today and then we're going to show you how to uncover some of those security gaps with a really cool security audit tool that will be giving you guys access to as part of the offer of this this webinar and then we're going to do a we're going to show you the tools that we have available to do that and then we're gonna do the drawing for what was it again the what a brand-new car what was it Olivia oculus quest VR headset oculus quest cool so we're gonna give away that at the end of this so for any of any of the App River or six employees except for employees who are listening sorry you won't be able to get my bad alright let's dive right in so first things first who we are what we do so you know you can see the list of different services we offer along the bottom there I'm not going to dive into each and every one of those but it's important to note that you know 40 percent of all health care organizations rely on six F River 30% of all banks a hundred percent of all of the FFIEC regulators the SEC you know we just have you know when it comes to compliance and security and encryption we basically have you know cornered the market on providing care and service to just a huge swath of the compliance based industry and so if you have customers who need compliance or security we likely have things that would be able to help them quite easily so once again I'm not going to go into all of this stuff you can read those on the bottom and if it's anything around you know security or compliance or office 365 now Microsoft 365 we can help you with that all right so we are going to jump right in but as we do I want to get I want to I want to show you some of the threats that have kind of hit a lot of customers as of as of the last six months or so and so I want to do a poll can we get a pull up it's the basically in the past six months how many how many of your customers have had business email compromised attacks that you know of zero to you know zero to nine 10 to 19 20 plus so answer that real quick and I'll share some of the results so you guys can see how your fellow people are what they're experiencing wow it's so what's kind of crazy is it's either on the very very high end or very it looks like alright starting to stabilize out we're getting more answers we got here alright so it looks like the majority have had less than you know less than nine attacks thank goodness but there is something like about I'd say it's about 15% ish that have over ten all right so that's good to know so we're gonna go in that poll and move right along so when it comes to threat landscape you know obviously if you were taking this from someone who's like selling hot dogs on the on this street as a vendor you're not really going to believe it much but you know uh six at River has been doing this for quite a long time eighteen years of total experience with a team of analysts that creates tons of rules they identify threats I'm going to go into some of the ones actually uh we just got off of a call the other day and with that call they actually went over a bunch of the new threats which is why we've why we have some of this and you know I mean if you think about what this you know some of the numbers these numbers are huge and so they're hard to wrap your head around like seven point four billion social engineering attacks blocked 26 billion dollars in business email all compromised losses around the world when you think about some of those numbers are huge but you know it just kind of those to show that we have a huge team of security and compliance professionals that are that are you know basically do nothing other than protect our partners customers we write something like three to four thousand rules a day to do to do nothing but that and while we have the ability to block zero day threats we have the ability to come and take that a step further and are blocking things that most competitors aren't seeing just because of the way we have some of our system is built so let's go into some of some of those threats that are out there I want to start off with something that's really kind of interesting that always blows my mind and I think a lot of people don't really get the chance to be able to see this which is it's easy to think about these these attackers and hackers and all these other people out there as this you know dark shady you know web of people who are you know really in the in the real world like they're living on the dark web you know that you hear about it you might have you know read about but these guys exist out on the plain web they're able to buy things on the plain web for instance this fishing gets for sale this is for sale on a site that's hosted by cloud fair I mean how clear is a massive company that you know has a security as part of their as part of their their core focus and they have customers of theirs who are hosting pages like this and you know this one example has 200 different kinds of kits for whatever you you want however you want to attack you know a particular company or a particular type of company they sell things for Excel Google Docs DocuSign these are pre-built phishing sites right like so the attackers don't even have to have the skill and know-how on how to attack they can buy from a site like this pre-built phishing sites all they have to do is bring their own infrastructure so they can you know load this up into an azure environment quite readily an attack and that's called it's called living off the land type of attack where you attack a you know let's say something like office 365 customers from an azure infrastructure so they can buy the pre-built phishing they download the zip deployed to the server and they put it wherever they want that they they only have to enter I think it's one one set of things they have to actually enter which is where they want their credentials that they harvest to be you know to be put in at like an Excel doc and what's crazy is that if you look at some of these they even they even offer things like validation of email addresses so little validate the email addresses to be sure that they're legit so somebody doesn't enter like a gmail address on an office 365 page and this is all you know once again this is not on the dark web this is a website like our you know our security researcher went right to the website and showed us where we can find all this and there's companies like this there's Dorian Docs there's a bunch of other companies like this that offer this out on the clear web no no dark web no onion browser none of that stuff needed this is an example of one of the ones that you can buy now for example you know this if you security professional this is quite obvious to you because the URL is quite obviously not a Microsoft URL but what you don't see in this one screenshot and it never really you know it's never really easy to show this on my presentation is that if you go to like a lot of Microsoft sites there actually are videos playing in the background so that this screenshot that you see here this is a screenshot but in reality this site that we went to which I don't know if it's still alive but this psychic is actually a full video being played so it's a full background video and so it looks very realistic I mean this is you know a lot of people don't know but you know I used to work at at River I left for about a year just came back and a year and a half ago when I gave these same sorts of presentations this sort of thing this level of sophistication and website of having you know having this type of site look this good just didn't exist and so in the past year these attackers have really stepped up their game for instance if you click on you know download documents or whatever this takes you to a harvest you know to a credential harvesting area and when you get here you enter you know the email address the password and obviously when you click view files that takes that then immediately sends that information over to the attackers you know pre designated area but what what this doesn't show because once again it's a screenshot is see that advertisement and the upper right up there and the background that was once again another video playing in the background it was a full Microsoft advertisement that made this look and feel like a like a legitimate website so that's the thing you know obviously the URL they can't get around that all the time but if they can make this site look and feel realistic your customers will and do fall for it on a regular basis and this was all created by someone with almost no development skills so they didn't have to have a ton of background and product man you know product development or anything like that these guys just went online and bought this and put it up themselves alright so this is another type of attack called living off the land of business email compromised attack this is one that our our security researchers captured you know we've obstacle mail address too the innocent this is you know that the company or the we call them company sometimes but the actual group that puts us out this is a really powerful threat group and they change up their tactics hourly this is a they have a you know a team of developers that are constantly reviewing their their attack methods to address you know when they're when their stuff is getting caught by filters more often now this one doesn't look like something that a lot of people would fall for but if you look at it see how it says invoice up here this is more obvious because this is a dark background but if your email client like let's say you're using Outlook is a has a white background in it this would look like a download link to you so when you click on this you would expect that an invoice PDF would open up inside of Outlook or download when in reality this is actually nothing more than an image of something that you would expect to see so it's an actual image that links out to this type form com address and this type form this is type form com is a legitimate company no legitimate site this is a living off the land attack because they're using legitimate hosting companies and legitimate services to be able to host their content in and so this one looks legit it looks like it could be something that you would click on honestly it took us a minute to realize that this was an image when someone showed it to me and when I was when I thought it was on a white background so this one we made it a dark background so you have a little bit more clear representation of where the image starts and this is that same thing so when you click on that the idea of a business email compromise attack is to take you to a site it's to get you to go somewhere now on the right here there's an example of that type form address you can see where it took you right to this type form address you put in your password this one is actually one of the you know less Javier the more obvious attacks you know this one barely looks like it's a Microsoft site but the thing is they probably paid five ten bucks for this template and they threw it up so they don't have to spend much and they still probably get a ton of people who put in their password on the left here you see a little bit more of a new approach instead this approach takes you to a document that's posted on a one driver on a one note in a one Drive and then at that point when you click on it's hard to see it in this bottom right down here we're hovering over this this link here this bottom right it takes you you know it looks like that document might be here in OneNote but that is actually taking you to yet another site to the true harvesting attack site it's taking you to what is it some orchard slash hectare site and so what's great for the attackers and using an attack method like this is if for some reason Microsoft shuts down this because this is hosted on Microsoft if Microsoft shuts down this onedrive that's associated with this OneNote account all the attacker has to do is spin up yet another onedrive account another OneNote and put in that link again send out another massive emails and well are they ready to go their original site is not impacted by Microsoft shutting down this one intermediary step this one is an example of it's called agent Tesla agent Tesla is a remote access trojan basically it's designed to you know gain access to a system and start deploying different types of software packages and I'll get to more of that in a second one are in a second but I wanted to show you here the you know these these attackers are not you know they're not on a single language these are these are entire development teams these are companies who whose job and occupation is to attack people out in the world they have multilingual you know speakers there purely to be able to develop content that goes out into the language that it's supposed to go in you know you know it's easy to spot the things where you know there's a Nigerian prince who's you know wants to give you a million dollars but it's much more difficult when something is in your native language when it's it has all of the all of the markers where it looks like it's actually something that was written by a native speaker and so that's where you know a lot of people kind of don't expect to see something where it looks like it's written by a native speaker in your language and it's written by someone to customize this for you but these guys do this this is again from a very large threat group and this again agent Tesla bought on the web in fact these guys are you know are interesting in that the place where you can buy this one you can pay Bitcoin for it so you don't get caught but the way they way they make this work is this is this is malware as a service so you know while you might be selling software as a service you're you're you know the people that we're fighting against they have created their own malware as a service so you can choose a six month option three month option one month if you pay one month it's $20 a month and the interesting thing about this is that they offer support they offer support they offer things like reviews where you can go see how something you know how well something has worked for other attackers they offer you know post follow-up development where if for some reason something stops working build to contin e to do more development on so these guys are entire team supporting products that are basically the antithesis of what you know someone like 6f River is where we are developing you know things to protect against this these guys are actually these guys are developing malware and phishing campaigns and it's all as a service and this one's a pretty interesting one because you just plug in your own template an email and you know once again in the backend infrastructure so you just put in you know you can see on the left here what you have to put any put in an email address your password your hostname for accessing things like your your web host and that's it they have their own devs who update this frequently they're a big player this year because of the remote working that's going on in the space of one of your customers is hit there's a lot of them that right now we're we're mo workers we're being hit from the age of Tesla malware and really the the goal of this is not to put a piece of malware on the system like nobody cares about a piece of malware the goal of this is that once the Maur is in place once this sorry this is an actual trojan once this trojan is in place it now has remote access to that machine and so their first goal of these attackers is to find out who who it is whose machine they landed on did they land on you know I guess a an administrative assistant to a CEO or do they land on the CEOs machine or do they land on I'm thinking you know banking officers you know machine and if they did the next step is they find out if it's worthwhile to them you know install additional packages and so if it's a banker they've then installed there's very very specific banking Trojan you know packages they would then and start installing to start tracking all sorts of other things that that maker might do so they have custom packages based on the type of person's machine that they actually gain access to and then they'll retarget that person with other things they'll go into their email accounts and it'll you know steal all their contacts and they'll start targeting their contacts after they've kind of you know gotten everything they can out of that machine so there's a whole longer list of other things that they'll go after the last thing I want to show you in terms of types of attacks this is called dry decks dry decks is a it's a piece of malware dry tux is the largest I'm sorry dry text it's not the malware products is the actual sender that's the organization Frederick's is a largest sender of malware in the world and the thing is everyone in the US government and everywhere else they know who this is their actual company name is evil Corp it's a Russian group that the FBI is placed a five million dollar bounty on the two leaders of the organization are in fairly close with certain Russian organizations in fact one of their one of the leaders is married to the daughter of someone from the FSB and so you know these guys are well known but they're untouchable because of who they're related to you know there's a it's a very well-established you know this one is the biggest Trojan of the year you know it's made by these guys they're very well established very effective baking Trojans they have full staff developers on payroll and they're constantly changing and evolving hourly there's not something where they you know it's like the old days where it months would go by and they'd have a piece of software out there that's not working they're updating their software almost as fast you know the OS manufacturer OS developers are this one is an interesting one I think is this the one here I'm checking my notes yeah this is the one where it came in and it was missed entirely this was a zero-day attack and it came in and was missed entirely by fifty engines that we ran it through so we ran this through 50 different engines and every one of these are all different security engines that are out there all of them missed it because it was a zero-day exploit but the way we have our our our email security platform built is it actually looks at more than just predefined malware packages it looks at it looks much deeper it looks to see if there's suspicious traffic patterns behind that and we look at suspicious traffic patterns are across all of our customers we have 80,000 customers we have a huge data set to be able to pull from and then when we look at that we're able to kind of determine oh there's these issues over here we're seeing like a rising trend and some type of some type of malware are we able to stop something put it on hold and we notify our security team when we sees those suspicious traffic patterns so they're able to stop something Poornima gets to the milliwatts so it's before even a zero-day exploit we're stopping it when we see just traffic patterns because we have such a large number of customers using our services so that's this one once again this one hits you know the dread X and the team there and they hit daily and we have zero day exploits from them on a regular basis that we're stopping using our traffic pattern analysis all right so we're up for another security poll here or another another a poll what percentage so let me commute that one up what percentage of your customer base uses Microsoft 365 purely I'm sorry yeah that's the first question what percentage of your customer base uses Microsoft 365 so we're gonna see who's still paying attention by how many answer this poll surprisingly it's almost everyone so what percentage of your customer base uses Microsoft 365 and the next question for those who are already skipping ahead of those Microsoft customers how many of them rely only on the built-in native email security built within Microsoft all right should we do the Jeopardy things I said I'm a big fan of Jeopardy so but I'm also an old guy let's see here all right it looks like it's kind of slowing down here so it looks like you know something like 40% of you said almost all of your customers are on 365 another 25 30 ish percent said over 50 percent are and then see down below on the next question how many rely on the native email security only there's 43% of you who said that you know only about 25 percent or less of your customers are relying on a percent and 33% of you so one-third of you said that almost all of your customers are using that here as their their sole protection so let's go into a little bit about email about some of the tools we have to kind of help you to sell more of you know a layered security approach and you know and what that looks like all right so you know the biggest issue you know biggest issues I see and you guys can definitely correct me if her mom I love I love being told I'm wrong QA or in the comments we're happy to Amanda and Olivia panelists will love hearing but in my mind you know when it comes to office 365 there's some problems there right like you know there's you know Microsoft makes it very easy for customers of yours to move between platform to platform so there's you know without migrations like the days of having an exchange environment where your customer would have to move it was a painful process they likely weren't going to move very often because it was quite challenging now they can move from one vendor and/or one MSP or one bar to another within minutes and have no lasting repercussions because there's no migration of data or anymore another thing is you know the difficulty in explaining value around around your own services like being able to have tools and things in place where you can show them all the things you're doing for them because in a lot of cases they feel like well I can just go directly to Microsoft why do I have to worry about using you you're not really providing me much more than I can just by myself and I can pay my cousin Bob to install you know 365 this weekend and you know obviously it can't be understated the margins around 365 for everyone in the sack for vendors for partners and I'm guessing even from Microsoft themselves are just very small they're very tiny no one's making you know no one's making a million dollars off of 365 by itself most people are making money off of the auxilary services they sell including the managed services or value-added services something else around that and then it's you know it's that there's so many vendors out there today that's it's you know trying to choose you know who you're gonna have in your security staff or who you're gonna have in your stack at all you know it's it's it's kind of fraught with peril because if you back the wrong horse if you go to the wrong provider you can end up spending you know countless hours and countless you know thousands of dollars investing in one platform only to find out it won't be able to support you in your sales and marketing efforts and in your growth goals so you know what we feel that this tool that I'm going to show you can do is it helps you to increase your wallet share it helps you to increase your renewal and your actual stickiness with customers because it gives you ways to be able to kind of point to those customers and show them how you can how you you know what kind of value you give to them on a regular basis and it's all you know automated so I mean just dive into this here so this is the Microsoft 365 security audit service and the idea behind this is that we wanted to you know kind of build this around this this idea around solution sales methodology so a solution sales methodology and we took what is basically a security audit and we create and tooling around this and Olivia actually you know she probably has made in the background made sexually one of the guys who worked really heavily on this one on this platform so if Nate's listening time recovers yours like I don't wanted to hear all this stuff I'm gonna say will correct me on one of our five measures and so you know we created this tool because really you know there's other security audits out there right like you can go somewhere else Microsoft has their own security audit but Microsoft's own security audit doesn't provide you is a way to use that information that you gain and it's a lot like all of these tools provide a lot of information it's a way to use those to those tools to be able to give you a way in a method to be able to settle and market to your customers be able sell more of your own services to be able to say your own managed services your own security services whatever you need to sell to them you need to lling and data to be able provide a customer to make that decision and easy if you can provide data to a customer around issues they have it's much easier to walk in and say I'm gonna sell you a security services and here's why you need it because you have these gaps currently that you're not solving for and this is what's going to happen so solution sales methodology so is the pain that a customer is facing the impact of not solving that pain a never buys actionable ways for use that you as their partner can solve that for them so that's what we're going to go into before we do we're gonna do another poll here this is uh this one's kind of a check question okay how many of your customers have two-factor authentication or multi-factor authentication turned on for their microsoft services and so of course for some of you who said you have no customers on Microsoft then this wouldn't be relevant but for everyone else let's see how many of your customers have multi-factor authentication remember be honest right here wrapping up right about where we always see it and shopping okay so 33% of you said less than 25% of your customers have multi-factor or two factor authentication turned on for their users and the another 33% said that it's between 25 and 50 percent so you know the other 33% you guys are you guys are hitting your customers hard on getting multi-factor authentication turned on so I love it all right so we ran this on it on a bunch of customers and I'm going to show you what this odd it is and this audit remember it's just one tool in our Arsenal we have you know email security web email security we have archiving we have email threat protection we have in different types of encryption archiving for compliance customers and office 365 but because we have we are an office 365 provider and we're a security provider we have insights into what's going in those mailboxes so we do a lot of things this is just one tool we created for our partners and our partners get free access to this tool but our partners get access to it so we did this report on 82 domains because we wanted to show you across a wide swath these weren't hand-picked what it looks like that customers are you know that your customers are likely facing this as well because the data looks like it's roughly the same all right so 82 domains of those about 6,000 or so users and almost 400 admins and what we found was that 93% of those admins this is the admins this is the people with the keys to the kingdom 93% of those admins had their passwords set to never expire 4.4 percent of them of the admins admins are always some of the worst offenders a you know when it comes to multi-factor authentication and their old passwords had multi-factor authentication turned on and 80% roughly their passwords older than 90 days now we're not going to ask the question of how old your password is because we don't think that's really honestly I want to sell you stuff so but this is this is really common right like administrators and companies typically have you know these these massive gaps and our tool shows you how to see this so when you walk into a customer site you can show them you know that their customer or their administrator who is currently there or whoever they have assigned as administrators have these these gaps the other thing that we looked at is the domain self the domain itself on the with the auto tool 630 240 rules 342 delete rules move lots of those so you know a lot of that and I'm gonna get to why in a minute why any of this matters and I can use it to sell advanced auditing enabled for point six so you can read all of these you know you can see that the multi-factor authentication actually the users had about 1.6 percent all right so why does this matter well first of all and the administrators when it comes to passwords write their passwords might be fine there might be no issues with their passwords being you know aging and being old and you know and somebody's honestly when we looked at something some of these passwords were something like a year or two old haven't changed the reason they matter is because not because they're their site has been you know hacked but it's because the number of attacks that are happening out there I mean there's been several this year of major breaches where I mean you know my Nintendo switch I had to go reset my password on my Nintendo switch and then multi-factor authentication on a gaming console purely because it was you know there was a breach so the passwords and the the you know the issue where your users reuse their passwords in multiple places you know when when you know attackers are trying to gain access to a mailbox they're just using automated systems where they go by a massive list of passwords from a previous breach and then use that and plug that in so that's why it matters that there should be no agent passwords I'm not telling you anything crazy or you there that's it's not surprising to anyone but when it comes to things like you know delete rules and for rules like why do those matter well you know for team rules is an important thing because one of the ways that attackers will perform an attack is once they gain access to a mailbox and a lot of cases they don't actually they don't actually use the mailbox they will set up forwarding rules to then go outside to another mailbox so that way they just gain access to what's going on on the mailbox you know they they will log in they'll log in one time set up a forwarding rule and then exit that exit that mailbox and that's the only time they ever log in because they just want to gain insight into what's going on so imagine if someone got inside you know a mail system between a controller and Finance and was told to gain a cess to all of the different things inside of there so that's a huge huge security hole if you don't know what the 40 rules are that are there and in most cases they're fine but it only takes one delete rules that's a it's a very common type of attack that's used when you want to be able to cover your tracks let's say you send out a mail blast from a compromised account and you want to be able to delete those you can set up fleet rules whenever things you want to cover your tracks and then move rules that's it's another common attack where you could actually move items to a to a folder that you then have access to there's different things you can do there when you get down to advanced auditing in the bottom right this is a free tool that Microsoft provides you know we give we give this tool we try to set it up on every user that we can Microsoft themselves are trying to set it up now on every user but there's still a ton of customers who don't have advanced auditing enabled the last one is inactive mailboxes now this is kind of an interesting one because it's you would think as an organization we wouldn't want to tell you when inactive no locks that's 10% of the mailboxes we investigated they are completely unused they have been used in over a year but what's interesting about this is inactive mailboxes are actually a prime target for attackers if they can gain access to an inactive mailbox when nobody's monitoring it so if they can gain access and use it to mail out of that domain and to be able to mail out to customers and other people it's it's a really great area for them to be able to focus so so yeah so inactive mailboxes I mean we love that our partners want to pay us for 10 percent of the mailboxes to be unused but this is also something that you know is a security hole now when we show this you know this is some of the stuff that we show to our partners I'm going to show you a couple screenshots of the portal itself where our partners gain access to that but this is the stuff that our partners gain access to they gain an admin role report which goes over the elevated roles because here's the other thing you have all these admins that are that are able to access a system but do they all need the highest level of permissions or do they need maybe just a sub level permission microsoft has different administrative permission sets that you're able to give them the right level of privilege and so this gives you access to that it also gives you access to all the passwords all the different things as I showed you in the previous page on the user report you gain access to things like unauthorized access maybe someone logged in from an IP address that they shouldn't have logged in from and you know the mailbox report you're able to you know look for things like around forensic investigation IP address logging all sorts of stuff that that would help you in kind of tracking down issues and then you know the way is that people are abusing a system for T report that helps once again to be able to kind of you know prevent sensitive data leakage and then in my tool report this you know once again is to kind of detect compromised accounts so yeah so all of these and then of course you have a schedule that you can build to automatically run these jobs for you so this tool is something that we built for our partners to be able to use it's a free tool we don't charge for it and we have a feature coming in the next month that allows you know for this tool to be used inside of the portal without you having to reach out to us to be used for your customers who are not even on our platform so if they're not on our 365 platform and you still want to be able to run this report as a sales tool to be able to sell it to them now right now our partners have to reach out to us they have to call in to us to have us run that report for them for customers who are not on our 365 platform but actually again the next few weeks now that'll be done and built into this tool so that way if you as a partner want to be able to email and I'm sorry you want to be able to build a sales report to help you talk to a customer about why they need you know email threat protection and things like that you'll be able to run that for any customer even new customers to you because that's where we see a lot of our partners using this the most is for customers that are new to you where you're trying to talk to them about why they should move their business to you this is a fantastic set of data points to be able to help you do that so this is some of the actual security audits itself you can see here we have things like the security you know audit tool built right here you can start it's super simple stuff I'm a sales person by heart and it's what I've kind of been doing my whole life and this is simple enough I figured it out within about five minutes of looking at it you also have the download report option where you can download any of the reports after this if you want you know I'm gonna get to a second but you can actually get a full demo of this entire report area but remember this is just one free service we offer to our partners to be able to help them sell more security services and you can use that you should also use things like those security the security threats that I mentioned earlier on that the big part of this presentation use those to your benefit to show customers the types of attacks that are out there we also have a blog that's fantastic that has a ton of security threats always updated but none of that none of these tools none of the things I mentioned the fact that we do email security threat protection also if none of it matters unless you have really amazing security support backing you up we have one of the highest rated support teams in fact if you go look out there everywhere on the internet and you look about App River or six you want to find out why people partnering with us it's almost always about support and it's because our white glove approach hands down beats any distributor you're gonna you're going to be in a relationship if you're with someone like you know I don't know if you're with someone like tech gator Enix or I'm sorry today they're cynics or Ingram or whatever you know that they're there you know operating on pennies on the dollars what so they don't have the ability to provide this really fantastic white glove support model and you know I mean this is you know another way that we help differentiate ourselves against companies like Proofpoint Minecon so if you have you know any partnership with them and you want to know what the big differentiator is one we give you the tools to be able to sell more security services around 365 we help you to consolidate that all into one vendor but then we give you a support and structure behind that all right so we're gonna wrap this up with a couple things we're gonna do Q&A after this so give any questions that have been answered so first question or would you like a security audit after this call if you do the security on is a hundred percent free so a sales pitch we're gonna do a security audit for you and for one of your customers so you can use this if you have a really large customer you've been trying to get to buy more of your security even if it's not ours I hate hearing that but even if it's not ours you can get a security art for free for yourself free just check your own domain out and then also for one of your customers so make sure to take advantage of that and while you guys are answering next let's see your Olivia do we have a drawing for the winner of brand new oculus quest we do and hopefully I do not butcher the last name but it's Ross Domon diamond diamond so we will get in touch with you after to make sure we have the right details to send to you cool all right so Ross congratulations by the way finding this online if you guys go to try to find an oculus quest right now because so many people are working from home it is a bear so I want to give I want to thank Amanda for shopping all over the world trying to find an oculus quest and it's being shipped right now so we actually just got confirmation that's being shipped so yay okay all right now move on to last page here QA does anybody have any questions that have not been answered see here rhasta thank you so apparently we didn't butcher his name bad enough that he didn't recognize all right let's see sir I do other questions I do have one question how much does the security cost once I become a partner yeah so the security audit is 100% you pay a to me in cash no it's not a percent free so there's no charge for security audits they're free we you know when we first built this platform we wanted to actually you know deploy it out there and and you know think about a pricing model but there was so much value in helping partners that honestly we just ended up getting it for free even the new feature which allows for you to be able to run this for customers who are not on our platform is going to be a hundred percent free so no charge looks like we had a Janet came and said are the reports able to be branded you Oh Janet I don't know 100 I know we're really big on having co-branding available Olivia might know but I don't know that they are they can be co-branded okay cool so they are Co brandable and we have our co-branding built in in fact we have a ton of marking materials and all sorts of other stuff that is you put in your brand one plate one place and it's ready to rock'n'roll Brian I see that you want to secure the audit so I saw that we'll make sure we taken care of as well any other questions there's one from Mike we are new to office 365 where is the best place to learn security practices for platform Microsoft documentation stinks yeah the best security practices okay well so what's interesting is we actually have a ton of training and we we have a you know like just like everyone else we have things like you know product training right product training is I know it's it's interesting if you're trying to sell that one product but we have things where we have these bite-sized lessons and so they're built up into you training courses what is the official title for it Olivia I can't remember the name of it it's called the bite-sized learning track look at that I got a first try everyone so when it comes to like you know training courses you want something you want to treat like a college course right like college courses are a ton of information but they're broken up into one-hour increments class for one hour two hours whatever and so we have the same thing but ours is like three minutes five minutes and each of those is very specific to one type of training so we have some on security best practices we have all sorts of stuff so so that's that's one way that we try to help partners who have those sort of questions let's see here do you have industry focused tools this one's from Eric you have industry focused tools offering sales materials for instance I'm interested in healthcare space well by George we do Eric we have tons of stuff around HIPAA compliance I mean HIPAA is a you know HIPAA and and FINRA regulated industries or industries where we have and I'm banking things like that our industry is where we have more content just because their compliance focused and it's it's you know you have to be able to have white papers and things like that be able to sell into them so we have a lot of content for those kind of guys and you know we have things around marketing for you to be able to sell to your customers but then we also have content for you to be able to kind of learn and digest and kind of become a you know more knowledgeable about something so we have a ton of that in we have two two platforms one is our marketing automation platform you enter your you know your brand once and you have all of these brand new materials that are built for you within one click and then we have our training our partner power portal PPP where we have a ton of training and a ton of other materials in there as well can we move from office 365 remove office 365 from other vendors and River yeah so moving from another vendor to us it requires no data move so we have a lot of customers who move let's say from and I'm not picking on them like most most of our vendors I get along great with they're almost were competitors but like let's say you have some business on I don't know a platform like Proofpoint or mine cast and some of your business on Ingram or Tech Data because at 365 you know when you have both of those platforms you basically are not getting the advantage of the amount of revenue you're spending like if you're spending probably 10 grand across two different platforms but you're only in a silver partner tier if you move those to one vendor like someone like you know it's exact River you get to combine that all into one platform and get the benefits of 10 grand worth this thing versus you know a couple of grand or with with each vendor so moving your 365 is quite easy we do it every day we move no losses to us and the great thing about 365 migrations is there's no data migration your customers will notice almost nothing happened let's see here so what is the new offering DNS is that you know anything about it in DNS offering them an 100% sure but thank you I don't know about that one but what did you fall upon that one um meadow and I hope I pronounce this right what is the difference between email threat protection services which six offers in the advanced threat protection which offers from Microsoft itself oh gosh I'm sure if we had a security expert on here this is the problem with having me we can follow up with you on that but you know uh like I said I'm fairly new coming back to F River I can answer in broad terms but there are specific features that are going to be in each of those I can let our guys follow up with you so some of the big differences is that you know this this is this is going to sound kind of like a dig but I promise you it's not look at you know Satya Nadella this is the bigwig at Microsoft right and this is all publicly available available information but look at where his bonus structure was from 2019 and where he got his bonuses from his bonuses were around cloud infrastructure around developing things like you know 365 around you know the OS and then look to see how much his bonuses were around security and around things like that and this is not a dig on Satya Nadella this is this is really kind of free to frame the understanding of why something like Microsoft you know which they are they have a secure product I'm not saying it's not secure but there are gaps in it right and when you look at that product and you look at how someone like Satya Nadella when he's driving the company and what the actual what the you know what the market really cares about it's a growth of cloud services and not so much a growth of security focused services it's just not their core focus they don't it's not like they have this desire to like have people insecure but what they are focused on is building their building there 365 days building their Azure base they're not so much focused on the hyper you know hyper focus on the security of the mailbox and so that's really where you know a company like six app river comes in because we have a you know a long long history focus exclusively on securing the mailbox and on layering the security around it I mean you know don't get me wrong like I you know there are other companies who do it there's proof point there's my accounts they're great companies I have no well to them they do it great as well and you know even they would be better than Microsoft themselves because that's what they do they're hyper focused on that the big difference between those companies and ours is that you know with with our platform we wrapped the security around 365 because the mailboxes because we also are a partner with Microsoft on that so that's going to be the US and those competitors between us and Microsoft is just our focus on that platform bill asked what will and by the way meadow will make sure someone follows up with the actual feature differences because I don't want to lie say I know that what bill as s what will be needed to run the 365 security audit for nan everywhere hosted clients we need the client to create a global admin no I don't think it's actually a global admin on their side it's God should I forget the term it's there's basically a link and I'm gonna butcher this bill so I apologize but there's basically a link it's provide like where you provide temporary access and once that once that link is generated you're able to then you know run the security report for them and it's temporary as and it'll only work once because you know we're a security company we don't want to have access to their mailbox you know when they're not hosted with us so it gives you one time access to be able to run the audit and then it's it's pulled back so it's a so believe it can WENO tab to get a bill is specific there's a document we have that we can send you absolutely but it's a really minimal sort of thing there's no there's not it's not a crazy amount stuff there doesn't know global admin access we are sort of Jim asked we're currently enjoying significant margin pax 8 last I checked at River 365 were significantly lower what are they now yeah honestly the entire industry its basis is same Synnex tech data Ingram packs a Microsoft I'm sorry about myself definitely industry or sure web those are major players and all the players have a range that ranges from somewhere around 6 to 10 percent on the bottom side to somewhere between 16 to 18 on the high side and all of us end up in the same thing so if a partner wants to sell a bunch of our services and they want to bring their you know they want to bring their revenue over we we have a tier structures that are almost identical to everyone else because they're all everyone it's a think about this way Microsoft 365 is commodity my board I said earlier nobody's making money on on 365 nobody not us not you for the most part I mean nobody really it's you're making money on the service you still around it and so you know we tear our structures just like everyone because there's really no nobody's trying to compete on that anymore everyone's kind of standardized around roughly the same price points so if you're getting let's say 16 points for microphone pax 8 you'll get roughly 16 points from us based on the tier and volume you bring in we have some partners at 18 we have a couple at 20 just because they bring on you know so much so much business to us or out IP and other things which you know that's what Microsoft gives I see Ross and a question is there a tiered pricing schedule based on volume and so what are the practice points yeah so we have a pricing point schedule the price points are really on our IP just depends on the product you know they range all the way from you know email secure it around like a pump retail to gosh I mean we have some really advanced archiving type things that are better you know go up into the above $10 or a seat range and then on 365 Ross that that that price is you know the pricing schedule isn't really it's built more on margin it's not really built on so its margin off of Microsoft retail which is where most of the vendor industry has standardized around someone else asked oh no I'm sorry we got oh this one was for you bill had asked a question about the it's called delegated admin permission so it's not Goldblatt minutes called delegated admin permissions see if we got anything else anyone else anything else here all right awesome it looks like that is everything so hey if you guys have any more questions or need anything else I appreciate you guys giving us so much of your time I know we've taken about you know 20 minutes over are really appreciating this so much your time reach out to us at partners at six core com I will see those my two panelists that are with me will see those and will be able to help you out with any questions that you have as follow-up thank you so much for your time please take advantage of the security audits make sure you get those they're free there even if one of your prospects even if use it for one of those just to help you sell one more thing thanks a lot thank you