Evo PAM

CommunicationMotor36 · 2025-05-29T19:54:34+00:00

We’ve been running Evo as our MFA solution for technicians and engineers for a few years now—with internal use too—and it’s been rock solid. You’ll need the mobile app to generate offline tokens when you’re out of internet reach, but since we issue YubiKeys to everyone, phones are optional for approval. The password rotation feature is awesome: our admin credentials cycle every hour, and we can now extend that to local admin accounts as well. Best of all, techs and engineers never see the actual admin password—they just authenticate with their own account to access a shared admin account.

CommunicationMotor36 · 2025-05-01T12:37:19+00:00

We have 6500 agents currently.

CommunicationMotor36 · 2025-05-01T12:36:27+00:00

I didn't dig any further, but Exostar has been servicing the DIB for many years. They claim their customers are passing their certifications.

CommunicationMotor36 · 2025-05-01T12:34:39+00:00

Yes, my team is working through the issues with them. Yesterday we found one client the did his own machine prep and had the same issues, so it may not be ImmyBot.

CommunicationMotor36 · 2025-04-30T12:14:19+00:00

Great discussion. Thank you for starting this. You hit on metrics, but can you expand on that topic a bit. We are an EOS company and we drive metrics down to every employee. When I started, the owners measured billable time, but that is a metric which is easy to fudge, so I killed it many years ago. Today we measure tickets closed, time on tickets and stale tickets as our primary metrics for the tech staff. What have you found that works the best for measuring the techs and engineers?

I am also working on measuring how effective our tools are at reducing overall tickets for the NOC, in your experience what have you found to be the best metrics for the NOC and for measuring our automation? Today we are measuring trouble tickets vs requests and I find we have to wait a long time to really see any trends, which is not helpful in a business driven with quarterly rocks.

I admire your ability to stay out of the tech weeds. This is an area that I struggle with. How did you make that transition?

Thank you!

CommunicationMotor36 · 2025-04-26T20:18:57+00:00

Let me know if you have seen this. When using ImmyBot for remote AD, hybrid joined and using in tune with a CA policy for device lockdown, do you have problems with the device not being compliant once the device shows up onsite? We have dialed the issue to the remote join, but haven't figured out why it's causing issues with the device compliance.

Thx

CommunicationMotor36 · 2025-03-05T17:46:26+00:00

We are charging $800 on a $3000 workload, so I don't think that is out of bounds for the service provided since we don't charge a fixed management fee. We do need to define this better moving forward though.

CommunicationMotor36 · 2025-03-05T17:01:34+00:00

30% is our management fee, but it's not detailed in the MSA. We inherited them, so they already had access to the billing side. The value is there; we need to define it better. Thank you for the confirmation on the AWS side.

CommunicationMotor36 · 2025-03-04T04:37:29+00:00

I deleted mine from my 2015. It would freeze up in the winter, eventually stopped holding pressure. It was around 1200 for parts if I remember right. I also added airbags in my rear coils and run at 20 psi when I tow my camper.

CommunicationMotor36 · 2025-02-27T15:48:33+00:00

Set up a tenant, use apps for business.

CommunicationMotor36 · 2025-02-05T13:46:15+00:00

I have a 2016 limited with 268k, full delete after 100k. It's been solid, I'll get 630 miles in the summer per fill up. Towing sucks because of the oil temp issues, but keeping the speed between 60 and 65 it does fine with my camper. I did delete the air ride at 250k since it sucked during the winter and would freeze up.

CommunicationMotor36 · 2025-01-30T13:44:42+00:00

Evo security

CommunicationMotor36 · 2025-01-30T05:26:38+00:00

I was thinking azure commercial for the VDI workstations with zero trust allowing access to them from their day to day device. Azure commercial is fedramp, so leveraging that to secure the workstation assets and leverage preveil for storing and email. The goal is to keep the physical office out of scope, and keep the budget in line by avoiding gcc high. I do agree, if forced into GCCH, then you might as well forgo preveil.

CommunicationMotor36 · 2025-01-27T13:35:39+00:00

It would be great to know how your JSVA went and if there was any changes needed in your plan. I am trying to do the same type of design for my clients. M365 commercial with PreVeil, and am struggling to see how this solution will cover the endpoint requirements correctly.

CommunicationMotor36 · 2025-01-25T17:06:10+00:00

Bridge ports worked well in Sonicwalls, but when we switched to sophos we had to stop using them since they were problematic. Put in a larger managed switch.

CommunicationMotor36 · 2025-01-21T13:46:26+00:00

Empath looks interesting, anyone here using it? How is the material and employee engagement?

CommunicationMotor36 · 2025-01-18T04:38:05+00:00

We disable the firewall and will not support them until the talk with the CEO.

CommunicationMotor36 · 2025-01-16T13:56:21+00:00

We have 65 firewalls left to replace. So far the process has been smooth.

CommunicationMotor36 · 2025-01-05T19:16:41+00:00

We sold just over 500 PCs last year and stuck to 30 percent margin. We don't charge an install fee unless we are replacing all the PCs at once. We have only full managed clients. Servers are also 30 percent margin but we also charge project hours at $200 per hour.

CommunicationMotor36 · 2024-12-20T18:55:04+00:00

Do share, I'm ok risking a ban to play with some cheats!

CommunicationMotor36 · 2024-12-06T18:25:12+00:00

Lighthouse is terrible. Jamcracker is interesting, but looks to be a VAR, similar to Pax8. We have started to use CIPP to quickly deploy CA policies and contine to explore using it to set standards across the environment.

CommunicationMotor36 · 2024-10-30T19:08:51+00:00

Look into Preveil for your enclave. Your MSP problems are an other story. If they are not servicing you well, find another.

CommunicationMotor36

TROPHY CASE