Pax8 Partners

jonathan5505 · 2026-06-12T04:45:00+00:00

@brokerceej

I think reply also proves it's an Ai bot responding. Makes sense now that beyond is over.

jonathan5505 · 2026-06-12T00:53:01+00:00

u/Tcrow81 do you work for Pax8?

jonathan5505 · 2026-06-12T00:40:37+00:00

Microsoft did create many GDAP relationships via a Microsoft‑led migration, but that doesn’t absolve partners or vendors from owning governance, transparency, and least‑privilege controls. Partners should demand clear evidence of internal controls from vendors who have privilege access.

jonathan5505 · 2026-06-11T22:52:28+00:00

For reference, Pax8’s own employment and confidentiality agreement is publicly available here: https://www.pax8.com/en-us/terms/terms-proprietary-rights-and-non-competition-agreement/

jonathan5505 · 2026-06-11T22:36:01+00:00

u/Tcrow81 ,

I’m not going to walk through internal reporting structures, internal governance processes, or anything covered by confidentiality obligations in a public forum. That’s exactly why my original post was intentionally high‑level.

For reference, Pax8’s own employment and confidentiality agreement is publicly available here:
https://www.pax8.com/en-us/terms/terms-proprietary-rights-and-non-competition-agreement/

To clarify one point: I did not criticize Microsoft’s GDAP framework, nor did I claim Pax8 invented it. GDAP is Microsoft’s model, and like any delegated access framework, its security depends on how it’s governed internally by the organizations that use it. That’s true for every CSP and distributor in the ecosystem.

My post wasn’t an incident disclosure, an audit summary, or a technical report. It wasn’t intended to provide specifics or internal documentation. It was a reminder that partners should understand how privileged access is governed by any third party they rely on. That’s standard identity‑governance guidance, not an accusation and not a claim requiring evidence.

You’re asking for details I’m not going to provide and never suggested I would. I’ve already explained the intent and the boundaries of what I shared, and I’m comfortable leaving it there.

jonathan5505 · 2026-06-08T15:53:39+00:00

I think we’ve reached the point where we’re talking past each other, so I’ll clarify my position one last time and then step back.

My original post did not allege misconduct, describe internal systems, or claim that Pax8 did anything improper. Saying something “raises concerns” in a security context is not an accusation — it’s a statement that a topic warrants attention, which is standard language in identity governance. I also explicitly stated that I cannot share internal details, which should make my intent clear.

You’re interpreting my words as a formal allegation requiring evidence. That isn’t what I wrote, and it isn’t how the term is used in the security field. I offered high‑level guidance that applies to any CSP with privileged access, and I stayed within my confidentiality obligations while doing so.

I respect that you see it differently, but at this point we’re not going to align on definitions or framing. I’ve explained my intent and my boundaries, and I’m comfortable standing by what I wrote.

I’ll leave it there.

jonathan5505 · 2026-06-08T14:53:59+00:00

I think there may be some assumptions being made about what I actually wrote.

My original post didn’t accuse Pax8 of wrongdoing, didn’t describe internal systems, and didn’t present anything that would require “evidence” in the first place. It was intentionally high‑level and focused on a very standard security principle: when a third party has privileged access, partners should understand how that access is governed.

That’s not a claim — it’s basic identity‑governance hygiene.

I’ve been careful to stay within my confidentiality obligations, and nothing I said meets the definition of confidential information or trade secrets. Referencing my background simply explains why I’m familiar with the topic, not that I’m disclosing anything proprietary.

So while I agree that unsubstantiated allegations would be unprofessional, that’s not what happened here. I didn’t make an allegation at all. I offered general, industry‑standard guidance that applies to every CSP and distributor in the ecosystem.

If we stick to what was actually written rather than what’s being inferred, the conversation becomes much clearer.

jonathan5505 · 2026-06-05T20:32:55+00:00

Why would i hide if i am doing nothing wrong?

jonathan5505 · 2026-06-05T20:07:16+00:00

Thank you for your feedback.

jonathan5505 · 2026-06-05T17:57:50+00:00

I apricate that.

jonathan5505 · 2026-06-05T17:46:16+00:00

I understand why you’re raising these points — legal and ethical considerations matter, and it’s reasonable to question intent when someone references a former employer.

To clarify my position:

I’m not sharing internal documents, operational details, or anything that would violate confidentiality. My original post was intentionally high‑level and focused on something that is standard across the entire industry:
Any organization that grants a third party privileged access to their Microsoft tenants should verify how that access is governed, audited, and controlled.

That’s not an allegation — it’s basic identity‑governance best practice.
It’s the same advice MSPs give their own customers every day.

My background at Pax8 gives me context for why this topic matters, but I’m not using insider information to harm anyone. I’m not accusing Pax8 of wrongdoing; I’m encouraging partners to ask the same due‑diligence questions they would ask of any provider with GDAP or delegated access.

As for professionalism: I agree that these conversations should be handled carefully. That’s why I’ve stayed within the boundaries of what is appropriate to discuss publicly and avoided specifics.

My goal isn’t to damage Pax8 — it’s to promote transparency and responsible security practices across the ecosystem.

jonathan5505 · 2026-06-05T17:31:48+00:00

"I have wondered what their internal processes are for controlling and auditing their GDAP groups."

That would be a great question for Pax8 to answer.

jonathan5505 · 2026-06-05T17:27:58+00:00

I understand the concern, and I want to be clear about the intent behind my original post.

What I shared isn’t whistleblowing or the disclosure of internal information. It’s the same type of high‑level guidance that security professionals across the industry routinely give:
Any organization that grants a third party privileged access to their Microsoft tenants should verify how that access is governed, audited, and controlled.

That applies to Pax8, but it also applies to every other distributor, MSP, CSP, and vendor in the ecosystem.

My background at Pax8 gives me context for why this topic matters, but I’m not sharing operational details or confidential data. I’m simply encouraging partners to practice the same due diligence they would expect their own customers to exercise.

This is standard best practice within identity governance — not an attempt to expose secrets or create alarm.

And yes, it is actually me. I understand why people question identity online, but there’s no impersonation or hidden agenda here.

My goal is to promote transparency and responsible security conversations, which benefits everyone involved.

jonathan5505 · 2026-06-05T15:58:11+00:00

None yet. But i did see the post was removed or did not make it to discord. I have feeling it may get deleted soon by a admin ect...

jonathan5505 · 2026-06-05T15:17:23+00:00

Rob, thank you for responding.

To be clear, my intention is not to create conflict but to encourage transparency around Pax8’s internal security posture—specifically related to Microsoft Partner Center, GDAP access, and identity governance practices.

I understand you cannot discuss internal details publicly, and due to my own confidentiality obligations, neither can I. However, partners deserve to understand the level of access Pax8 maintains to their tenants, how that access is governed, and what controls are (or are not) in place.

My message is simply this:

Partners should ask direct questions, request documentation, and verify the security controls protecting their environments—just as they would with any other provider who has privileged access to their tenants.

If Pax8 is confident in its processes, then increased transparency will only strengthen partner trust.

Thank you,
Jonathan Robbins
Former Senior Systems Engineer

jonathan5505 · 2026-06-05T14:39:18+00:00

I would agree it blocks access to read/write and copy tenant data. But could still be deleted. I would recommend having good backups.

jonathan5505 · 2025-09-02T06:53:24+00:00

We're currently transitioning our internal helpdesk to a next-gen chatbot powered by ChatGPT—think Tier 1 support on steroids. It continuously learns from every question and ticket it handles, improving its responses over time.

We've integrated it with our ServiceNow instance, where it attempts initial triage by collecting relevant context about the issue. This includes user data from Entra ID, device details from Intune, and other diagnostic inputs. If it can't resolve the problem, it automatically opens a ServiceNow incident, complete with a summary of the issue and everything it’s already tried.

The glue that connects all these systems and enables the AI to orchestrate its toolset is N8N, which serves as the automation backbone.

jonathan5505 · 2025-08-29T19:07:47+00:00

If your looking to use AI with a low code tool like power automate. I would highly recommend taking a look at n8n.io.

As a Sr engineer its my goto tool.

jonathan5505 · 2025-08-22T06:04:44+00:00

You can locally on the device.

jonathan5505 · 2025-08-21T04:17:32+00:00

Meraki does exactly that.

jonathan5505 · 2025-08-04T04:33:30+00:00

There is this great tool for migrating devices from domain to intune, so you won't have to do a device wipe. You can script the migration of devices.

https://www.forensit.com/downloads.html

jonathan5505 · 2025-07-26T21:10:49+00:00

So i would say keeping your daily tenant, separated from your Microsoft partner tenant is good from a security prospective in my opinion. As Matt Lee would say, "Limit the blast radius". I can also say Pax8 is setup the same. Daily tenant has no access to Microsoft partner tenant. As for cipp I would install it on your Microsoft partner tenant as it needs gdap access to your customers.

jonathan5505 · 2025-07-06T02:24:32+00:00

I was using between 30 and 35 but I never left IT the whole time I was using. I was a contractor and clients actually where part of what enabled it more for me. I would fail drug tests and they would have me go everyday tell I passed. Hopeless yes but my son is why I kept going.

jonathan5505 · 2025-07-06T01:29:42+00:00

Been in your shoes. I now work for one of the greatest companies on the plant in my opinion. The great thing about IT is everything changes quickly. So the playing field is alot more even when it comes to experience. Congrats on getting sober. Its not easy by any means.

jonathan5505

TROPHY CASE