How Clio Practices Security With a Culture of Trust
In October 2023, Clio’s IT Systems Manager, Tim Fitzgerald, sat down for a conversation with Kolide’s CEO, Jason Meller. The two discussed why device trust was a priority for Clio’s rapidly growing team, and why user experience was a core requirement for any solution.
Clio is the industry leader in legal practice management software, and their team has tripled in size in just the past five years. As Tim Fitzgerald explains, Clio has always been forward-thinking in its approach to security, so they were already on the hunt for a device trust solution when Kolide reached out. In fact, they were on the verge of building a posture-checking tool themselves, because, as Tim says, “there were a few out there but everyone just got the user experience so wrong.”
“We have a really good relationship with our employee base at Clio. We have a lot of trust. There’s a lot of trust between us, our everyday employees, as well as our executive leadership suite. Maintaining that trust is really, really important.”
“We just didn’t want to push something out that–maybe it ticked the boxes technically; it did implement device trust or zero trust or whatever–but it did it in a way that just made the everyday experience for people worse, or lowered their trust in the tooling that we were implementing.”
In this conversation, Tim shares how Clio’s IT team ensures that software rollouts cause minimum disruption by testing everything on themselves, and communicating extensively and directly with end users.
Please enjoy the video, or read the transcript below.
We’ve divided the following transcript into timestamped sections for easier navigation, but we left the conversation unedited, so please excuse any errors!
Introductions and Clio’s Rapid Growth (00:08-01:48)
Jason Meller:
Tim, thank you so much for coming out to Oktane and talking with us.
Tim Fitzgerald:
Yeah, no, super happy to be here. Thanks a million for the invite and great to put a face to the name as well.
Jason Meller:
And you’re here with Clio, and I got to say for folks who don’t have YouTube, YouTube Premium, maybe they’re seeing the ads. I see your ads every day. I don’t know if it’s because I’m always looking you guys up and Google knows it. But for the folks who haven’t seen you guys, what is Clio? What are you guys all about?
Tim Fitzgerald:
Clio is the leading provider of legal practice management software. So we provide lawyers with the tools they need to securely, easily run their firms from any device anywhere.
Jason Meller:
And what is your role there?
Tim Fitzgerald:
At Clio, I’m the manager of the IT systems team. So we are primarily responsible for identity and access management, device configuration, infrastructure, a certain portion of security. All that fun stuff.
Jason Meller:
You’ve been there now for a few years. I’ve known you there for that long. How has Clio changed in terms of the relationship between IT and security in that time? What has the last two or three years really felt like for you?
Tim Fitzgerald:
The scale of change has been huge. When I joined Clio four and a half years ago, we were hovering around 250 people.
Jason Meller:
Wow.
Tim Fitzgerald:
Now we’re north of 1,000. So just the scale of everything has increased. The relationship between security and IT thankfully hasn’t changed. I have to give such a big shout out to my security team at Clio. They are the best people I have ever worked with, and I love working with them. So it’s always been really, really harmonious, and thankfully as we’ve scaled, we’ve managed to keep that good relationship going.
Jason Meller:
Nice.
Tim Fitzgerald:
Yeah.
How Clio’s IT Team Gets Ahead of Scaling Challenges (01:49-03:55)
Jason Meller:
So what was the right moment for you to get Okta? Because I imagine when you were earlier stage, like 200 employees, when did that actual transition happen?
Tim Fitzgerald:
Well, I had implemented Okta at my previous role at my previous company before. So I was quite aware of what the tool is, what the benefits are, how to smoothly roll it out. Myself and my director of IT at the time just figured it was better to get out early on a tool like Okta. I think a lot of companies wait until they’re kind of north of 500-ish employees.
Jason Meller:
Yeah, and it’s painful.
Tim Fitzgerald:
It’s so much more difficult. So we really saw the value in just going in on it early on. We just made it a huge priority for six months. Okay, this is the thing that we need to get done early, and so that it continues to scale really smoothly as the company grows.
Jason Meller:
And that’s what we’ve heard from other folks too. I think they ride it all the way basically to infinity. They don’t really swap it out later.
Tim Fitzgerald:
Yeah, we also have that, we are always thinking: what tool do we need to manage our stuff, but when we’re at twice the head count that we’re currently at?
Jason Meller:
Right.
Tim Fitzgerald:
So we’re like, “Right, we’re currently at 500 employees, but what tooling do we need to manage 1,000? Because that’s what we should have right now.” Because otherwise we’re going to be reactive and that’s not okay.
Jason Meller:
I imagine one of those things is maybe initially when you’re small, you can have things that IT can kind of paper them over if they’re not quite working right. Because yeah, you can have a lot of tickets coming in, but it’s not this overwhelming amount. I imagine once you start getting close to 1,000 employees, suddenly every vendor tool that you have, it better not really be creating a lot of issues. Because one blip in the system is going to generate 500 tickets or something like that.
Tim Fitzgerald:
Yeah.
Jason Meller:
And then now your whole week is ruined, really triaging through that.
Tim Fitzgerald:
Yeah, and it’s also really easy to get comfortable in that state as well, right? It’s like the boiling a frog kind of analogy type thing.
Jason Meller:
Right.
Tim Fitzgerald:
It’s just like if you exist in that scaling problem for long enough, you just don’t even see it as a problem anymore. It’s not fantastic for people.
Clio’s Build vs Buy Device Trust Dilemma (03:56-7:39)
Jason Meller:
So I remember very fondly because when we were working on our Okta integration, you were one of the first companies that we had. We showed you kind of an alpha version. I just remember your reaction in the call. Some people like to give us a little bit of a poker face, and you were like, “I can’t even believe I’m having this call right now.”
Tim Fitzgerald:
Yeah.
Jason Meller:
“This is the best timing ever.” Tell me a little bit about it, because that was earlier this year. What made that such great timing? What changed inside that made device trust or posture kind of more of a priority?
Tim Fitzgerald:
As I said, not to blow our own horn a little too much, but we are fairly forward thinking as an IT team. It’s one of the things I’m really proud of the team for doing. So we knew that device trust, this turn that was kind of starting to be bandied around four years ago without much…
Jason Meller:
Right.
Tim Fitzgerald:
It was very kind of ephemeral still at the time, but we knew that the concept of it was probably the future that we wanted to operate in. That was going to be the way, but we just could not find any existing product that did it the way we wanted it to. There was a few out there, but everyone just got the user experience so wrong. So, so wrong. It was so user unfriendly. It was opaque, it didn’t really help people, and it just didn’t demonstrate any value to people. So we were essentially at the stage where, “Okay, we have to build it ourselves.” We were literally scoping out how many quarters of work in developer time it would be for us to develop our own context-aware engine internally, that met user experience standards that we were passionate about. So literally, and I mean literally a week later, you guys came knocking on the door to talk to us. It was just like, “You are saving my team six months plus of work, and you will do it better than we will do it as well.” So that was the thing, that was why I wasn’t able to keep a straight face on that call. It was just like, “Thank God someone is doing this, and that the someone is already a platform that I trust.”
Jason Meller:
And you guys, the big thing that you mentioned earlier was user experience being a critical thing that you weren’t seeing from the other vendors, and it makes sense. You want to make sure that your users are having a good experience, but was there more to it than just that? Did you have other concerns other than, “Oh, the users won’t like it”? Was there something more tactical to that? Were you afraid of having to roll it back after rolling it out? I guess, what is it about your value system that makes you emphasize that so much?
Tim Fitzgerald:
We have a really good relationship with our employee base at Clio. We have a lot of trust. There’s a lot of trust between us, our everyday employees, as well as our executive leadership suite. Maintaining that trust is really, really important. It’s one of the things that makes us operate as well as we do. So just the hesitancy to roll out any kind of tool that breaks that trust, we really heavily focus on and think about. We just didn’t want to push something out that maybe it ticked the boxes technically.
Jason Meller:
Right.
Tim Fitzgerald:
It did implement device trust or zero trust or whatever, but it did it in a way that just made the everyday experience for people worse, or lowered their trust in the tooling that we were implementing. You know what I mean? So yeah, it was a combination of those things, I think, that was a real focus for us.
How IT Creates Smooth Rollouts for End Users (07:39-10:56)
Jason Meller:
So let’s transition to, all right, you’re rolling out Kolide. You’re thinking about that process. How did you approach that systematically? Because you don’t want to just rush out, get everybody down. And I know out of all the customers you had, for your size, you were very rigorous with testing it. So can you talk a little bit about the methodology that you put into place there?
Tim Fitzgerald:
It was probably two parts to it. You talk about the testing phase basically, where we had a lot of hands-on calls with you and your team, and kind of walked through different scenarios. We got it set up and made sure it was only scoped to our internal IT team first. We dog food ourselves that way a lot, right? It’s really important that we go through it really thoroughly ourselves, and we fully understand the experience. So that was a big part of it. That was just the practical side of it. I think from what was more impactful from our rolling it out point of view was really, really heavy communication. You cannot communicate enough with these kinds of rollout in my opinion.
Jason Meller:
Right.
Tim Fitzgerald:
And I like when that communication comes directly from the IT team itself. So we were just really heavy on comms, and that involves the obvious stuff like email campaigns, Slack announcements. But also recording tons of videos of what the new login experience looked like, right?
Jason Meller:
Yeah, I imagine people, that’s their top concern. It’s like, how ridiculous is it going to feel?
Tim Fitzgerald:
Yeah, exactly. It’s like, yeah, it’s one, it’s reassuring them. Then two, it’s getting them familiar with the visual experience of what’s going to happen. So by the time we were rolling it out, everyone had seen what it looked like. Everyone was just going through the stuff they’d seen in GIFs, and videos–we’re heavy on GIFs. We’re heavy GIF users. But they were already familiar with the visual kind of experience that they were going to get. So that was really, really important. Then again, back on the practical side of things, we split our rollout into two phases. So first, we just set up an enrollment phase where the only thing that happened for two weeks is that you were enforced to enroll with Kolide as a factor.
Jason Meller:
Right, no checks being blocked or anything.
Tim Fitzgerald:
No checks, nothing like that. Just enroll it. You were still using Okta Verify as your actual second factor
Jason Meller:
Right.
Tim Fitzgerald:
Then what we did is once we had everyone enrolled, we took a look at our failing checks. We took a look at what users were going to be blocked on day one, and we didn’t want that experience for anyone.
Jason Meller:
Right.
Tim Fitzgerald:
That’s not a good experience for people. So we very proactively, and again, I have to thank specifically the IT services team at Clio, because they actually did all the heavy lifting here. But directly reaching out to every single one of those users and making sure that their issues were fully resolved. So it’s a manual process, but it was 100% worth doing that. Then it was just rollout time. So we gave everyone, again, loads of communication. You cannot communicate too much, and we turned it on and that was it. It became our primary MFA.
Choosing Which Kolide Checks to Run (10:57-14:25)
Jason Meller:
Now, when you decided we’re going to now turn on some checks, I imagine there was a rigorous discussion around which checks those were as well.
Tim Fitzgerald:
Yeah.
Jason Meller:
Can you give us some insight into how you made those decisions? What were sort of the balancing things from a security, from a UX perspective? What were all the things that went into that?
Tim Fitzgerald:
And realizing now, I didn’t include in my previous answer, we did actually run an internal pilot with users that weren’t just in IT.
Jason Meller:
Yes.
Tim Fitzgerald:
So a lot of it came from feedback with them. We made sure to include a really diverse range of people from across the company in all different levels, in all different positions. So we solicited feedback from them, first of all, right? That was really important. Then we took that feedback, we went and talked to our internal security team, and we just discussed as a team, basically what was important and what was less important in our kind of everyday use going forward. So it was just really, really collaborative. Yeah, we decided to turn off some checks that I think you probably still feel are critical checks, but that we, for our use in the context of how we operate, disagreed with. So we got to those kind of decisions.
Jason Meller:
No, that’s why you get to pick, right?
Tim Fitzgerald:
Yeah.
Jason Meller:
Every company I think has different priorities, and even just what they think they’re willing to let the users even try for the first time.
Tim Fitzgerald:
Yeah.
Jason Meller:
And there’s a breaking in period that we found with some of our customers as well.
Tim Fitzgerald:
100%.
Jason Meller:
It’s like, “Let’s just do a couple and let’s get them used to that.” And the other thing that we’ve seen with some of our customers, is there’s an initial set of things that will fail, that will never fail again. It’s like a misconfiguration. The one I always harp on is the system integrity protection in Mac OS.
Tim Fitzgerald:
Right, right.
Jason Meller:
Sometimes you get an overzealous developer, they turn it off because they needed to test something and then they’d never turn it back on. Well, Kolide will remind you, and then you’re never going to turn it off again, or Gatekeeper or something like that. Then there are the ones that, all right, this is going to be something that will be always an ongoing issue like a Chrome update or MacOS update, and I should expect to maybe get notified once every few weeks. Or maybe sometimes more often depending on what the season of updates is looking like. Lately it’s been a little rough.
Tim Fitzgerald:
Yeah.
Jason Meller:
But yeah, I think that it’s a good approach, and it sounds like the goal was to really not be surprised at all by the rollout.
Tim Fitzgerald:
Yep.
Jason Meller:
So then, let’s test that. When you actually did turn everything on, was there anything that you learned even in that wider rollout that was useful to know? If I could go back in time and check this one extra thing, I would’ve. Or was it all just relatively smooth?
Tim Fitzgerald:
Yeah, honestly it was super smooth. But it showed up some misconfigurations for us, right? In the pre rollout phase or when everybody was enrolled but not actively authenticating through Kolide. Yeah, we did discover that we had a couple of widespread issues with some configurations. We actually did have to delay our full rollout by one week as a result of one or two of those. But for us, it was just like, “No, it’s really important for us to fix this ahead of time so that when we are at launch day it is smooth.” That was super important for us. It was like, “Let’s make this user experience the best it can possibly be.”
Assessing Vendors on Security and UX (14:25-17:12)
Jason Meller:
Now that you have this running up internally, has this changed your perspective on all of the other vendors that you work with? I imagine you know this is a relatively new concept, doing device trust this way. When you think about, “Oh, we’re getting a new SaaS app.” And is it something that ever kind of enters your mind or the security team’s mind? Are you aware of changes in their perspective now that you’re living it every day?
Tim Fitzgerald:
It’s probably just reinforced a lot of things, really. It is still kind of disappointing to see a lack of good RBAC controls on a lot of vendors. Just not a lot of forward thinking, I guess, in that space.
Jason Meller:
Right.
Tim Fitzgerald:
A lot of vendors are still stuck in the like, “Oh yeah, we just have SSO. We’re secure, we have SSO.” It’s like, “Yeah, but do you have SCIM? Do you have group controls, group pushing?” That kind of stuff. And it’s just kind of like, if a relatively small company like Kolide can build as mature a security tool as this.
Jason Meller:
Right.
Tim Fitzgerald:
That is the front door for every single one of our employees. Yeah, we expect a bit more maturity in the industry, I think, from now on. Honestly, a bit more user compassion, I think, is a big part of it.
Jason Meller:
Yes.
Tim Fitzgerald:
I’d really like to see more vendors be empathetic to what the user experience is.
Jason Meller:
And that’s what we found, is a lot of folks, they try to do this and there is really no end user experience piece at all. You’re blocked. I imagine you found that when you were kind of looking at the market. What they don’t have internally is the wherewithal to know that that’s not going to work. So what they end up doing is they roll it out, people are blocked, and then every single one of those moments becomes an IT help desk ticket. Then they’re frustrated and everybody’s unhappy.
Tim Fitzgerald:
Yeah.
Jason Meller:
And then they roll it back, and it’s like a failed experiment. And then, “Oh, I guess this device trust thing really just doesn’t work at the end of the day.” No, it’s the UX that makes it unlock. So it’s good to see. That’s why we’re so grateful to work with companies like you, because you kind of get it intuitively. You get to now actually watch it really happening in practice, and we get to as well, which has been phenomenal.
Tim Fitzgerald:
One of the cool things that I kind of learned afterwards, I think I knew this a little bit already about Kolide anyway, but since we’ve implemented it as device trust, people really feel empowered about their own device that we give them.
Jason Meller:
Right.
Tim Fitzgerald:
They don’t feel that it’s just configured completely remotely by IT and it’s a black box. They understand what’s going on. They understand what’s failing, why it’s failing, why that’s important, and how to fix it themselves. It gives such a degree of ownership that you just don’t really get that often.
Kolide Solves Problems That MDMs Can’t (17:12-23:32)
Jason Meller:
One of the things we hear from folks all the time is they try to weigh this with an MDM, as if they’re an either/or decision. I know you guys have some unique perspectives on MDM and how it might complement or augment this type of service. What is your perspective on what would an MDM be good versus something like this?
Tim Fitzgerald:
They’re totally complementary to me. I really don’t feel like it’s one or the other. I think they’re totally complementary systems. I think MDM for us, provides some baseline facts that in our industry you just can’t ignore. You can’t go without.
So we use MDM to enforce, as we talked about earlier, like SIP or Gatekeeper, or those kinds of things. They just have to be configured and enabled.
Jason Meller:
Right.
Tim Fitzgerald:
I said, “Yeah, maybe they can get into a state where somebody’s disabled something, somehow, through some kind of backdoor system or something, and Kolide can kind of solve that then.” But there’s a lot of things that MDM doesn’t really address. Right?
A really obvious example is kind of nefarious browser extensions.
Jason Meller:
Right, yeah.
Tim Fitzgerald:
You can do allow lists and stuff like that, but that’s awful. It’s so static, it’s real point in time. You have to constantly babysit them, and make sure they’re being updated or whatever.
Whereas with something like Kolide, it’s much more dynamic in that sense. We can stay way more on top of it. We are a very tech forward team. We don’t mind writing a bit of sequel. That’s our jam.
So yeah, I don’t know. They’re totally complementary. They’re both, for me really importantly, tools to speak to the state of a device in a point in time.
Jason Meller:
And the way that I like to think about it as well is, there are classes of problems that can be solved with automation. But as you just said, shadow IT, nefarious Chrome extensions, or even just trying to communicate through policy that something isn’t allowed.
I know a lot of companies are wrestling with: do we want to enable a lot of access to large language models like ChatGPT and things like that? How do we put forth a policy and have at least some degree of light enforcement on that? That, “Hey, we get a sense if you’ve installed the GitHub co-pilot VS code extension, we want to just at least put you on notice. At least have it with these settings or don’t have it at all.”
Tim Fitzgerald:
Yeah, yeah.
Jason Meller:
Instead of just having it be you hear about it on their first day of work, and then we just hope that you’re not doing it.
Tim Fitzgerald:
It’s in a slide somewhere on your onboarding.
Jason Meller:
Yeah, right.
Tim Fitzgerald:
No, totally. Actually, that’s an interesting thing. What is really important for us in terms of a tool like Kolide, right? Is if we hear about a CV that just drops. Some NPM package or something along those lines, happens all the time. MDM can’t do anything for us in that situation.
Jason Meller:
Right, you need the end user’s help for that.
Tim Fitzgerald:
And a lot of the time in our device endpoint detection and remediation software, we have to kind of allow this developer tooling anyway, right? Because we can’t slow down developers. So Kolide completely bridges that gap for us. Where we can say, “Okay, a really serious CVE has dropped on NPM packages. We need to know what our threat landscape is like and quickly.” We need to know really, really fast. So that’s something that no other tool, that we have at least, can do for us.
Jason Meller:
No, I think we see that all the time. It’s getting really into the nitty gritty details, and then not just producing the alerts. But actually having at least a mechanism to deal with it at scale because no one wants to sit down and write the script to yank it out.
Tim Fitzgerald:
Yeah.
Jason Meller:
And then suddenly, oh, we did the wrong package, and it’s not right, and this was a dependency and now everybody’s builds are broken.
Tim Fitzgerald:
Yeah, yeah.
Jason Meller:
There’s a degree of safety that you have because human beings won’t self sabotage the core thing that they need to do to do their job.
Tim Fitzgerald:
Yeah.
Jason Meller:
They’ll push back, and they’ll actually have a conversation with you.
Tim Fitzgerald:
Yeah.
Jason Meller:
In fact, I actually wanted to ask you about that. Have you had a conversation with anybody about a practice because of something Kolide brought to bear? Or they asked for an exemption? Or you’re not there yet in terms of like, “Oh, we’re not really checking for that much yet, where those conversations are happening”?
Tim Fitzgerald:
Thankfully, nothing too widespread, or anything too concerning. But yeah, it probably raised a couple of personal devices that we had floating around. Pretty quickly. On top of that, it’s raised more systemic issues for us. Really highlighting that us as a team have misconfigured something, really more than anything.
Yeah, I don’t know. I got to give credit to our employee base. They’re pretty solid for not messing around. In fairness to them, they understand the industry that we are in, we have to be so on top of data protection. We deal with such sensitive data, it’s really core to how we operate as a company. So it’s thankfully really on top of mind for everyone.
So yeah, it’s mostly been around surfacing systemic things that were wrong. Misconfigurations with our EDR, or patch management, long key, and things like that.
Jason Meller:
We’ve heard from other customers that Kolide has unearthed like, “Oh, we think our MDM is actually connected and syncing, and the tool is telling us that.” But in fact, the certificate expired and if we had tried to remote wipe this, it was not going to happen.
Tim Fitzgerald:
Yep. Happened to us.
Jason Meller:
So that’s one thing that we see all the time. It’s like, “Oh yeah, everything looks fine.” Then you find out when it’s time to actually utilize this key security feature that you bought it for. It’s like, “Oh, this isn’t going to work and now it’s too late.” You don’t have the laptop in your possession anymore or something even worse.
Tim Fitzgerald:
Yeah, exactly. And it’s a big thing if a lot of time you don’t know what you don’t know. Because if a device doesn’t enroll in MDM or something along those lines, you might never hear about it. But as soon as they have to log in to Okta…
Jason Meller:
There’s no way to avoid it.
Tim Fitzgerald:
… If they don’t have Kolide, they have to firstly install it. And then secondly, you’re going to find out pretty quick that there’s an MDM problem.
How Clio’s IT Team Onboards New Employees (23:33-25:36)
Jason Meller:
How do you think about new employee onboarding in this world? Do you have a bespoke process for telling them about Kolide, or is it relatively smooth? It’s just part of the onboarding package that they get?
Tim Fitzgerald:
So everybody does a dedicated IT onboarding session with Clio on their first day. And again, I’ll give major credit to the IT services team at Clio because nobody wants me in front of employees on day one trying to do that.
Jason Meller:
You’re lovely, what are you talking about?
Tim Fitzgerald:
So they do a great introductory session where they introduce all the core tools that are going to be your day to day. So obviously, Okta, right?
Jason Meller:
Yes.
Tim Fitzgerald:
That’s a huge thing that you have to introduce. OnePassword, which we also use, and Kolide. So we really focus on setting them up. When I talked earlier about getting people familiar with the visual identity of what they’re going to be using, and that’s really important.
So we make sure that our slides include lots of the visual screenshots.
Jason Meller:
Right. This is what it’s going to look like, and you can pattern match to that.
Tim Fitzgerald:
Yeah. So we just explain it. It’s really not that problematic. It seems to go really smoothly. We get a lot of feedback from people that are coming in from similar companies in a similar industry, how nice it is to not have to do the temporary one time passcode. That is consistent feedback. That people love that flow.
Jason Meller:
And you kind of gave them a nice UX upgrade over traditional multifactor by switching to Kolide.
Tim Fitzgerald:
Yeah.
Jason Meller:
So they’re like, “Oh, there’s actually something in it for us.” Other than you guys get some assurances.
Tim Fitzgerald:
A lot of people, you don’t want to install something on your personal cell phone that’s related to work. Completely understand that. You do not have to do that now, right? There is no requirement. Or in the past, we would’ve got Yubikeys or something for people, if they didn’t want that. But now it’s just like, “Don’t worry about it. It’s all on device. You’re good.”
How Kolide Works for Non-Technical Users (25:36-End)
Jason Meller:
One of the things I hear all the time when people are trying to poke holes in what we do, or the concept of user-focused remediation, they’re like, “That would work for a really engineering focused company.” What has your experience been with the folks who are not in engineering, as they interact with something like Kolide? Do you notice big differences? Or has it been pretty much uniform in terms of how people approach it?
Tim Fitzgerald:
Yeah, I think it’s been super uniform. I do not agree that it is an engineering focused product. Engineering is one of the largest parts of our company, but we have a huge sales team. We have a customer support team, we have marketing, we have everything. It’s really just uniform across the board in terms of the level of self resolution that we see.
The instructions are straightforward. I even love when you’re designing your own check in Kolide. You guys, the UX is very opinionated about, “Write good instructions to let this person know how to solve this problem.”
Jason Meller:
Yeah.
Tim Fitzgerald:
Maybe I cursed you a little bit under my breath the first time that I had to do that, but yeah. They’re all presented in a sense that’s very straightforward for the user to remediate. There’s a bit of context there as well. If we come back to the SIP thing. If somebody has disabled SIP, they probably have the context for that little bit of extra technical kind of information, right?
Jason Meller:
Right, exactly.
Tim Fitzgerald:
Exactly.
Jason Meller:
They’ve gone to the terminal, they’ve gone into recovery mode.
Tim Fitzgerald:
Yeah, exactly.
Jason Meller:
They kind know their way around a little bit.
Tim Fitzgerald:
Yeah. Yeah. So no, I really do not think it’s an engineering focused product. We see really good self resolution across the company.
Jason Meller:
Well, Tim, we couldn’t be happier to have you guys as a customer. I think it was great to have you guys be one of the first to roll out because the things that you did instinctively became the process that we go through with every customer. So you guys did a survey with some of your employees to even just ask them and actually get written down answers of, what was this like? We do that with everybody now because of you.
Tim Fitzgerald:
Good.
Jason Meller:
And in type form, it’s really nice. And they’re like, “Oh, we didn’t even think to ask them in a structured manner.” We’re like, “We know how important that is now because Clio did it.”
And so you guys have set a lot of best practices for us in how we approach medium to large rollouts of the solution.
Tim Fitzgerald:
Oh, that’s good to hear.
Jason Meller:
Can not thank you enough.
Tim Fitzgerald:
That’s good.
Jason Meller:
You guys have really set the bar well, and I think it’s your obsession with really being empathetic to the end users and their experience. I think that’s what makes you guys a good security and IT team partnership, is if those things are in harmony, you can solve a lot more than what you can do if you really treat end users as just a risk or something to be worked around.
Tim Fitzgerald:
100%.
Jason Meller:
And so we really appreciate it, and we’re so psyched that you’re here. And thank you so much for talking to us.
Tim Fitzgerald:
As I am, thanks for inviting me.
Jason Meller:
Yeah.
Tim Fitzgerald:
Cheers.
Jason Meller:
Thanks.
Want more perspectives from Kolide customers? You can watch more of our Oktane fireside chats on our YouTube Channel!