Third Wall makes a plug-in for Automate that complements traditional firewalls and AV, with functionality it says is both broader and deeper than Group Policy.

ORLANDO – Tampa-based software startup Third Wall was at the ConnectWise IT Nation Explore event here to show off their plug-in for ConnectWise Automate, the rebranded LabTech RMM platform that ConnectWise acquired in 2015. Third Wall – the name refers to the additional protection they provide beyond the common two walls of anti-virus and firewall – provides similar functionality to Microsoft Group Policy, but with what the company believes to be significantly more capability and flexibility.

The company started four years ago and has been bootstrapped by its partners. They are Scott Springer, the CEO, and CTO Rob Siegmund, who was one of the founders of LabTech.

“We met a few years ago and said that there has to be a way to make this powerful system better,” Springer said. “We believed that we could leverage LabTech to deal with problems caused by end users and make environments a lot, lot safer.”

That’s their basic premise, that cybersecurity remains problematic because of end users.

“Our value proposition is that despite firewalls and antivirus, computers are vulnerable because of their operators and protocols,” Springer stated. “If you lock those down, it’s a much safer environment.”

Some vendors who serve the MSP market have seized on anti-phishing products and training as a solution for the user problem, building or buying these capabilities. Springer thinks this is of marginal value in solving the real problem.

“Training has to be repeated, and it’s costly and only partially effective,” he said. “Instead we use policy-driven automation to prevent people from getting to phishing sites. Small businesses typically let people get to their personal email on their PCs. One of our policies blocks people from web emails. That’s the heart of what we do – use automated policies to achieve operational cybersecurity.”

Another example would be a policy to stop people from writing to a USB stick, which is dangerous because it’s commonly used by people to copy confidential files when they go to a competitor.

“People don’t even know if a USB stick is free of viruses, but they plug them in anyway,” Siegmund stated. “So our policy both stops things from coming out and from going in.”

Third Wall GOLD, Third Wall’s full product, has 58 automated lockdown policies, with the capability to make exceptions on specific computers for any policy. It features emergency buttons if malware gets in, or if a PC is lost or stolen. It also provides ransomware protection, and  full user logon reporting, which can also be used for employee performance monitoring. The reporting and ransomware protection are also available separately, and as a bundle of both services.

“We have three layers of ransomware protection,” Springer said. “At this show, we had three clients come up to us and tell us that their ransomware protection saved them.”

The ransomware protection is one of the things which Springer said had dramatically improved since the product’s inception, based on client feedback.

“We have also added half a dozen new policies that filled some important gaps we didn’t see when we first started,” he indicated. “We have also added to and improved the reporting significantly, and the reports are a big piece of what we do.” They provide two types of reports and five data views.

Siegmund said that the closest parallel to what Third Wall does is Microsoft Group Policy.

“Group Policy does some of what we do, but Group Policy checks things every 90 minutes at best — and up to 12 hours,” he said. “A lot of damage is done quickly.” While real-time would be too much of a load on the system, Third Wall is able to do monitoring every five minutes.”

Springer noted that Third Wall has some other advantages over Group Policy.

“We will also send a ticket to the MSP as well as correct it, and create a report, while Group Policy just corrects it,” he said. “Group Policy only works on domain machines while we work on all automated Windows machines. It’s also hard to use Group Policy across multi-tenanted systems. If they can do it, it requires their best people. With us, it can be done by a help desk guy.”

Springer said that while what Third Wall does is valuable, most users haven’t looked for to get this kind of functionality before now.

“People were comfortable using Group Policy,” he said. “They also felt secure because of anti-virus and firewall.”

This also wasn’t an easy thing to design, he acknowledged.

“It took a while to get it into elegant efficient code with a strong user interface,” he said. “There were some challenges to overcome. The original design had a false start. We built a prototype that was a good tool to show us that we were going in the right direction, but it wasn’t ready for prime time.“ It used an old LabTech interface style, and a script methodology, both of which are now long gone.

The market for this appears to encompass all sizes of MSPs.

“Our smallest one has 50 endpoints and out largest one has 17,000, Springer said.

“The biggest objection is when a technical business owner says that this is something that they can script themselves,” Siegmund noted.

About 400 things remain on the request list, with one significant one now coming out.

“We implemented a honeypot file in a cool way but have had issues deploying it to redirected folders,” Springer said. “This was a hard problem to solve, but we have now done it. MSPs will love this because many use redirected files for personal storage for end users.”

Right now, Third Wall is focused only on the ConnectWise platform. That may change – or it may not.

“We have no concrete plans, but have been talking seriously about expanding to other major platforms,” Springer said. “Because we have already architected it, it would not be that hard. But we are also a small company with a limited number of developers, and expanding platforms would require that we go hire more, as well as hire more marketing people.”

Because their product is focused on ConnectWise, and is a helpful plug-in for Automate, Springer said that they were repeatedly asked at Explore if ConnectWise will buy them.

“We just tell them – go ask ConnectWise!” he commented.