Bringing integrity to people and process

Barinder Hans 00:00

I think technology is everywhere, but people don't understand technology because not everybody is an IT specialist. But there's, I think, a deeper understanding the average person does need to create and elevate their skillsets around cybersecurity especially.

We're at, and now AI. Those are like areas where you can't ignore that anymore. We've only deepened our dependence on technology over the last 20 years, and the next 20 will be even a steeper adoption curve of these modern technologies. 

Mo Dhaliwal 00:45

Technology has created a paradox. As our capabilities expand exponentially, so too does the surface on which we can be attacked. The managed service industry's explosive growth, approaching a half trillion dollars globally, reflects not just digital adoption, but the mounting complexity of maintaining secure, resilient systems. Cybersecurity threats now evolve faster than most organizations can adapt, with AI-powered attacks emerging alongside AI-powered defenses in an escalating arms race. So what once required really specialized knowledge to create exploits now leverages automated tools that democratize both innovation and destruction. So the challenge isn't just protecting against known threats, but anticipating risks that emerge from technologies that we're still learning to implement.

Every advancement in cloud computing and edge devices and artificial intelligence introduces new vulnerabilities at the precise moment where we're more dependent on these systems than ever. So today we're speaking with an entrepreneur who has navigated this complex landscape firsthand. It's Bernard Hans, the CEO and co-founder of Red Rhino Networks, an award-winning managed IT provider, which has been recognized in Canada's top 50 best managed companies, and included in the top 501 list of MSPs in North America. He's a UBC computer science grad. He co-founded the Vancouver-based firm in 2010, specializing in cybersecurity, cloud solutions, and 24-7, proactive network support for businesses. Bernard, welcome. Thank you for having me. So that was a very professional introduction for what I would say between us has been a very unprofessional relationship. So our, I mean, my earliest memories of you were obviously in high school. We've known each other for a very long time. And some of the more memorable moments were long road trips, where we're blaring Punjabi tunes and highly spiritual koali music, and singing it badly at the top of our lungs in your black Honda Civic with the windows rolled down. Still do it, different vehicle. Different vehicle, and perhaps maybe some passengers that don't appreciate it as much as we did back then. But I want to talk a little bit about, actually, the origins of Red Rhino, like a really interesting company. And I feel like you've carved a really unique niche in a place that's becoming increasingly noisy or exponentially noisy. How did it all start? And were you a little boy with a dream of being a IT MSP one day? 

Barinder Hans 03:21

No, when I was, when I was a little boy in high school, I wanted to play video games all the time. And I thought, Hey, let's go to video game design school is a big thing at the time. And my friend and I who also wanted to do that, we decided that that might be too limiting. So the computer science in at UBC and said, but the entire time, no, I had no idea I would ever be a business person. If you talk to me in high school, the idea that I could be an entrepreneur, a business person, I would have laughed at you, let alone my entire class. There's no way that would have ever happened.

But when I was going to school, uh, at UBC, uh, during the summers, I got a job at like a local computer company back in my hometown and, um, I found it interesting, got really nerdy. Then I, you know, you got nerdy. I guess I was always nerdy. You started off pretty nerdy. The fair point. Fair point. I doubled down on the nerdiness. As did we all. And, um, uh, part way through, I took a year off, still continue to work there. And then when I ultimately graduated from, uh, from, uh, from university, uh, like any, uh, good university student, I didn't know what I want to do with my life and, uh, uh, the.com bubble had burst by this point. So all the jobs we thought were going to be available, we're no longer available. And I continue to work at that same company for another year. I enjoyed the people. I enjoyed the work. Uh, I did not like the pay.

Uh, and then I, at some point in 2005, I thought, Hey, I think I go do this for myself. And this was a year that I was getting married. So I call my fiance, she's in India, all getting ready for a wedding shopping and such. I'm like, Hey hon, I think I'm going to quit my job and, uh, and start this new life as, uh, as unemployed or partially freelance, employed. And she said this before you guys got married before I gave her a note. I told her. Yeah. And, uh, and she thought, uh, she was very lovingly told me that she trusted me. And, uh, and I, I'm sure I, she sure, I know what I'm doing, which was a big mistake because the next five years was a whole lot of struggle.

And, uh, I was one of those trunk slammers who did, uh, a lot of it work. People spread the word that, Hey, Brenda is a good computer guy. If you need somebody to help you out. And back then there was no such thing as a managed it industry where you're proactive. It's all reactive. Hey, but I came, my computer's broken. Can you come fix it? I need a new server because the old one's old. Okay, great. We can fix that. And you start off there and then ultimately, um, by 2010, after I'd done meandering, playing around with other ideas, going back to school for other random things, I got serious about it. So it took me a long time to get serious. 

Mo Dhaliwal 06:13

I was gonna say that because I mean I knew you during that time.

Yeah, and even with a computer science degree Never really heard you talk about technology as passionately as you do now We never really discussed your computer science degree My memory view then is you talking about your philosophy courses constantly

Barinder Hans 06:31

I love philosophy and that even when I was doing my computer science degree, I took every philosophy history course I could get my hands on it was they were extremely engaging for me. It's not like I didn't like computer science but those other courses stimulated my mind that self-development in a way that you know the technology side never could

Mo Dhaliwal 06:54

The connection's not immediate, right? It's like the network's down, but why? 

Barinder Hans 06:58

But it did help with the root cause analysis of things. So I did find all that other stuff interesting, but then ultimately settled down with an idea and decided that, hey, over the five years where I was trunk slamming, doing my IT work, I learned enough about the business and the industry we had transitioned or was transitioning to the managed IT space.

And I believed in that. I'm like, this makes a lot of sense. I started believing in myself because you put one foot in front of the other and you don't know where you're gonna end up. I was just putting one foot in front of the other. And I mean, my dining table for years was just full of computer parts. Like we never ate at the dining table because it was the tech bench. And then ultimately in 2010, I started getting serious. It was solid four years before I got my first employee. And even my first employee was not because I grew to a point where all of a sudden I absolutely needed it. It was kind of on the fence, but I was still friends with my former boss. And he was one of those persons who's like a mentor to me and probably the second only to my father as the most influential sort of male role model in my life at the time. And I learned a lot from him. And so we always remained friends. And then ultimately he was retiring and I was able to pick up his book of business as well. And what year was that? That would have been 2014. 

Mo Dhaliwal 08:28

Yes. So you had started your company and more as a IT service provider. And we were taking along for a little while and then you decided to kind of take over his business as well. That's right.

Yeah, so I want you to talk about that a little bit because I mean, I've got some inside knowledge there, but it's still fascinating to me like how all that went down. So if you talk a little bit about, you know, how you guys struck an agreement and what sort of transformed the business after that. 

Barinder Hans 08:55

Sure. So I think you're alluding to the fact that our agreement was a handshake agreement. We just trusted each other and just went off that. But I think to truly understand that, I think just to back it up a little bit, I think one thing I was always, even since I was young, I question things. I was never like, here, this is the authority, here's the right way to do things and accepted it. I'm kind of annoying that way, right, as you well know. And so I'd always look to get to the truth of the matter. I want to always understand things as they were, which is a skill set I realize now that you build up over time. It is a continual evaluation of the data set as it is, whether it's hard data, like in business that you can have, or anecdotal data, life data, gut feelings that you have in your personal life. And over years, and I only realize this now, I think I've gotten good at understanding the reality as it is and accepting it for what it is.

And if we can get good at understanding truth, and it's always a continual learning process, it's not like we know everything. It's one of those situations where the better you get at it, the more it empowers you to make better decisions in your life, in your business. And so how do you operationalize that internally as a human being? And I think for me, that was always integrity. I know it's like a moral standpoint, but I've always tried to build my life with high integrity, because that allows you to be in harmony with that truth of the outside world. And so when I'm high integrity, and this gentleman, my boss at the time, or previously was high integrity, we could just, we started off our conversation by like, Hey, this is 10 bullet points of what's important to us. We can make this work. Then he goes away and talks to a lawyer because he wants to, he's a smarter business person. He's been around the block and his lawyer comes back with a whole bunch of bullet points and things to fix. Then I'm like, Oh crap, I got to go talk to a lawyer. And I send it to a lawyer who's a friend and she comes back with a bunch of bullet points and we go back and forth twice. And they were like, this is a dumb idea. This is not what we were thinking of. Like, can we go back to the original 10 bullet points we had? Shake hands, move on. And it was a good deal for both of us, but we could only do that because we both trusted each other.

And I think like when I reflect on my life, everything good in my life has come because of that high integrity, whether it's that life-changing moment in my business. And it truly was like the before and after that, that transaction is, is wildly different for my life, but the people in my life, my friends, my wife, like it just, everything is there. I mean, as you know, like I live on no drama kind of life. Like I don't have people in life, my life that create drama and I'm the drama in your life. And if that's the worst of it, I mean, I'll take that. 

Barinder Hans 11:56

All right. Any day, there's a, there's a certain amount of authenticity.

And I think those good things really help empower us to focus on things like business because I don't have all this baggage that pulls me down. Right. So that's, that's that, that transaction then let me have employee number one office space very quickly employee number two. And then it's been, you know, you know, not smooth sailing, but you know, sky's the limit. 

Mo Dhaliwal 12:24

Yeah, you know, I wonder which came first, because I guess interested in school, how it attracted you were to philosophy as a subject matter. So I do wonder a little bit of what came first, and was it the attraction to the Stoics that came first, or was it actually reading so much material in philosophy that you said, actually, here's an interesting way of conducting relationships and living life. 

Barinder Hans 12:50

I think they're mutually reinforcing, right? You're at that age when you're 18, 20 years old, you're just trying to understand the world and leaving home for the first time, that you have to absorb all this material, right? And make sense of the world and become an adult in some shape or form.

And I think they just mutually reinforce each other. 

Mo Dhaliwal 13:13

The reason I ask that is I'm seeing some really interesting parallels here, because you have something in common with the co-founder and CEO of Bubble, no code platform. So Josh Haas, we had a chance to chat with him at Web Summit, recorded a little segment with him as well. And similar to you, his first passion was actually philosophy. And technology came later. I like him already.

Yeah, no seriously. But much like what you're talking about, what I saw in that conversation was he had a real appreciation for simple truths and just building on really, really simple truths. And that's also why he was quite far ahead of the industry. Like now we look around at automation, no code tools. It just seems so obvious. He started on that path in 2012. And again, it was no bullshit pitch decks and big VC money or whatever. They just said, hey, simple truth, we think this is where things are headed. This is only going to increase. Can we build something meaningful? Yes. They bootstrapped for a number of years and just like inch by inch just built a solid thing moving forward until it became valuable enough that it's a huge company. 

Barinder Hans 14:22

And that totally makes sense because truth is like a river and we're the rafts on that river. You can fight against it. You can roll against it. And it's anything in our lives, right?

But if you can find a way to move with harmony with that truth and understanding reality as it is, you're going to be far more successful, right? 

Mo Dhaliwal 14:43

So, what are the simple truths that you're working with today? 

Barinder Hans 14:47

Well for us for business we always invested in people like I think people are critical like I've always tried to make a place of work where people will want to stay forever and sometimes not gonna be true for them and that's okay have to move on but I really want them to create a place of work as high empathy respect every individual junior senior doesn't matter everybody comes in day one if they have ideas we're happy to hear them

Mo Dhaliwal 15:11

The idea seems almost quaint though in the current context because I mean the idea of lifers is almost disparaged a bit these days. 

Barinder Hans 15:20

Yeah. And it boggles my mind when I'm on like Reddit and see these career advice threads back, Hey, you should never stay at a job more than two years. Sure. But when I see a resume, that's a job hopper, you know, last jobs, seven jobs or a year and a half, that person is not getting reviewed because I'm of a different opinion.

I think it's important to support people, try to create opportunities for people to stay there for life. And if they don't, that's okay. But I want to create that opportunity. And those are the people that get rewarded, I think, in the long term. At some point, you have to settle down and say, hey, what is my passion? What is the company that's going to help me create the things that I want to create? And you can't do that in a one and a half year, like sometimes, but most of the time not, you can't create that in a one and a half year timeline. Right. So what are you truly investing in as an employee, as a creator? Right. 

Mo Dhaliwal 16:14

Yeah, there's real clarity to that, actually. And I imagine, with all of the career advice out there about what you're supposed to be doing and leveraging one offer to get another, how much depth do you actually build, right?

Have you ever experienced what it means to have a deep and trusting relationship, like the one that you had with your former boss? That's right. 

Barinder Hans 16:33

And when you have that trust, those people will show up and support you later in life. I mean, I was talking to a business owner down in, he runs a much bigger MSP, cybersecurity focused in Silicon Valley. And because of the people that he cares about, he really wants his employees who have helped him build this company succeed in life. So he's turning it into an employee owned company.

Instead of just selling it to PE firms, and his firm is massive, which people would line up to buy from him, he's actually ESOP, right? So which allows him to turn it into an employee owned organization and let them buy that organization from him. Great. He still gets his money, but he's now given it to his employees who have helped build the company and can continue to run it. His clients are served. And I think there's not every business owner is like that, but I think though the good ones will always think of their employees as well, not just shareholders. 

Mo Dhaliwal 17:27

Mm-hmm, so investing into the people and actually creating opportunities for them to stay for life. Like that's one simple truth. What else are you looking at? 

Barinder Hans 17:34

I think you have to also build systems. I've always focused on trying to not depend on as, to have good individuals, smart individuals, but builds to systems and scaffolding that allows a business to succeed. You have to have fundamental business processes that are core to what you do, right? So we do IT, right? And we make sure that our processes to execute the various elements of technology of IT are well-documented. We're very heavy on documentation. It have been for almost our entire inception, right? Since I had an employee, we've always focused on building processes. And I think that's critical because I take on, you know, it's unfortunate, but also not surprising because it takes effort to build a culture of documentation of SOPs, standard operating procedures. We have hundreds of documents in our documentation portal.

You can improve upon the document and it's always ever changing. We will blow up everything every three months if we need to, but like we'll take on a client. Like an example is client user onboardings. It's something you do in every business all the time. IT departments get it wrong all the time and we'll take on a client and they will screw up onboarding. For example, one we took on last year, they would onboard new employees but still give them permissions to, the owners had this one folder while the sensitive data went, the two owners, the partners. This one folder somehow always got assigned permissions to every new employee. Like that's the one folder you're not supposed to be doing. So build the process, right? And then- Sensitive data? Let's get the interns in there first. Yeah, exactly. And it's frustrating for those business people because that distracts them from the work they're supposed to be doing. If you do your job right in IT and most of it can be systematized, right? Focus on process. It actually empowers your people to do their best work because they don't have to worry about the simple things. Some of our processes get really complex. We have some processes that are three pages long and for setting up a new firewall, for example, and there's details you could forget and also allows us to train new people as well. If our processes are better built, we can hand that over to a new person. And so we actually pride ourselves on being able to like bring in new people, young grads, and then train them up. And we could only do that because of those processes, right? It's a real leverage. And then you think about the future now with automation and AI, we can only take those processes and automate them because they're well-documented, right? The better they're documented, the better you worked out the kinks already, then you can take them to automation and we're doing a lot of that internally as well. 

Mo Dhaliwal 20:28

So I'm going to share a quote with you. I'm going to paraphrase a little bit, but it's Rick Rubin, obviously legendary music producer and like a savant in music taste and understanding what's going to be a hit or not. But he had this great sort of take on AI and what's going on right now. And he basically took it back to music and said there was a time when the average person actually couldn't get involved in music, because to ever be able to express yourself musically, you had to have had training from the right masters. You had to have maybe even like gone to a conservatory for years. And then eventually you may or may not be selected and kind of tapped to be one of the special ones to join a symphony. And now you get to perform and you get to express your art. And you fast forward to kind of like the punk rock era where, you know, you need to know three chords and pretty much anybody can learn three chords. And the next day you could be on stage somewhere screaming your guts out, but you're expressing yourself. And so he said, we're kind of in that era right now where vibe coding is three chord punk rock.

And that makes it amazing and awesome because everybody's out there expressing themselves and there's a whole explosion of these applications are getting developed. But it seems kind of counter to what you're describing of, you know, methodical, systematic, process oriented, thoughtful. I mean, I enjoy vibe coding. I feel like, you know, I'm in my early days of being a little script hacker on the internet and in my twenties because I'm able to have an idea, rapidly spin something up and show it to people. Right. Yes. It's so liberating in a way. Yeah. So how do you square the fact that technology is blowing up and in some ways democratizing and empowering masses of people all over again, right? Kind of the same way we're all empowered when the internet first came up and you could have a quote unquote website, you know, next to Ford Motor Company or anybody else. And it was kind of this, this even footing for a while. So how do you kind of balance the fact that you've got this real systemic, a systematic process oriented approach to technology, but the industry and the culture around it is kind of exploding into this, like just kaleidoscope of randomness. 

Barinder Hans 22:44

Yeah, I think what we do was analogous to coding. It is a little bit different in some ways because it's outcomes for business, right? And you always have to have a predictable outcome for business. But as far as like vibe coding, I think there's room for both.

There's room for both jazz and classic music. There's room for punk rock. There's room for all of it. And same with coding. You need to have strong, accurate systems of record, plus also maybe some lean new applications that maybe don't need that same severe level of cybersecurity, right? Like if you're coding and you're putting AI into kids' teddy bears so they can talk to them and have intelligent conversations, great. Now, does that need to have that same level of systemic coding like a NASA engineer would? You have to have room for both, right? It all depends on what your business outcome is. What are you trying to create, right? So I don't think those two things are at odds. For us, if we think about AI and we think about systems, there are some systems that must be precise and accurate. If I'm sending somebody an invoice, 99% of the time it has to be accurate. But if I'm generating marketing content, yes, it can have room for error, right? And I think that's where generative AI actually excels when there's room for error. Because built into the system, it is a prediction machine it will have because of its nature error. So it's functional and good in some areas, but it's not going to solve all the problems where you need precision and accuracy. Assigning permissions to users of what they're allowed to have and not have is not something that can be imprecise. It has to be accurate and precise every single time. So yeah, I don't think those two things are at odds. You just have to understand what's the right tool for the job. 

Mo Dhaliwal 24:36

What do you think people are still getting wrong about technology and infrastructure? 

Barinder Hans 24:43

I think there's still not enough as the average business owner that I meet. There's still not enough investment and understanding of technology.

I think, uh, and it's fair because if your technology everywhere, like it is everywhere, but I feel like, uh, and I get it. They have a different business. That's their focus that they're a different lawyer. They're an accountant, they're an architect, whatever they're doing, that's their core, uh, focus their skillset. So they focus on that, but I think technology is everywhere. But people don't understand technology because not everybody is an IT specialist, but there's, uh, I think a deeper understanding the average person does need to create and, uh, and elevate their skillsets around cybersecurity, especially where, and now AI, those are like areas where you can't ignore that anymore. We've only deepened our dependence on technology over the last 20 years. And the next 20 will be even, uh, a steeper adoption curve of these modern technologies. And so as a business leader, as a father, after for my kids, I have to make sure that they understand technology in a deep way and business leaders need to understand technology in a deep way, because in the future, everything is going to be a tech company that just happens to have a different product, depending on a specialized skillset and, and we have to, uh, navigate that world, uh, with a lot of education and, and, and yeah, just depth of understanding. 

Mo Dhaliwal 26:11

Right. But what's the what's the biggest thing that you think, you know, small, medium enterprise is missing? Like, what's the scariest thing out there right now? 

Barinder Hans 26:19

Cybersecurity is obviously still the scariest, right? So, you know, AI is fun and positive and great. I love it. But cybersecurity is definitely by far the scariest.

It'll take down a business. Like if you get ran somewhere, like there's a great percentage of businesses that never recover because, you know, somebody says they've got backups or previous IT person or their internal IT person. Yeah, they've got backups. They would pretend it's running. But many times they don't test those backups. Is it actually gonna recover when a disaster hits? What's their business continuity plan? And these days, these risks are only getting greater and greater. 

Mo Dhaliwal 26:53

Um, so that's the arms race I was talking about in the intro. It's because, you know, there's, uh, the universe always works to balance itself.

Right. So we have an explosion of the positive side of tech. Um, but similarly, the level of, um, attack sophistication is also increasing. And earlier you were mentioning, um, like ransomware as a service. Yeah. If you're a bad actor, you can. 

Barinder Hans 27:15

Yeah, if you're a malicious actor, you're sitting in North Korea or wherever you want in the world where you're less likely to get prosecuted, you can just subscribe to Ransomware as a Service and it doesn't take a lot of depth of skill sets. In the old days, it's not like the current nation state actors where you have to have deep level of knowledge to execute these malicious attacks.

You can just subscribe to Ransomware as a Service as you might subscribe to a sales force and be like, all right, I'm going to deploy this, buy this botnet, group, go here, deploy, done, right? And you just buy these services on the dark web, right? And it's in. 

Mo Dhaliwal 27:48

We're gonna put a how-to guide in the notes. Yeah, let's not do it. 

Barinder Hans 27:52

Show notes are going to be epic. The risk of prosecution is low. The risk of getting caught is low. The rewards are high.

And they share the profits with the big organization. I mean Ransomware and these malicious like fraudulent fishing activities and such, they're worth billions and billions of dollars. They're not small organizations that run them. They're giant cartels. It's like there's a lot of money to be made. And so they're not small organizations anymore. And they're also not always targeting. Like we heard about the targeted items in the news often, but the small businesses are actually the ones at more risk because they often don't have the capabilities to prevent these attacks.

They often don't have the ability to recover. They don't have the deep pockets to pay out any fines. And when they do get hit, oftentimes the cost is enough to take down the business. Right. I mean, I talked to some of my friends in the States. It's like doctors who are obliged to follow HIPAA and other regulations. But if there's a data breach, some of them are like, Hey, I'm at the tail end of my career. I'm just going to shut down early. It's not worth it to go through this cost. Let's let's just close up shop. And, uh, and so you see this trend of, uh, of risk only increasing now with AI based threats, it's getting easier and easier.

The fact that somebody could call into my office, mimic my voice because I recorded a podcast and say, Hey, can you reset my password for me? I got a new phone number, right? If you're a small company like ours, they're going to be like, this is off. This printer wouldn't do this. But if you're a company of, you know, a thousand people or 10,000 people, how hard is it to get through? I mean, that's what happened close, similar to that with the MGM hack. They just called into the IT department. Right. Really for, yeah, it's a little bit more complex, but it's like, Hey, can you, uh, I can, I'm locked out or can you do a password reset? And, you know, it wasn't even AI based or anything like that, but it there's social engineering will get you pretty, pretty far. Right. And so risk is, uh, of getting caught and is low. It's easy to do. They just carpet bomb all the businesses. So as a small business, you have to have your fundamentals in place.

So as an IT professional, I get really frustrated seeing all these IT teams not take care of the fundamentals. Right. Uh, in the old days, when everything was in the, what's called the break fix model in our world, it's like something's broken, come fixes transactional world. And there's still some businesses that still live in that world where their IT people are transactional. You wait for it to go down and you wait for something to fail. They're right. That's right. And that works for cars, but it doesn't work for technology anymore where we need uptime. Like when I talk to clients, I tell them that the two biggest deliverables I have for them are productivity, make sure people are able to work and function and, and improve their performance and then risk mitigation. 

Barinder Hans 30:50

Right. And so it frustrates me when I go to these take on clients or talk to other IT people, because I'm involved in the larger MSP community. It's like, you can't run IT without taking care of your fundamentals of cybersecurity first. Right. And it's not even that expensive, but you have to do it right.

And I think that's what sets us apart is like, we have this culture of do it right. And, and that sounds cliched and everybody will say it, but how do you show up in those processes that I alluded to earlier, we have a 200 point checklist in one area, 300 point checklist in another area. That we make sure our clients are aligned to those best practices. Does every IT company have that? No, I don't think so. Like some do. Right. And it's unfortunate cause it's the knowledge is available. It's not hard to get. Um, and if we do those, uh, you're protected from a lot of low hanging fruit. If somebody wants to target you as a nation state actor, a three letter agency, you're not going to stop them. But the average business is not worried about that. And so how you should, you should be able to take care of your fundamentals in a way that really reduces your risk. 

Mo Dhaliwal 32:00

I'm going to be peppering this conversation with lots of personal commentary because it strikes me every time I hear you talk of just how well suited your personality is to the work that you do because everything that you just outlined is a fantastic approach to IT and technology and infrastructure. But these are the same things that make you really boring on vacation because I've been on vacation with you.

It's like you don't want to go into the risky districts. You're worried about getting mugged. You're worried about physical safety. And that creates a boring trip. 

Barinder Hans 32:35

You know what, sometimes I am at a risk or reward, right? So I'll jump out of a plane and go skydiving, but I will double check and make sure I'm clipped in, right? And so, yeah, I'm okay with risk, but it has to be a risk that is understood and it can't be vague. It can't be something we don't know, you know, what the true risk to our organization or to our personal, physical wellbeing is. 

Mo Dhaliwal 33:04

right? So I mean, that's the bad actor side of the world, right? And I think that's maybe a little bit better understood because we can say we've heard about breaches, we know that hackers exist, you know, ever since the movies in the late 80s onwards, we know that people are able to use technology in malicious ways.

But the other thing that I think has sprung into popular imagination a little bit more is just the understanding of how much of our world that we live and interact with on a daily basis is kind of like this weird like scotch taped together house of cards. It was apparent when the CrowdStrike failure happened that, you know, somehow a little bit of bad code can get pushed and in the end, I think it was just human oversight that caused massive, massive failures worldwide. Hadn't even heard of that company before because I'm not from that space, but suddenly they're thrust into the imagination because you realize that, you know, there's large like refrigeration units and airplanes and all sorts of things that implement their tools that are now just failing everywhere. And then the other place was actually with, you know, the American government and Doge, right? Of them, you know, to some extent running roughshod through the various agencies and bureaucratic departments, but at the same time also getting to look in and say, wow, they're running for CRAN, they're running COBOL, they're running these 50, 60 year old languages and those systems are processing, you know, not just some little, you know, sort of esoteric department there that doesn't interact with anything, but actually tens of hundreds of millions of files for citizens, right? These are the systems and all of them, it's not even to say that they're vulnerable, it's like they're just so archaic and so brittle and that's what the world is sort of built on. 

Barinder Hans 34:56

Yeah, yeah, it's and the other example I would share with you just from the physical world is during COVID was global supply chains. Like you realize very quickly that the food that you depend on can get shut down very fast if your delivery services can't get to where you need to go. We had a flood in our community and it like one side of the highway was blocked for a couple of days. Well, if a different part of the highway got blocked for a different reason, well, that community would be isolated and not able to get food in or out. How many days of food do you keep in your fridge? Like there's a lot of these resilience conversations we have to have as families, as businesses, as governments.

And I think that was a big wake up call from COVID as well is how do we build a more resilient country? Right. And I think it's good to have those conversations. But with technology, I think we, I don't know how we roll it back. We're already very dependent on the big technology providers, the Google, the Microsoft, Facebook is I think you can live without your Facebook and Instagram, but you know, they're there as we move into AI, our big businesses are going to become even more reliant on AI. And so yeah, I don't think there's a way to turn that back. That dependency is going to be there. And then you rely on those big businesses to make sure that they are resilient. One example that I can share though, is that you have to assume just like in cybersecurity, you assume zero trust. You have to assume that your technology will fail if you're going to plan for a resilient system. So I was at a hotel, the Omni hotel had a breach a year ago, two years ago, and I'm checking in. I'm like, and I'm learning this as I'm flying in. I'm like, Oh no, how are they going to check us in? What hotel room are we in? Who knows, right? But they had a process. They knew what they were going to do. They put, uh, they had paper printouts of where every person was booked, whatever room they put a human being because of the, uh, the cards wouldn't work, of course. So they put a human being on every floor with the sheet, like, Oh, Brenda, let me walk you to your room and buzz you in every time 24 seven. There's a person on your floor who's going to walk you to a room and you show them your ID and let you into your room. And so they had a process for that. So you have to build a system, a company, uh, uh, that is resilient against that technology failure. Yeah. That's

Mo Dhaliwal 37:26

That's impressive. I remember this anecdote that was shared years ago, and it was about the early days of Amazon Web Services. And again, the simple truth, the approach that they took to their infrastructure early on was the assumption of failure. And I don't believe that as much as that might be a principle, there wasn't necessarily as much appreciation for that.

And you could see that in the expense of a lot of commercial, professional-grade business hardware and software. Whether it was back then in hard drives or what have you, the assumption was you pay these premium rates because they'll have a higher uptime and they'll break, but it'll be a long time before they break. And I think it was before it was AWS, they basically had created an internal infrastructure where they assumed failure. And to such an extent that they would only buy consumer-grade hardware, and they would attach it to these server racks, but they would velcro and just tie things in place because the assumption was this thing's going to break and we're just going to rip it out and replace it. But then they created underlying software that would allow for load balancing and would allow for distribution of all that compute across hardware that's failing all the time. But it was such a different perspective. And this whole era of cloud computing in AWS is kind of born out of that, right? The assumption that it's going to fail. And because you assume it's going to fail, you have systems that are constantly resilient and redundant. And then the experience is that you never actually have failure. 

Barinder Hans 39:01

And as a systems guy in me is like, I hear those stories and I love hearing that because that's just such intelligent design. And I mean, that's how the internet was born is how do we create a resilient communication system in case war breaks out between Russia and the US, how are we gonna be able to communicate, right?

And Netflix has taken that to another extreme where they have their chaos monkey go in and intentionally take down servers, intentionally take down entire data centers and ensure that Netflix can still function and perform. So what's the chaos monkey? The chaos monkey will literally take down servers. Yeah, but what it breaks things. But what is the chaos monkey? It's code, okay. It's code, it's code that will intentionally, I'm assuming it's maybe more than code and they've gone up to like chaos ape and chaos Kong and things like that, where they'll take out full data centers, full regions, right, to see how they can still function. But they've built resiliency into the ecosystem, right? And I love hearing those stories because that's how we have to think about our businesses, right? 

Mo Dhaliwal 40:02

Yeah. I mean, that's a really intentional approach to chaos. 

Barinder Hans 40:07

And if you assume intentionality, or if you work with intentionality, hopefully you cover enough cases that the unintentional stuff that shows up, you're protected against it. 

Mo Dhaliwal 40:21

So, so what's next? What's what's happening in the world? What are you excited about? What are you worried about? 

Barinder Hans 40:28

Uh, uh, so the excited and worry is probably both AI, I'll be honest. Uh, it's, I'm very excited about AI because yes, we've sold cybersecurity for the last five or 10 years and we'll continue to sell it. It's great. Um, it's, we're good at it. It can make some money, but if you go talk to a business owner, if I go talk to Mo the business owner, I'm like, Hey, we're going to sell you something and it's going to protect you, but I guess negative things that can happen. Great. You need it as a business owner. I need to invest in it, but it's not creating business value for me. It's protecting against risk insurance. It's insurance and AI is one of those things where I can actually create business value, I can actually make my marketing manager, you know, five X more effective by the use of AI. I can have my coders be, you know, I don't know how many orders of magnitude more effective with the use of AI. That is exciting.

That is creating business value. I can go tie in to databases and business intelligence and say, Hey, we're going to give management and leadership and the board power BI reports that are going to be able to tie your disparate, uh, uh, systems together. You have data here, data there. Let's actually pull that data into something reasonable that an organization can look at. So those types of opportunity is super exciting. Um, and we can do that consulting and try to provide that to our clients. But at the same time, I mean, you have like the leader of anthropic, the CEO come out, uh, in a recent interview and talk about how there's going to be a white collar bloodbath for, for jobs where he thinks in the next one to five years, something like 15% of white collar entry level jobs, uh, uh, people would be unemployed. That's a massive impact to our economy, to people's wellbeing. How do people get their start? I mean, we're thinking about how to bring AI into our system and use it more, especially for frontline frontline tech is going to be the first place that's going to be, you know, uh, impacted by it. In addition to coding, of course, Microsoft just laid off 6,000 people in a restructuring. Every organization is doing this. So what does this mean, uh, for our society? And I think that's a negative side that nobody is talking about in addition to all the cybersecurity concerns about AI, I mean, don't go upload all your sensitive private information into chat GPT. I mean, that would be a bad day. Um, but why is government not talking about it other than anthropic, which is one of the more progressive ethics-based AI organizations, why are not the other AI organizations not talking about these things, right? How are like, I think he suggested that there might be a transaction tax you could use to help those displaced workers. Great idea. Let's have those conversations as a society because five years is not that long. And we're seeing the impact now for, for the public. And, uh, I mean, in typical government fashion, government will wait until, you know, the 11th hour to do something about it and it'll be too late. 

Barinder Hans 43:24

Uh, but if we could get ahead of it, we can help those people, right? AI doesn't have to be something that costs a whole bunch of people jobs in order to have the billionaires become trillionaires. We can design it in a way that it does serve everybody still allow businesses to succeed, um, uh, but without the expense of the, in the public. Mm-hmm. So those are the big things that are exciting to me.

I love talking about AI. I love bringing it in. I don't think we should stop doing it. It is a tool and it's a powerful tool in our toolkit. Yeah. 

Mo Dhaliwal 43:59

I've got to share this anecdote, though, because I'm a bit of a techno-optimist, I think. Have some concern, obviously, about the social and ethical implications of every advancement, because they amplify everything, the good and the bad.

But just the degree of vulnerability and the degree of risk, I don't think that's fully understood. I'm not going to share names, obviously, but discussions with some senior members of a fairly large law firm recently that had a lot of just dark AI usage internally, because the level of appreciation was that if you log on and upload all of these sensitive documents, get a variety of AIs to process them, that if you then, when you're done, if you log out and clear your browser history, that that's safe. And this was like a rumor that had spread throughout this company, and we're talking about a hundred employees minimum, where it was just understood that SOPs, it had almost become an informal SOP, that we're all going to upload this stuff just wildly to random services, but clear your browser history after you're done, because we've got to be cyber-secure. 

Barinder Hans 45:17

It does not surprise me. I mean, and because people don't fundamentally understand how AI works. Right. And, and, and also people think that AI is always right. It isn't right.

It, it, we know that it isn't right. It just by design, it can't be always right. Um, but yeah, I think this goes back to my earlier point of in the future, even now, the, the more tech savvy those business leaders can be, the better their departments, their, their businesses will be served. Everybody needs to have a deeper understanding, but I mean, I'm still having conversations about password management, that every password needs to be unique and strong. And how do you do that? If you got to have a password manager, I can't remember a hundred different passwords, right? Every password has to be unique, strong, minimum 12 or 14 characters. Who does that? I mean, everybody still puts a zero or one exclamation mark at the end. I think it's unique, but no, no, no, when those passwords are breached, because, you know, various organizations will have data breaches. You don't even have to do anything wrong. It's going to be on the dark web and they'll see the pattern that you like putting zeros and exclamation marks at the end, and they'll try it across all your services and lo and behold, they're into your sensitive Microsoft or Facebook or whatever accounts you've got.

And so I think there's a, I think we're always fighting that, that battle for education and training and businesses know that, but I think it's hard one to, to, to teach for people who don't want to honestly learn that. 

Mo Dhaliwal 46:37

Mm-hmm. So what's next for Red Rhino? 

Barinder Hans 46:40

Well, for us, we're, I'm just grateful. We're in a good place. We're having fun.

Uh, we're, uh, we're, uh, investing more in AI and automation. I mean, automation often doesn't get the same buzz as AI automation. I think is the more in some ways more powerful, depending on what you're trying to have as an outcome. 

Mo Dhaliwal 46:57

of what's actually automation is being called AI. 

Barinder Hans 47:00

Yeah, a lot of what it's automation is actually called AI because it just gets lumped into it. And AI may be actually more powerful in the long-term, but if you want precise results, precise data, automation is extremely powerful.

We have, in addition to traditional automation, which is full code, you have low code, no code options now that can really leverage and unlock a lot of potential in organizations. And so we're investing a lot into that for our business, but as well as our clients to take that knowledge to them because it can help them. Other than that, we're growing. I mean, like you mentioned at the beginning, like we've been recognized as a good, strong Canadian MSP. We have a vision of where we're trying to go and help small business excel and unlock their full potential. And I think doing it in the midst of the AI revolution is about as exciting as it gets. 

Mo Dhaliwal 48:00

So if somebody wanted to learn more about you, learn more about Red Rhino Networks, we're 

Barinder Hans 48:05

should they go? Hit our website. Give us a call.

You can email me. It's just my first name at redrinonetworks.com. Email me anytime and we'll help you out.

Awesome. Thanks for your time, render. Thank you. Appreciate it. 

Mo Dhaliwal 48:20

Well hopefully we've given you a lot to think about, that was High Agency, like and subscribe and we will see you next time. 

‍