(upbeat music) >> Hey everyone, Lisa Martin here with you on theCUBE Live from Mobile World Congress '23 in Barcelona. We're having a great day at the show. We hope you are too. I've got two guests here with me next. We're going to be talking about telco's 5G, all that exciting stuff. Please welcome Jason Inskeep, the AVP 5G, and Private 5G Center of Excellence at AT&T Business. And Doug Lieberman is here as well. Senior Director, Global Solutions Co-Creation Services at Dell Technologies. Guys, it's great to have you on the show, live from the show floor, talk to me about what's going on, how are you? >> Hey, thanks for having us on. It's a great show, I'm happy to be back here this year and really looking forward to the conversations that are going on and really continuing these partnerships that Dell has with companies like AT&T to truly drive the realities and the benefits of 5G. >> Absolutely, Doug, talk to me a little bit. You have an interesting title, Director of Global Solutions Co-Creation Services at Dell. Tell me a little bit about your role, what you're responsible for, and then Jason we'll have you do the same. >> Yeah, thanks for bringing that up. So, I have a very interesting role and a very exciting role at Dell because we have a unique organization that I run globally whose job it is, is to work with telcos to co-create services for enterprise and jointly go to market with those. So that basically take the combined power of AT&T and Dell and bring that to enterprise customers and other telcos so that enterprises can realize the value of, and truly leverage and harness the capabilities of 5G for private mobility and Mac and IOT and connected devices. >> Jason, let's bring you into the conversation now. You have an interesting title as well. You're with the 5G Center of Excellence at AT&T. Talk a little bit about your role and that COE. >> Yeah, thanks for having me again as well. The role with my team at AT&T is we're on the cutting edge. We're sitting in between our customers and our product houses that are working with folks at Dell, really helping putting our products together in the space of 5G. A lot of open opportunities here, a lot of things changing really fast. So my teams are off as well as putting this stuff in customers production sites it's also taking and capturing that information, working with my internal partners, both on the technology side, on the product side, and partners like Dell who are coming in helping us enabling those products and services that we can take and scale out through the different opportunities that we're seeing in this space. >> Let's double click on that partner angle, Jason, will stay with you. The 5G revolution, it's here, we are all excited about it. There's so much potential that will come from that. Let's talk about the AT&T/Dell partnership. How are you guys working together to deliver 5G globally? Jason, we'll start with you and then Doug will go to you. >> Yeah, at the core of it, when we started looking at 5G and seeing the changes that were happening, one of the biggest changes is it became software defined. So, the way we could deploy the hardware with the software becomes a whole new conversation. And what we saw coming out of that is it's not going to be a single winner and loser to really execute the way it's necessary for the experiences of tomorrow. It has to be an ecosystem that comes together. Dell creates a great opportunity for us from the hardware perspective to move those services around, to scale those services ultimately to all kinds of site types up to cities right down to small offices. And those different form factors that they bring with the software and the network pieces that we're adding on top of it help to streamline the flows and processes and really gets to that next generation that we see happening, which is this converged architecture. This meeting of network and application, creating a whole new skillset along with products. So we're at the very top we've got Dell/AT&T, at a partner level, it gets at a granular level too. The users and the developers underneath are starting to change as well, so very interesting dichotomy happening right now. >> Right, Doug, what's through Dell's lens? Tell us a little bit about the partnership and how you're working together to deliver 5G and really unlock its potential globally. >> Yeah, thank you, I'd love to bonus off of what Jason was saying, for Dell, what we look at is through the lens of an enterprise. An enterprise needs to execute their business function, their outcome, their mission that they need to operate. And so therefore they have workloads that they need to run. And 5G is an enabler for that technology, and there's lots of other enablers but the key piece is how can they get their business work done better, faster, cheaper, more efficiently, more securely? And the combination of AT&T and Dell truly is a combination that brings in a partnership that brings together a full breadth of those capabilities, with understanding what those enterprise workloads are and how they work and how an enterprise would leverage these capabilities. And then bonus on top of that and merge together with that the capabilities of AT&T. And when you look at 5G, there's a lot of people that talk about 5G being the enterprise G. And a lot of that is because of things that Jason mentioned. As we move to a disaggregated stack where you have software-defined aspects of it, and the ability in the underlying definition of what 5G in the specifications to allow much more customization. It means that enterprises now cannot just take connectivity as it is and use it however it comes but actually work with a telco and work with Dell to customize that connectivity in a way that better meets their requirements. Whether that be with slicing or private mobility or roaming between private and the public network and things like profiles and being able to have different views of how different users and devices connect to that network are all key in truly harnessing the power of that connectivity to have always on, always connected, always integrated systems from the edge, the core, to the cloud. >> Always on, always connected. That's what we all expect these days. Wherever we are in the world, whatever we're trying to do. But to be able to take advantage of all that 5G offers for all of us, telcos have to create infrastructures that can support it, let's double click guys on the infrastructure that Dell and AT&T have put in place to enable this. Jason, I want to get your perspective first and then Doug will go to you. >> Yeah, I mean, it's foundational, the things that we're trying to do and build out here and there's a lot of complexity in it now that we didn't have before because of the flexibility in it. It's one of those things like the good news in software is you can do whatever you want. The bad news in software is you can do whatever you want. Once you have that foundation there though in terms of infrastructure, which for us is really air to glass. Fiber through the spectrum on top. But underneath of that, we have the servers, we have that infrastructure where those fibers come together where that air meets the radios and so forth. And we've got to have that great foundation. So working with Dell and getting those spaces built together preps the area as needed so that there's additional place now for compute and scale at that new converged meet-me point. And that's going to be the opportunity that we're trying to think about really to get that foundation in a way that maximizes capacity and maximizes control for the customers and enterprises in particular. And more importantly, maximizes the time horizon. Because if you're putting in a foundation like this, you're not looking at two to three years. You're trying to skate beyond, skate where the puck is going, look at five, 10 years out, set that foundation. And that's what we're trying to look at with Dell. What can our network do already? Where can we push it? In return, they're going to build their solutions to help maximize that potential. >> From an infrastructure perspective, Doug, I want to understand really where Dell is really shining there but also what are some of the differentiators that Dell brings to this foundational infrastructure that to your point, is built for scale? >> Yeah, so it really all comes down to as we start to see this transition that's been happening for years, but it's accelerating because of always-connected devices and everything connected and the great proliferation of data at the edge. As we move assets from the data center and out to the edge we introduce new challenges that have to be overcome. You have things like security, automation, infrastructure cost, maintenance, day-one operations, day-two operations, all of these things are new complexities which enterprises want to enable their workloads, enable the outcomes that they want to generate. But they need to make sure that they're not taking a step backwards when it comes to things like regulations. In Europe, you've got GDPR, and in the US you've got different security regulations. No one wants to be the next front page headline about their company being attacked and having a ransomware attack. And so as we spread out these assets, what Dell is here to do is to work with AT&T and enable enterprises to effectively build their virtual enterprise around the world where those assets, whether they're at the edge or the core or in the cloud, are all managed with the same profiles and the same security features and the same automation that they have in a core data center. So my ability to deploy an edge cloud so that I can leverage AT&T's network and have end-user devices do things like gaming or connect to video services or get directed retail advertising to you are not basically introducing new vectors for security vulnerabilities into that network. And so Dell has worked really hard and is a leader in the industry in providing automation and lower cost of ownership and security for those solutions. So it's not just about putting a server out there but it's about putting an infrastructure and a cloud that is connected by AT&T's backbone and to a central core of automation management and orchestration capabilities so that I can leverage those assets securely and efficiently. >> That security element that you bring up, Doug, is so incredibly critical. We talk about it at every event, we talk about it every day. We've seen such dramatic changes in the threat landscape in the last couple of years with covid and things like that. So that security element isn't trivial, it's essential for every type of enterprise regardless of where they are. I want to talk a little bit now about best practices. And Doug, go back to you, looking at what AT&T is achieving, the 5G COE, what you're doing with Dell. From your lens and your experiences, what are some of the best practices for telcos deploying secured network and connectivity at the edge? >> Yeah, well, I think the first one is that automation and that orchestration, right? The answer is that you cannot have snowflakes at every single ag point. You need to make sure that those infrastructures are consistent and compliant with the integrations and with the policies that have been set across the network. The second thing is that you want to make sure that the connectivity is monitored and metered and managed so that we know whether, for example that endpoint is there and it's not there, if it goes offline. And ensuring the end-user experience is consistent throughout. And so what we are seeing is that it's really important that we provide an implementation where the enterprise can get a consistent and a predictable outcome for what they're trying to accomplish. What they don't want to do, what enterprises hate and is really bad for them is when they provide an inconsistent or inappropriate results to their users, to their customer base. So if your website goes offline or you're a gaming platform, if people can't get to your game you're going to lose customers, you're going to lose business you're going to have people lose faith in your network. And so our partnership with AT&T and with other telcos is about ensuring that we have all those aspects covered, day zero, day one, and day two, as well as the security aspects. And that back haul is an essential piece of that because as we get more and more devices and more and more edge devices set up, there's more sprawl. And so the complexity goes up substantially, but what really wins is when you can take that complexity and use it to your advantage and be able to manage and deploy those systems as though they were all within your virtual enterprise. >> Using complexity to your advantage. That's an interesting one, Doug, that you're bringing up. Jason, I want to know, what does that mean for you and how is AT&T leveraging complexity to its advantage for its customers all over the globe? >> You know, first thing is if you're thinking about, we're a network company we're not just a 5G company, so we're wireline, we're wireless, we're global in terms of the amount of fiber we have in the ground, the amount of in the US, domestic sailor deployments, our investments in FirstNet, is our first responder network here in the US. So we have a big portfolio inclusive of IOT. That is a global brand as well. That, if you look at it through the outside lens, that's super complex, all over the planet. So when we're talking to our customers now in this new world, which is very much, "Hey, you can do these things on your own." We go back and the bigger, obviously have the products, and the network and the tech but now that customers can take advantage of it and take things that Dell have rolled out, they need that new new age expertise. You also got the Dell expertise of building these platforms from maybe a software level, from an orchestration level, those kind of things. And at the edge that's creating a new type of person and a new type of workflow, a new type of way to respond and work. So that combination of those two is going to be that new skillset. It's in small pockets now, it's growing in how that looks because it's a little combination of both the app developer and the network developer, that's coming together. Our footprint and in terms of what we provide in there is not just 5G, it's 5G, it's fiber, it's all of those pieces together. And that's what's going to super enable that experience that Doug talked about when you're thinking about gaming or transportation, it's not just the network performance, it's the roundtrip, so we're really trying to focus on that and educate our customers in that way with the expertise that we bring over years and years of building these things. >> And if I could just jump in there. I'd like to just emphasize something Jason just said. When we look at workloads at the edge, very rarely are those workloads uniquely just an edge workload, there are components. The example I like to use is video surveillance. If you are a big box store and you have video surveillance inside your store, there is a set of workloads and outcomes you need for immediate response at that edge. You want to know if there's a safety hazard, if there is a theft or those things. Those things need to be processed real time in the store before the thief leaves the store. But then there's a set of connectivity as well where you want to process that data up in the cloud to get long-term analytics and data off of that information. What's my average store density on a Thursday afternoon in November when it's 20 degrees out. Because that would drive how many employees I have, how much inventory I carry, et cetera. And that combination is a factor that drives all the different aspects of AT&T's network. We need the connectivity in the store for the practicability and the spectrum for the cameras that talk to a central server. We need the high-speed backup and throughput in order to provide cyber recovery as well as point-of-sales services so that they can do credit card transactions flawlessly, which is using a lot of wireline services for AT&T. And together with their cloud and their other capabilities, an enterprise needs all those different aspects to work, both the edge, the core and the cloud coming together to form an outcome from one piece of input. So that one piece of input, that video stream is used in multiple different ways and because of that, that network that AT&T brings can support the end-to-end outcome and use cases for that implementation, as an example. >> That end-to-end roundtrip that you guys talked about is essential for every type of enterprise. A lot of great work that Dell and AT&T are doing together to really enable enterprises to really capitalize on all that the new technology that 5G has the potential to deliver. So I got to wrap things up, Jason, with you. From a business-customer perspective, what's next for AT&T? What can those business customers expect? >> Just continued to scaling because you're looking at a space that's evolving rapidly. It's evolving rapidly, there's a lot of opportunity. You look at the private wireless space in particular, it's nascent, but growing rapidly with the customers having their ability to do this on their own. So for us, and really where we're starting to think now is we're seeing the things move from POC, starting to move to production, customers are starting to think about what's next. For us, we're trying to skate ahead of that knowing how we built our own networks, knowing how we engaged in our own partnerships like with Dell and trying to bring that expertise back to the customer, because it isn't cookie cutter anymore. There's a lot of flexibility and each input creates a different output. So it's up to us to at least help them balance that. Define what I like to affectionately call, "Find their Goldilocks." What is that just right for them? >> Great point, Jason, it is no longer a cookie cutter. Cookie cutter isn't going to cut it. Jason, Doug, thank you so much for joining me on theCUBE today from Mobile World Congress in Barcelona. We appreciate thank you all of your insights. Sounds like some great work that AT&T and Dell are doing together. Enterprises have a lot to look forward to. Thank you again for your time. >> Thank you very much, >> Thank you. >> Looking forward to seeing you at the show. >> I'm Lisa Martin from theCUBE at Mobile World Congress '23 in Barcelona. Thanks for watching. (upbeat music)

(upbeat music) >> Hello, everyone. Welcome back to theCUBE's presentation of the AWS Startup Showcase. This is season two, episode four of the ongoing series covering the exciting startups from the AWS ecosystem. And talking about cybersecurity. I'm your host, John Furrier. Excited to have two great guests. Ed Casmer, founder and CEO of Cloud Storage Security, back CUBE alumni, and also James Johnson, AVP of Research and Development at iPipeline. Here to talk about cloud storage security antivirus on S3. James, thanks for joining us today. >> Thank you, John. >> Thank you. >> So the topic here is cloud security, storage security. Ed, we had a great CUBE conversation previously, earlier in the month. Companies are modernizing their apps and migrating the cloud. That's fact. Everyone kind of knows that. >> Yeah. >> Been there, done that. Clouds have the infrastructure, they got the OS, they got protection, but the end of the day, the companies are responsible and they're on the hook for their own security of their data. And this is becoming more permanent now that you have hybrid cloud, cloud operations, cloud native applications. This is the core focus right now in the next five years. This is what everyone's talking about. Architecture, how to build apps, workflows, team formation. Everything's being refactored around this. Can you talk about how organizations are adjusting and how they view their data security in light of how applications are being built and specifically around the goodness of say S3? >> Yep, absolutely. Thank you for that. So we've seen S3 grow 20,000% over the last 10 years. And that's primarily because companies like James with iPipeline are delivering solutions that are leveraging this object storage more and above the others. When we look at protection, we typically fall into a couple of categories. The first one is, we have folks that are worried about the access of the data. How are they dealing with it? And so they're looking at configuration aspects. But the big thing that we're seeing is that customers are blind to the fact that the data itself must also be protected and looked at. And so we find these customers who do come to the realization that it needs to happen, finding out, asking themselves, how do I solve for this? And so they need lightweight, cloud native built solutions to deliver that. >> So what's the blind spot? You mentioned there's a blind spot. They're kind of blind to that. What specifically are you seeing? >> Well so, when we get into these conversations, the first thing that we see with customers is I need to predict how I access it. This is everyone's conversation. Who are my users? How do they get into my data? How am I controlling that policy? Am I making sure there's no east-west traffic there, once I've blocked the north-south? But what we really find is that the data is the key packet of this whole process. It's what gets consumed by the downstream users. Whether that's an employee, a customer, a partner. And so it's really, the blind spot is the fact that we find most customers not looking at whether that data is safe to use. >> It's interesting. When you talk about that, I think about all the recent breaches and incidents. "Incidents," they call them. >> Yeah. >> They've really been around user configurations. S3 buckets not configured properly. >> Absolutely. >> And this brings up what you're saying, is that the users and the customers have to be responsible for the configurations, the encryption, the malware aspect of it. Don't just hope that AWS has the magic to do it. Is that kind of what you're getting at here? Is that the similar, am I correlating that properly? >> Absolutely. That's perfect. And we've seen it. We've had our own customers, luckily iPipeline's not one of them, that have actually infected their end users because they weren't looking at the data. >> And that's a huge issue. So James, let's get in, you're a customer partner. Talk about your relationship with these guys and what's it all about? >> Yeah, well, my pipeline is building a digital ecosystem for life insurance and wealth management industries to enable the sale of life insurance to under-insured and uninsured Americans, to make sure that they have the coverage that they need, should something happen. And our solutions have been around for many years. In a traditional data center type of an implementation. And we're in process now of migrating that to the cloud, moving it to AWS, in order to give our customers a better experience, a better resiliency, better reliability. And with that, we have to change the way that we approach file storage and how we approach scanning for vulnerabilities in those files that might come to us via feeds from third parties or that are uploaded directly by end users that come to us from a source that we don't control. So it was really necessary for us to identify a solution that both solved for these vulnerability scanning needs, as well as enabling us to leverage the capabilities that we get with other aspects of our move to the cloud and being able to automatically scale based on load, based on need, to ensure that we get the performance that our customers are looking for. >> So tell me about your journey to the cloud, migrating to the cloud and how you're using S3 specifically. What led you to determine the need for the cloud based AV solution? >> So when we looked to begin moving our applications to the cloud, one of the realizations that we had is that our approach to storing certain types of data was a bit archaic. We were storing binary files in a database, which is not the most efficient way to do things. And we were scanning them with the traditional antivirus engines that would've been scaled in traditional ways. So as our need grew, we would need to spin up additional instances of those engines to keep up with load. And we wanted a solution that was cloud native and would allow us to scan more dynamically without having to manage the underlying details of how many engines do I need to have running for a particular load at a particular time and being able to scan dynamically. And also being able to move that out of the application layer, being able to scan those files behind the scenes. So scanning in, when the file's been saved in S3, it allows us to scan and release the file once it's been deemed safe rather than blocking the user while they wait for that scan to take place. >> Awesome. Well, thanks for sharing that. I got to ask Ed, and James, same question next. It's, how does all this factor in to audits and self compliance? Because when you start getting into this level of sophistication, I'm sure it probably impacts reporting workflows. Can you guys share the impact on that piece of it? The reporting? >> Yeah. I'll start with a comment and James will have more applicable things to say. But we're seeing two things. One is, you don't want to be the vendor whose name is in the news for infecting your customer base. So that's number one. So you have to put something like this in place and figure that out. The second part is, we do hear that under SOC 2, under PCI, different aspects of it, there are scanning requirements on your data. Traditionally, we've looked at that as endpoint data and the data that you see in your on-prem world. It doesn't translate as directly to cloud data, but it's certainly applicable. And if you want to achieve SOC 2 or you want to achieve some of these other pieces, you have to be scanning your data as well. >> Furrier: James, what's your take? As practitioner, you're living it. >> Yeah, that's exactly right. There are a number of audits that we go through where this is a question that comes up both from a SOC perspective, as well as our individual customers who reach out and they want to know where we stand from a security perspective and a compliance perspective. And very often this is a question of how are you ensuring that data that is uploaded into the application is safe and doesn't contain any vulnerabilities. >> James, if you don't mind me asking, I have to kind of inquire because I can imagine that you have users on your system but also you have third parties, relationships. How does that impact this? What's the connection? >> That's a good question. We receive data from a number of different locations from our customers directly, from their users and from partners that we have as well as partners that our customers have. And as we ingest that data, from an implementation perspective, the way we've approached this, there's a minimal impact there in each one of those integrations. Because everything comes into the S3 bucket and is scanned before it is available for consumption or distribution. But this allows us to ensure that no matter where that data is coming from, that we are able to verify that it is safe before we allow it into our systems or allow it to continue on to another third party whether that's our customer or somebody else. >> Yeah, I don't mean to get in the weeds there, but it's one of those things where, this is what people are experiencing right now. Ed, we talked about this before. It's not just siloed data anymore. It's interactive data. It's third party data from multiple sources. This is a scanning requirement. >> Agreed. I find it interesting too. I think James brings it up. We've had it in previous conversations that not all data's created equal. Data that comes from third parties that you're not in control of, you feel like you have to scan. And other data you may generate internally. You don't have to be as compelled to scan that although it's a good idea, but you can, as long as you can sift through and determine which data is which and process it appropriately, then you're in good shape. >> Well, James, you're living the cloud security, storage security situation here. I got to ask you, if you zoom out and not get in the weeds and look at the board room or the management conversation. Tell me about how you guys view the data security problem. I mean, obviously it's important. So can you give us a level of how important it is for iPipeline and with your customers and where does this S3 piece fit in? I mean, when you guys look at this holistically, for data security, what's the view, what's the conversation like? >> Yeah. Well, data security is critical. As Ed mentioned a few minutes ago, you don't want to be the company that's in the news because some data was exposed. That's something that nobody has the appetite for. And so data security is first and foremost in everything that we do. And that's really where this solution came into play, in making sure that we had not only a solution but we had a solution that was the right fit for the technology that we're using. There are a number of options. Some of them have been around for a while. But this was focused on S3, which we were using to store these documents that are coming from many different sources. And we have to take all the precautions we can to ensure that something that is malicious doesn't make its way into our ecosystem or into our customers' ecosystems through us. >> What's the primary use case that you see the value here with these guys? What's the aha moment that you had? >> With the cloud storage security specifically, it goes beyond the security aspects of being able to scan for vulnerable files, which is, there are a number of options and they're one of those. But for us, the key was being able to scale dynamically without committing to a particular load whether that's under committing or overcommitting. As we move our applications from a traditional data center type of installation to AWS, we anticipated a lot of growth over time and being able to scale up very dynamically, literally moving a slider within the admin console, was key to us to be able to meet our customer's needs without overspending, by building up something that was dramatically larger than we needed in our initial rollout. >> Not a bad testimonial there, Ed. >> I mean, I agree. >> This really highlights the applications using S3 more in the file workflow for the application in real time. This is where you start to see the rise of ransomware other issues. And scale matters. Can you share your thoughts and reaction to what James just said? >> Yeah. I think it's critical. As the popularity of S3 has increased, so has the fact that it's an attack vector now. And people are going after it whether that's to plant bad malicious files, whether it's to replace code segments that are downloaded and used in other applications, it is a very critical piece. And when you look at scale and you look at the cloud native capability, there are lots of ways to solve it. You can dig a hole with a spoon, but a shovel works a lot better. And in this case, we take a simple example like James. They did a weekend migration, so they've got new data coming in all the time, but we did a massive migration 5,000 files a minute being ingested. And like he said, with a couple of clicks, scale up, process that over sustained period of time and then scale back down. So I've said it before, I said it on the previous one. We don't want to get in the way of someone's workflow. We want to help them secure their data and do it in a timely fashion that they can continue with their proper processing and their normal customer responses. >> Frictionless has to be key. I know you're in the marketplace with your antivirus for S3 on the AWS. People can just download it. So people are interested, go check it out. James, I got to ask you and maybe Ed can chime in over the top, but it seems so obvious. Data. Secure the data. Why is it so hard? Why isn't this so obvious? What's the problem? Why is it so difficult? Why are there so many different solutions? It just seems so obvious. You know, you got ransomware, you got injection of different malicious payloads. There's a ton of things going on around the data. Why is, this so obvious? Why isn't it solved? >> Well, I think there have been solutions available for a long time. But the challenge, the difficulty that I see, is that it is a moving target. As bad actors learn new vulnerabilities, new approaches and as new technology becomes available, that opens additional attack vectors. >> Yeah. >> That's the challenge, is keeping up on the changing world including keeping up on the new ways that people are finding to exploit vulnerabilities. >> And you got sensitive data at iPipeline. You do a lot of insurance, wealth management, all kinds of sensitive data, super valuable. This brings me up, reminds me of the Sony hack Ed, years ago. Companies are responsible for their own militia. I mean, cybersecurity is no government help for sure. I mean, companies are on the hook. As we mentioned earlier at the top of this interview, this really is highlighted that IT departments have to evolve to large scale cloud, cloud native applications, automation, AI machine learning all built in, to keep up at the scale. But also from a defense standpoint. I mean, James you're out there, you're in the front lines, you got to defend yourself basically, and you got to engineer it. >> A hundred percent. And just to go on top of what James was saying is, I think there, one of the big factors and we've seen this. There's skill shortages out there. There's also just a pure lack of understanding. When we look at Amazon S3 or object storage in general, it's not an executable file system. So people sort of assume that, oh, I'm safe. It's not executable. So I'm not worried about it traversing my storage network. And they also probably have the assumption that the cloud providers, Amazon is taking care of this for them. And so it's this aha moment. Like you mentioned earlier, that you start to think, oh it's not about where the data is sitting per se. It's about scanning it as close to the storage spot. So when it gets to the end user, it's safe and secure. And you can't rely on the end user's environment and system to be in place and up to date to handle it. So it's that really, that lack of understanding that drives some of these folks into this. But for a while, we'll walk into customers and they'll say the same thing you said, John. Why haven't I been doing this for so long? And it's because they didn't understand that it was such a risk. That's where that blind spot comes in. >> James, it's just a final note on your environment. What's your goals for the next year? How's things going over there on your side? How you look at the security posture? What's on your agenda for the next year? How are you guys looking at the next level? >> Yeah. Well, our goal as it relates to this is to continue to move our existing applications over to AWS to run natively there. Which includes moving more data into S3 and leveraging the cloud storage security solution to scan that and ensure that there are no vulnerabilities that are getting in. >> And the ingestion, is there like a bottlenecks log jams? How do you guys see that scaling up? I mean, what's the strategy there? Just add more S3? >> Well, S3 itself scales automatically for us and the cloud storage solution gives us leverage to pull to do that. As Ed mentioned, we ingested a large amount of data during our initial migration which created a bottleneck for us. As we were preparing to move our users over, we were able to make an adjustment in the admin console and spin up additional processes entirely behind the scenes and broke the log jam. So I don't see any immediate concerns there, being able to handle the load. >> The term cloud native and hyperscale native, cloud native, one cloud's hybrid. All these things are native. We have antivirus native coming soon. And I mean, this is what we're basically doing is making it native into the workflows. Security native. And soon there's going to be security clouds out there. We're starting to see the rise of these new solutions. Can you guys share any thoughts or vision around how you see the industry evolving and what's needed? What's working and what's needed? Ed, we'll start with you. What's your vision? >> So I think the notion of being able to look at and view the management plane and control that has been where we're at right now. That's what everyone seems to be doing and going after. I think there are niche plays coming up. Storage is one of them, but we're going to get to a point where storage is just a blanket term for where you put your stuff. I mean, it kind of already is that. But in AWS, it's going to be less about S3. Less about work docs, less about EVS. It's going to be just storage and you're going to need a solution that can span all of that to go along with where we're already at the management plane. We're going to keep growing the data plane. >> James, what's your vision for what's needed in the industry? What's the gaps, what's working, and where do you see things going? >> Yeah, well, I think on the security front specifically, Ed's probably a little bit better equipped to speak to them than I am since that his primary focus. But I see the need for just expanded solutions that are cloud native that fit and fit nicely with the Amazon technologies. Whether that comes from Amazon or other partners like Cloud Storage Security to fill those gaps. We are focused on the financial services and insurance industries. That's our niche. And we look to other partners like Ed to help be the experts in these areas. And so that's really what I'm looking for, is the experts that we can partner with that are going to help fill those gaps as they come up and as they change in the future. >> Well, James, I really appreciate you coming on, sharing your story and I'll give you the final word. Put a quick, spend a minute to talk about the company. I know Cloud Storage Security is an AWS partner with the security software competency and is one of I think 16 partners listed in the competency and the data category. So take a minute to explain what's going on with the company, where people can find more information, how they buy and consume the products. >> Okay. >> Put the plug in. >> Yeah, thank you for that. So we are a fast growing startup. We've been in business for two and a half years now. We have achieved our security competency as John indicated. We're one of 16 data protection security competent ISV vendors globally. And our goal is to expand and grow a platform that spans all storage types that you're going to be dealing with and answer basic questions. What do I have and where is it? Is it safe to use? And am I in proper control of it? Am I being alerted appropriate? So we're building this storage security platform, very laser focused on the storage aspect of it. And if people want to find out more information, you're more than welcome to go and try the software out on Amazon marketplace. That's basically where we do most of our transacting. So find it there. Start of free trial. Reach out to us directly from our website. We are happy to help you in any way that you need it. Whether that's storage assessments, figuring out what data is important to you and how to protect it. >> All right, Ed. Thank you so much. Ed Casmer, founder and CEO of Cloud Storage Security. And of course James Johnson, AVP of Research and Development, iPipeline customer. Gentlemen, thank you for sharing your story and featuring the company and the value proposition, certainly needed. This is season two, episode four. Thanks for joining us. Appreciate it. >> Casmer: Thanks John. >> Okay. I'm John Furrier. That is a wrap for this segment of the cybersecurity season two, episode four. The ongoing series covering the exciting startups from Amazon's ecosystem. Thanks for watching. (upbeat music)

(upbeat intro music) >> Hello, everyone. Welcome back to theCube's presentation of the AWS Startup Showcase. This is season two, episode four, of the ongoing series covering the exciting startups from the a AWS ecosystem. Talk about cybersecurity. I'm your host, John Furrier. Here, excited to have two great guests. Ed Casmer, Founder & CEO of Cloud Storage Security. Back, Cube alumni. And also James Johnson, AVP of Research & Development, iPipeline here. Here to talk about Cloud Storage Security, antivirus on S3. Gents, thanks for joining us today. >> Thank you, John. >> Thank you. >> So, the topic here is cloud security, storage security. Ed, we had a great Cube conversation previously, earlier in the month. You know, companies are modernizing their apps and migrating to the cloud. That's fact. Everyone kind of knows that. Been there, done that. You know, clouds have the infrastructure, they got the OS, they got protection. But, the end of the day, the companies are responsible and they're on the hook for their own security of their data. And this is becoming more preeminent now that you have hybrid cloud, cloud operations, cloud-native applications. This is the core focus right now. In the next five years. This is what everyone's talking about. Architecture, how to build apps, workflows, team formation. Everything's being refactored around this. Can you talk about how organizations are adjusting, and how they view their data security in light of how applications are being built and specifically, around the goodness of say, S3? >> Yep, absolutely. Thank you for that. So, we've seen S3 grow 20,000% over the last 10 years. And that's primarily because companies like James with iPipeline, are delivering solutions that are leveraging this object storage more and above the others. When we look at protection, we typically fall into a couple of categories. The first one is, we have folks that are worried about the access of the data. How are they dealing with it? So, they're looking at configuration aspects. But, the big thing that we're seeing is that customers are blind to the fact that the data itself must also be protected and looked at. And, so, we find these customers who do come to the realization that it needs to happen. Finding out like how asking themselves, "How do I solve for this?" And, so, they need lightweight, cloud-native built solutions to deliver that. >> So, what's the blind spot? You mentioned there's a blind spot. They're kind of blind to that. What specifically are you seeing? >> Well, so when we get into these conversations, the first thing that we see with customers is, "I need to predict how I access it." This is everyone's conversation. "Who are my users? How do they get into my data? How am I controlling that policy? Am I making sure there's no east-west traffic there, once I've blocked the north-south?" But, what we really find is that the data is the key packet of this whole process. It's what gets consumed by the downstream users. Whether that's an employee, a customer, a partner. And, so, it's really the blind spot is the fact that we find most customers not looking at whether that data is safe to use. >> It's interesting. You know, when you talk about that, I think about like all the recent breaches and incidents. "Incidents" they call them. >> Yeah. >> They're really been around user configurations. S3 buckets not configured properly. And this brings up what you're saying, is that the users and the customers have to be responsible for the configurations, the encryption, the malware aspect of it. Don't just hope that AWS has the magic to do it. Is that kind of what you're getting at here? Is that the similar? Am I correlating that properly? >> Absolutely. That's perfect. And, and we've seen it. We've had our own customers, luckily, iPipeline's not one of them, that have actually infected their end users, because they weren't looking at the data. >> Yeah. And that's a huge issue. So, James, let's get in, you're a customer-partner. Talk about your relationship with these guys and what's it all about? >> Yeah. Well, iPipeline is building a digital ecosystem for life insurance and wealth management industries to enable the sale of life insurance to underinsured and uninsured Americans, to make sure that they have the coverage that they need should something happen. And, our solutions have been around for many years in a traditional data center type of an implementation. And, we're in process now of migrating that to the cloud, moving it to AWS. In order to give our customers a better experience, better resiliency, better reliability. And, with that, we have to change the way that we approach file storage and how we approach scanning for vulnerabilities in those files that might come to us via feeds from third parties, or that are uploaded directly by end users that come to us from a source that we don't control. So, it was really necessary for us to identify a solution that both solved for these vulnerability scanning needs, as well as enabling us to leverage the capabilities that we get with other aspects of our move to the cloud. Being able to automatically scale based on load, based on need. To ensure that we get the performance that our customers are looking for. >> So, tell me about your journey to the cloud, migrating to the cloud, and how you're using S3. Specifically, what led you to determine the need for the cloud-based AV solution? >> Yeah. So, when we looked to begin moving our applications to the cloud, one of the realizations that we had is that our approach to storing certain types of data, was a bit archaic. We were storing binary files in a database, which is not the most efficient way to do things. And, we were scanning them with the traditional antivirus engines, that would've been scaled in traditional ways. So, as our need grew, we would need to spin up additional instances of those engines to keep up with load. And we wanted a solution that was cloud-native, and would allow us to scan more dynamically without having to manage the underlying details of how many engines do I need to have running for a particular load at a particular time, and being able to scan dynamically and also being able to move that out of the application layer, being able to scan those files behind the scenes. So, scanning in, when the file's been saved in S3. It allows us to scan and release the file once it's been deemed safe, rather than blocking the user while they wait for that scan to take place. >> Awesome. Well, thanks for sharing that. I got to ask Ed and James, same question. And next is, how does all this factor into audits and self-compliance? Because, when you start getting into this level of sophistication, I'm sure it probably impacts reporting, workflows. Can you guys share the impact on that piece of it? The reporting. >> Yeah, I'll start with a comment, and James will have more applicable things to say. But, we're seeing two things. One, is you don't want to be the vendor whose name is in the news for infecting your customer base. So, that's number one. so you have to put something like this in place and figure that out. The second part is, we do hear that under SOC 2, under PCI, different aspects of it, there are scanning requirements on your data. Traditionally, we've looked at that as endpoint data and the data that you see in your on-prem world. It doesn't translate as directly to cloud data, but, it's certainly applicable. And if you want to achieve SOC 2 or you want to achieve some of these other pieces, you have to be scanning your data as well. >> James, what's your take? As practitioner, you're living it. >> Yeah. That's exactly right. There are a number of audits that we go through, where this is a question that comes up both from a SOC perspective, as well as our individual customers, who reach out, and they want to know where we stand from a security perspective and a compliance perspective. And, very often, this is a question of "How are you ensuring that the data that is uploaded into the application is safe and doesn't contain any vulnerabilities?" >> James, if you don't mind me asking. I have to kind of inquire, because I can imagine that you have users on your system, but also you have third parties, relationships. How does that impact this? What's the connection? >> That's a good question. We receive data from a number of different locations. From our customers directly, from their users, and from partners that we have, as well as partners that our customers have. And, as we ingest that data, from an implementation perspective, the way we've approached this, there's minimal impact there in each one of those integrations, because everything comes into the S3 bucket and is scanned before it is available for consumption or distribution. But, this allows us to ensure that no matter where that data is coming from, that we are able to verify that it is safe before we allow it into our systems or allow it to continue on to another third party, whether that's our customer or somebody else. >> Yeah. I don't mean to get in the weeds there, but it's one of those things where, you know, this is what people are experiencing right now. You know, Ed, we talked about this before. It's not just siloed data anymore. It's interactive data. It's third party data from multiple sources. This is a scanning requirement. >> Agreed. I find it interesting, too. I think James brings it up. We've had it in previous conversations, that not all data's created equal. Data that comes from third parties that you're not in control of, you feel like you have to scan and other data you may generate internally. You don't, have to be as compelled to scan that, although it's a good idea. But it's, you can kind of, as long as you can sift through and determine which data is which, and process it appropriately, then you're in good shape. >> Well, James. You're living the cloud security storage security situation, here. I got to ask you if you zoom out, not get in the weeds, and look at kind of the boardroom or the management conversation. Tell me about how you guys view the data security problem. I mean, obviously it's important, right? So, can you give us a level of, you know, how important it is for iPipeline and with your customers and where does this S3 piece fit in? I mean, when you guys look at this holistically, for data security, what's the view? What's the conversation like? >> Yeah. Well, data security is critical. As Ed mentioned a few minutes ago, you don't want to be the company that's in the news because some data was exposed. That's something that nobody has the appetite for. And, so, data security is, first and foremost, in everything that we do. And that's really where this solution came into play and making sure that we had not only a solution, but, we had a solution that was the right fit for the technology that we're using. There are a number of options. Some of them have been around for a while. But this is focused on S3, which we were using to store these documents that are coming from many different sources. And, you know, we have to take all the precautions we can to ensure that something that is malicious doesn't make its way into our ecosystem or into our customers' ecosystems through us. >> What's the primary use case that you see the value here with these guys? What's the "aha" moment that you had? >> With the Cloud Storage Security, specifically, it was really, it goes beyond the security aspects of being able to scan for vulnerable files, which is there are a number of options and, and they're one of those. But for us, the key was being able to scale dynamically without committing to a particular load, whether that's under committing or over committing. As we move our applications from a traditional data center type of installation to AWS, we anticipated a lot of growth over time. And being able to scale up very dynamically, you know, literally moving a slider within the admin console was key to us, to be able to meet our customer's needs without overspending. By building up something that was, dramatically larger than we needed in our initial rollout. >> Not a bad testimonial there, Ed. I mean. >> I agree. >> This is really highlights the applications using S3 more in the file workflow for the application in real time. This is where you start to see the rise of ransomware, other issues and scale matters. Can you share your thoughts and reaction to what James just said? >> Yeah, I think it's critical. I mean, as the popularity of S3 has increased, so has the fact that it's an attack vector now, and people are going after it. Whether that's to plant bad, malicious files, whether it's to replace code segments that are downloaded and used in other applications, it is a very critical piece. And when you look at scale, and you look at the cloud-native capability, there are lots of ways to solve it. You can dig a hole with a spoon, but a shovel works a lot better. And, in this case, you know, we take a simple example like James. They did a weekend migration, so, they've got new data coming in all the time. But, we did a massive migration. 5,000 files a minute being ingested. And, like he said, with a couple of clicks, scale up, process that over a sustained period of time, and then scale back down. So, you know, I've said it before. I said it on the previous one. We don't want to get in the way of someone's workflow. We want to help them secure their data and do it in a timely fashion, that they can continue with their proper processing and their normal customer responses. >> Yeah. Friction always has to be key. I know you're in the marketplace with your antivirus, for S3 on AWS. People can just download it. So, people are interested, go check it out. James, I got to ask you, and maybe Ed can chime in over the top, but, it seems so obvious. Data. Secure the data. Why is it so hard? Why isn't this so obvious? What's the problem? Why is it so difficult? Why are there so many different solutions? It just seems so obvious. You know, you got ransomware, you got injection of different malicious payloads. There's a ton of things going around around the data. Why is this? This is so obvious. Why isn't it solved? >> Well, I think there have been solutions available for a long time. That the challenge, the difficulty that I see is, that it is a moving target. As bad actors learn new vulnerabilities, new approaches. And as new technology becomes available, that opens additional attack vectors. That's the challenge. Is keeping up on the changing world. Including keeping up on the new ways that people are finding to exploit vulnerabilities. >> Yeah. And you got sensitive data at iPipeline. You do a lot of insurance, wealth management, all kinds of sensitive data, super valuable. You know, just brings me up, reminds me of the Sony hack, Ed, years ago. You know, companies are responsible for their own militia. I mean, cybersecurity, there's no government help for sure. I mean, companies are on the hook, as we mentioned earlier at the top of this interview. This really is highlighted that, IT departments and are, have to evolve to large scale cloud, you know, cloud-native applications, automation, AI machine learning all built in, to keep up at the scale. But, also, from a defense standpoint, I mean, James, you're out there, you're in the front lines. You got to defend yourself, basically, and you got to engineer it. >> A hundred percent. And just to go on top of what James was saying is, I think they're one of the big factors, and we've seen this. There's skill shortages out there. There's also just a pure lack of understanding. When we look at Amazon S3 or object storage in general, it's not an executable file system. So, people sort of assume that, "Oh, I'm safe. It's not executable. So, I'm not worried about it traversing my storage network." And they also probably have the assumption that the cloud providers, Amazon, is taking care of this for 'em. And, so, it's this "aha" moment, like you mentioned earlier. That you start to think, "Oh, it's not about where the data is sitting, per se, it's about scanning it as close to the storage spot. So, when it gets to the end user, it's safe and secure. And you can't rely on the end users' environment and system to be in place and up to date to handle it. So, it's that really, that lack of understanding that drives some of these folks into this, but for a while, we'll walk into customers and they'll say the same thing you said, John. "Why haven't I been doing this for so long?" And, it's because they didn't understand that it was such a risk. That's where that blind spot comes in. >> James, it's just a final note on your environment. What's your goals for the next year? How's things going over there in your side? How do you look at the security posture? What's on your agenda for the next year? How do you guys looking at the next level? >> Yeah, well, our goal as it relates to this is, to continue to move our existing applications over to AWS, to run natively there, which includes moving more data into S3 and leveraging the cloud storage security solution to scan that and ensure that it's, that there are no vulnerabilities that are getting in. >> And the ingestion? Is there like a bottlenecks, log jams? How do you guys see that scaling up? I mean, what's the strategy there? More, just add more S3? >> Well, S3 itself scales automatically for us and, the Cloud Storage Solution gives us levers to pull to do that. As Ed mentioned, we ingested a large amount of data during our initial migration, which created a bottleneck for us, as we were preparing to move our users over. We were able to, you know, make an adjustment in the admin console and spin up additional processes entirely behind the scenes and broke the log jam. So, I don't see any immediate concerns there. Being able to handle the load. >> You know, the term cloud-native and, you know, hyperscale-native, cloud-native, OneCloud, it's hybrid. All these things are native. We have anti-virus native coming soon. And I mean, this is what we're. You're basically doing is making it native into the workflows. Security native, and soon there's going to be security clouds out there. We're starting to see the rise of these new solutions. Can you guys share any thoughts or vision around how you see the industry evolving and what's needed, what's working and what's needed? Ed, we'll start with you. What's your vision? >> So, I think the notion of being able to look at and view the management plane and control that, has been where we're at right now. that's what everyone seems to be doing and going after. I think there are niche plays coming up, storage is one of them. But, we're going to get to a point where storage is just a blanket term for where you put your stuff. I mean, it kind of already is that, but, in AWS, it's going to be less about S3, less about work docs, less about EVS. It's going to be just storage and you're going to need a solution that can span all of that, to go along with where we're already at at the management plane. We're going to keep growing the data plane. >> James, what's your vision for what's needed in the industry? What's the gaps? What's working? And where do you see things going? >> Yeah, well, I think on the security front, specifically, Ed's probably a little bit better equipped to speak to them than I am. Since that's his primary focus. But I see the need for just expanded solutions that are cloud-native, that fit and fit nicely with the Amazon technologies, Whether that comes from Amazon or other partners like Cloud Storage Security, to fill those gaps. We're focused on, you know, the financial services and insurance industries. That's our niche. And we look to other partners, like Ed, to help be the experts in these areas. And so that's really what I'm looking for is, you know, the experts that we can partner with that are going to help fill those gaps as they come up and as they change in the future. >> Well, James, I really appreciate you coming on sharing your story. Ed, I'll give you the final word. Put a quick, spend a minute to talk about the company. I know Cloud Storage Security is an AWS partner, with the Security Software Competency. And is one of, I think, 16 partners listed in the competency and data category. So, take a minute to explain, you know, what's going on with the company, where people can find more information, how they buy and consume the products. >> Okay. >> Put the plug in. >> Yeah, thank you for that. So, we are a fast growing startup. We we've been in business for two and a half years, now. We have achieved our Security Competency. As John indicated, we're one of 16 data protection, Security Competent ISV vendors, globally. And, our goal is to expand and grow a platform that spans all storage types that you're going to be dealing with. And answer basic questions. "What do I have and where is it? Is it safe to use?" And, "Am I in proper control of it? Am I being alerted appropriately?" You know, so we're building this storage security platform, very laser-focused on the storage aspect of it. And, if people want to find out more information, you're more than welcome to go and try the software out on Amazon Marketplace. That's basically where we do most of our transacting. So, find it there, start a free trial, reach out to us directly from our website. We are happy to help you in any way that you need it, whether that's storage assessments, figuring out what data is important to you, and how to protect it. >> All right, Ed, thank you so much. Ed Casmer. Founder & CEO of Cloud Storage Security and of course James Johnson, AVP Research & Development, iPipeline customer. Gentlemen, thank you for sharing your story and featuring the company and the value proposition. It's certainly needed. This is season two, episode four. Thanks for joining us. Appreciate it. >> Thanks, John. >> Okay. I'm John Furrier. That is a wrap for this segment of the cybersecurity, season two, episode four. The ongoing series covering the exciting startups from Amazon's ecosystem. Thanks for watching. (gentle outro music)

>> Narrator: Live from Washington D.C. It's the Cube, covering AWS Public Sector Summit. Brought to you by Amazon Web Services. >> Welcome back everyone, to the Cube's live coverage of the AWS Public Sector Summit here in our nations capitol. I'm your host Rebecca Knight, along with my cohost John Furrier. We have Allison Robinson joining us, she is the AVP IT operations at Cal Poly University. Thanks so much for coming on the Cube. >> Thank you for having me. >> So, talk about your big announcement yesterday in terms of ground station. This is one of John's favorite topics, so tell us more about what you announced. >> So yesterday there was an announcement that Cal Poly through our digital transformation hub, and that hub exists to do innovated things with the greater good through the public sector and helping with challenges that they're trying to learn more about and solve problems. And so, through that group, we announced the initiative to do cube satellite in connection with ground station at AWS, to be able to help people that use these satellites be able to test these satellites and collect data and share it ultimately, with others. 'Cause there's a problem, they're not expensive satellites but that means you don't have a lot of money to work with. And so to be able to test and make sure your communications are good and the infrastructure is there, is kind of missing in the whole environment. And now, that's going to be solved. >> And you're able to get many more shots and pay as you go, not necessarily have to, as you said, put up your own satellite yourself. >> Exactly, you can put the satellite up. The problem was the infrastructure to communicate back with it. So, the ground station, those antenna are approximately located to AWS regions. So you can now bring the data, process it, store it, analyze it, and then ultimately share it. That, again, being for the public good, we want to make sure the date we're collecting is in the AWS registry, data set registry. So that people can access that information, that's important. >> Allison, talk about the relationship with AWS, how did it get started? I mean your involved with these cool projects like ground station, which I'm a big fan of. 'Cause I think the impact to IOT, just forest fires in California could be a real... >> Allison: Right. >> Saver right there. Just using data, back hauling data for whatever is going to be a great thing. But you got a relationship with AWS, that goes beyond, not just ground station, there's other things going on. Take a minute to explain the relationship with AWS. >> So, the vice president of IT at Cal Poly, Bill Britton, began his position with Cal Poly about two years ago. And took a look at the data center and had to ask the question, do we invest here on prem or do we have to look for something else? And that began the conversation of, we need to do something about our data center, it looks like Amazon has the tools we need to modernize our technical environment. Both in how we work, how people work, our processes and our technical infrastructure. And so, that began the work of, we announced two years ago, I didn't work for Cal Poly yet. They announced there, the President and Bill announced that we were all in. The data center was going to AWS. I happened to be presenting on a different topic, and we connected there, and a year later, we made a connection and I have been at Cal Poly now for a year to help them get to the AWS data center. >> Lot of smart people Cal Poly, I know, I looked at the university. Great computer science, great everything. You guys got a lot of smart people, so what was it like to actually, as this starts to evolve, the progression of the modernization. Take us through where you guys are on progress, what are some of the cool things going on. What's the result of this shift? What are some of the notable highlights? >> It's really exciting, because we really did take an approach of we've got to look at, not just as AWS and a new tool. Which you have to work so differently, in dev ops and agily. We said okay, then we've got to figure out our processes to be able to work that way. We have to change as an organization. So we were more structured around those technical silos. And we became a service management group for like, who do we serve and what are they trying to accomplish? And that's the focus of everything we do. So from idea to service we have a process to handle to that. And AWS, we're all in on their tools too.6 So they completely facilitate that process6. >> You have a lot of stake holders, so you have impact at the student body level, faculty, institution overall.6 >> Right. >> What are some of the game changers that you see? Obviously the ground station, you got great R and D coming in with Amazon. What's the impact? >> The digital transformation hub is part of the IT organization as well. And our community outreach and giving students actual hands on experience to work with the public sector, whether it be law enforcement, or maybe a city trying to deal with a homeless situation. They actually are engaged with professionals and learning about problems and solutions. And in ten weeks, we work on quarters, and our quarters are ten weeks, which align perfectly to exactly how long it takes an engagement with the digital hub to find what's possible in terms of solutions to problems. >> So talk about the students of today. I mean, we hear a lot about them. And I want to hear you, you're teaching them, you're helping to educate this new generation of people who we hope will make huge, great waves in industry, private industry, as well as state, local, and the federal government. >> Allison: Right. >> What do you see as their strengths, their weaknesses, and what are they looking at in terms of building careers? >> You know, they, I really do love working with the students. They are incredible. It makes me wonder sometimes, I don't think I'd get into college now, times have changed. And they really care, they care, that's why the public, being able to work through these to serve the greater good of the public and share that data after actually means so much more to them. Than if it were just a class project, because they want to make a difference. They care about social justice and making sure that we're green and efficient with how we use our earth resources. And so this maps around a lot of the challenges. The homelessness that I mentioned before, and how we've worked with that. Or making sure that we can make cities safer. They care about that deeply. And they have access to a lot of resources. This past fall's incoming class was born in the year 2000. They've never not known a time with computers. They do math homework, they're not reading, they're actually doing homework on their phones. Their very mobilely engaged, very digitally engaged. And we're going to see wonderful things from them, because they think so differently about these things. >> It sounds as though the education that you're providing is very practical, in the sense that you're having your students work with the state and local governments on these issues like homelessness and climate change. Can you talk about some of the projects that their doing? >> So our mantra is learn by doing. And you come in and you are admitted to a major. And you begin working in that major right away. Every student finishes their last quarter with a senior project. And you actually produce an outcome and have something you can talk about, both as the product and the process to get there. I was recently invited to the senior projects showcase for the graphic arts department. And, in common, they all had technology. And some where, one of the students we had just contracted for some software, and thank you so much you helped make the difference with that. So that's neat, when you get to see to make that difference. But even though it's graphic arts, in every way technology was key to what they do. And they have, really, you know students come from some great backgrounds too, where they've had some great access to information and technology and really think differently about it. Engineering students are winning awards and doing really great things. So it's fun to see and be a part of. Great energy. >> What about the culture within your department itself? I mean, you're not only educating the next generation but you're also doing research yourself. Can you talk about, particularly, as a partner, as working so closely with AWS, which has such a famous culture of innovation and of taking risks and tolerating failure, because the more failures you'll have, you'll ultimately get there someday. So can you talk a little bit about the culture within Cal Poly? >> It's hard, because IT people are usually very analytical and there's a right and a wrong. So that sense of it's okay to get it wrong, isn't popular generally. So, that starts with me, I had to get up and say we may not get it right, but rarely do we get it wrong. We might get parts of it wrong, we adjust. It's okay to get it wrong. We've got to figure things out, all of this is new. And as I've been there longer and really work with people through different things, they believe that from me now. There's not judgment. I once worked at a place where it'd go on your permanent record. Well, try and get somebody to try something innovated if you have a problem and it goes on your permanent record. So I don't have that now. >> Rebecca: It'd be a career ender. >> Yeah. >> Bill: Yeah. >> I have a lot of people getting it, and we're trying it. And you can work so fast in the AWS environment, that if it isn't right, blow it away and start over again. >> In some organization you were a renegade if you tried something new. You know, oh my God, don't touch that third rail. >> Allison: Yeah. >> Here, you guys are doing, it's progressive in the sense that you're trying new things. >> Learn by doing is a call to action, but it also gives you that space to try. >> Bill: Yeah, be creative. >> It's learning. >> What's your impression of the show here in DC? Obviously, it's our fourth year covering public sector. I've been following them a couple years earlier, but the first four years covering live broadcasting, reporting. But, besides the growth, what's your takeaway? >> I need to be cloned. (laughter) >> There are so many things happening here. >> You need a digital twin. >> There you go. >> You can solve that, Allison. >> There's going to be a lot of people that say, no don't clone her, don't do it. But there's so much information and the innovation that AWS does. Sometimes it's like exciting to hear, and it's like oh where was that a month ago when we were working on that? So we just have to stay on our toes and we have to keep engaged with AWS and what they're doing and what we can use from them to make our environment better. And move even faster. >> You got to keep, keeping pace is also a hard thing. Because they're introducing so many new things. At amazon. We're very fortunate again in our partnership, actually that does translate into the IT operations organization. That we've been working with them on some services that they do. We can tell them, hey this isn't quite working, and they honestly listen to us. And deliver what they ask on a road map, sometimes sooner than later too. So it's been a great partnership. >> That's interesting, a company that actually delivers on what you ask for. >> Exactly, exactly. And we have scaled, you know it's a small town there's 24,000 students, you have your faculty and staff. So when we try something with them, we have the opportunity for big impacts right away. >> That's awesome, well, congratulations, great work >> Thank you. >> On the DX hubs fascinating ground station. Great projects, students and you guys to play around and help that grow. Because that's going to be a great service. >> Yes, we're excited. We can't wait to get going. >> Rebecca: Thanks for coming the Cube Allison. >> Thank you. >> We will have more of the Cubes live coverage of the AWS Public Sector Summit here in Washington DC. Stay tuned. (upbeat beat music)

>> Live from Las Vegas, it's theCUBE! Covering the AWS Accenture Executive Summit. Brought to you by Accenture. >> Welcome back everyone to theCUBE's live coverage of the AWS Executive Summit here in Las Vegas. I'm your host, Rebecca Knight. We have three guests for this segment. We have Joe Donahue, managing director at Accenture. Hal Stern, AVP, IT Engineering Merck Research Labs. And Derek Seymour, Global Partner Leader Industry Verticals at AWS. Thank you so much for coming on theCUBE. >> Thank you! >> So, we're talking today about a new informatics research platform in the pharmaceutical/medical research industry. Will you paint a picture for us right now, Joe, of what it's like today. Sort of what medical research the time frame we're thinking about, the clunkiness of it all. >> Yeah, so it's a great question Rebecca. Drug discovery today generally takes more than a decade, it costs billions of dollars and has a lot of failures in excess of 90%. So it's not an exact science, we're generating more and more data. And at the same time, just our understanding of human disease biology continues to increase. These metrics haven't really changed. If you look back at the last coupe of decades, it's a 10 year plus process and that much money. So we're looking for ways that we can apply technology to really improve the odds of discovering a new drug that could help patients sooner and faster. >> And that will ultimately save lives. So it's a real social problem, a real problem. Why a platform for this? >> I think if you look at basic research, and you talk about basic blood sciences research, the lingua franca there is chemistry and biology. And we still don't really understand all the aspects, all the mechanisms of action that lead to chronic disease or lead to specific disease that we're interested in. So very, very much research is driven by the scientific method. You formulate a hypothesis based on some data, you run an experiment, you collect the data, you analyze it, and you start over again. So your ability to essentially cycle your data through that discovery process is absolutely critical. The problem is that we buy a lot of applications. And the applications were not designed to be able to interchange data freely. There is no platform to the sense of you have one on your phone, or you have one on your server operating system, where things were designed with a fairly small set of standards that say this is how you share data, this is how you represent it, this is how you access it. Instead we have these very top to bottom integrated applications that, quite honestly, they work together through a variety of copy and paste. Sometimes quite literal copy and paste mechanisms. And our goal in producing a platform is we would like to be able to first separate data from the applications to allow it to flow more freely around the cycle, that basic scientific method. Number two, to now start to allow component substitution. So we'll actually start to encourage more innovation in the space, bring in some of the new players. Make it easier to bring in new ideas is there better ways of analyzing the data or better ways of helping shape and formulate and curate those hypothesis. And finally, there's just a lot of parts of this that are fairly common. They're what we call pre competitive. Everybody has to do them. Everybody has to store data, everybody has to get lab instrument information. Everybody has to be able to go capture assay information. It's very hard to do it better than one of your competitors. So we should just all do it the same way. You see this happen in the cable industry, you see this happen at a variety of other industries where there are industry standards for how you accomplish basic commoditized things, and we haven't really had that. So one of the goals is, let's just sit down and find the first things to commoditize and go drive that economic advantage of being able to buy them as opposed to having to go build them bespoke each time. >> So this pre competitive element is really important. Derek, can you talk a little bit about how this platform in particular operates? >> Certainly. Our goal collectively as partners is to help pharma companies and researchers improve their efficiency and effectiveness in the drug discovery process. So the platform that we built brings together content and service and data from the pharma companies in a way that allows them, the researchers, a greater access to share that information. To do analysis, and to spend their time on researching the data and using their science and less on the work of managing an IT environment. So in that way we can both elevate their work and also take away, what we at AWS, call the undifferentiated heavy lifting of managing an IT environment. >> So you're doing the heavy lifting behind the scenes so that the researchers themselves can do what they do, which is focus on the science. So what have we seen so far? What kind of outcomes are we seeing? Particularly because it is in this pre competitive time. >> Well we've just really started, but we're getting a lot of excitement. Merck obviously is our first client, but our intent is that we'll have other pharmaceutical and biotech companies coming on board. And right now we've effectively started to create this two sided marketplace of pharma and biotech companies on one side and the key technology providers and content providers on the other side. We've effectively created that environment where the technology companies can plug in their secret sauce, you know via standardized APIs and micro services, and then the pharmaceutical and biotech companies can leverage those capabilities as part of this industry standard open platform that we're co creating. And so far we've started that process. The results are really encouraging. And the key thing is, you know really two fold. Get the word out there, we're doing that today here. Talking to other pharmaceutical and biotech companies. As well as not only the established technology providers in this space, but also the new comers. 'Cause this type of infrastructure, this type of platform, will enable the new innovative companies, the startup companies, to enter a market that traditionally has been very challenging to get into. Because there's so much data, there's so much legacy infrastructure. We're creating a mechanism that pharmaceutical researchers can take advantage of new technologies faster. For example, the latest algorithms on artificial intelligence and machine learning analyze all of this diverse data that's being generated. >> So that's for the startups, and that's sort of the promise of this kind of platform approach. But what about for a Merck, a established player in this. What kinds of things are you feeling and seeing inside the company? >> You think about this efficient frontier of what does is cost us to run the underlying technology systems that are foundational to our science? And you think about it, there are some things we do which are highly commoditized, we want them to be very efficient. And some things we do, which are very highly specialized, they're highly competitive, and it's okay if they're less efficient. You want to invest your money there. And you really want to invest more in things that are going to drive you a unique competitive advantage. And less in the things that are highly commoditized. The example I use frequently is you could go out and buy a barrel of oil, bring it home, refine it in your backyard, make your own gasoline. It's not recommended. It's messy, it really annoys the neighbors. Especially when it goes wrong. And it's not nearly as cost effective or as convenient as driving over to Exxon Mobil and filling up at the pump. If you're in New Jersey, having someone else even pump it for you. That's kind of the environment we're in right now today where we're refining that barrel of oil for every single application we have. So in doing this, we start to establish the base line of really thinking about refactoring our core applications into those things which can be driven by the economics of the commodity platform and those things which are going to give us unique advantage. We will see things I think, like improved adoption of data standards. We're going to see a lower barrier to entry for new applications, for new ideas. We're also going to see a lower barrier to exit. It'll be easier for us to adopt new ideas. Or to change or to substitute components because they really are built as part of a platform. And you see this, you look at, I would say over time things that have sedimented into AWS. It's been a remarkable story of starting with things that were basically resting our faces on a pausics file system and turned all the sudden into a seamless data base. By sedimenting well defined open source projects, we would like to see some of the same thing happen, where some of the core things we have to go do, entity registration, assay data captured, data management. They should be part of the platform. It's really hard to register an entity better than your competitor. What you do with it, how you describe what you're registering, how you capture intellectual property, how it drives your next invention. Completely bespoke, completely highly competitive. I'm going to keep that. But the underlying mechanics of it, to me it's file system stuff, it's data base stuff. We should leverage the economics of our industry. And again, leverage it as technologist ingredient. It's not the top level brand, chemistry and biology are the top level brand, technology's an ingredient brand we should really use the best ingredients we can. >> When you're hearing this conversation so related to life sciences, medical, bio/pharma research, what are sort of the best practices that have emerged, in terms of the way life sciences approaches its platform, and how it can be applied to other industries? >> What we've seen through the early collaboration with Merck and with Accenture is that bringing together these items in a secure environment, multi talent environment, managed by Accenture, run by AWS. We can put those tools in the hands of the researchers. We can provide them with work flow data analytics capabilities, reporting capabilities, to cover the areas that Hal is talking about so that they can elevate the work that they are doing. Over time, we expect to bring in more components. The application, the platform, will become more feature rich as we add additional third parties. And that's a key element in life science is that the science itself, while it may take place in (mumbles), it's a considerable collaboration across a number of research institutes. Both within the pharma and biotech community. Having this infrastructure in place where those companies and the researchers can come together in a secure manner, we're very proud to be supporting of that. >> So Joe, we started this conversation with you describing the state of medical research today, can you describe what you think it will be in 10 years from now as more pharmaceutical companies adopt this platform approach. And we're talking about the Mercks of the world, but then also those hungry start ups that are also. >> Sure, I think we're starting to see that transition actually happen now. And I think it's the recognition and you start to hear it as you hear some of the pharmaceutical CEO's talking about their business and the transformation. They've always talked about the science. They've always talked about the research. Now they're talking about data and informatics and they're realizing being a pharmaceutical company is not just about the science, it's about the data and you have to be as good and as efficient on the informatics and the IT side as you are on the science side. And that's the transition that we're going through right now. In 10 years, where we all hope we should be, is leveraging modern computing architectures. Existing platform technology to let the organizations focus on what's really important. And that's the science and the data that they generate for the benefit potentially of saving patient's lives in the future. >> So not only focusing on their core competencies, but then also that means that drug discovery will be quicker, that failure rates will go down. >> Even a 10 or 20% improvement in failure rates would be incredibly dramatic to the industry. >> And could save millions of lives. And improve lives and outcomes. Great, well thank you all so much for coming on theCUBE. It's been a really fun and interesting conversation. >> Same here, thank you Rebecca. >> Thank you, thank you. >> Thank you. >> I'm Rebecca Knight, we will have more of the AWS Executive Summit and theCUBE's live coverage coming up in just a little bit. (upbeat music)

>> Announcer: Live from Las Vegas, it's the CUBE, covering AWS re:Invent 2017, presented by AWS, Intel, and our ecosystem of partners. >> Hey, welcome back to the CUBE. We are live on day one of AWS re:Invent 2017. This is their sixth event, our fifth time here with the CUBE. I'm Lisa Martin, along with Justin Warren, my co-host. There are upwards of 40,000 plus, I've heard even 50,000 people are here, incredible three day event. And we are excited to be joined by another guest from BMC, Daniel Nelson, AVP of Product Management, Security, Compliance and Automation, welcome to the CUBE. >> Thank you so much for having me, I'm excited to be here. >> We're excited to have you here. So one of the things that I'd love to understand is when you talk to customers who are in the enterprise, on this journey to cloud as you know, that term is used a lot, what are some of the biggest challenges that they face knowing they have no choice but to do this? What are some of the biggest challenges that they face that BMC can help to mitigate on this journey? >> Oh, I'd be happy, absolutely. So one of the things about us is that for the past twenty years, we've been helping large enterprises help keep their environment secure, fully automated, be able to have greater efficiencies within their data centers. And as our customers are transitioning to a multi-cloud world, everything that they had to do back at the data center, they still have to do in the public cloud, it still has to be compliant, it still has to be secure, it still has to be governed. And so what we help our customers do is to make that transformation and be able to bring together those two worlds so while they currently are looking as a goal to use AWS, use public cloud, use private cloud, they still have to manage their internal systems and be able to provide one platform to do that is what BMC's all about. >> Yeah, I've been a longtime user of BMC products, back in the day, you know Control-M and some of the things-- >> Still a great product, lots of people use it. >> Absolutely, it was a great product and we used it a lot. So I know that BMC has that rich history and experience of being able to automate things, particularly in scale, so how is that translating across into the world of cloud? 'Cause to me it actually seems like it's basically the same problem. >> Oh, and it is, absolutely. So what it used to be, scale was the measure of number of servers that you have. Now it's much more number of applications that you have, the number of developers you have, the number of configurations you have to keep in touch with, the number of policies you have to enforce, so the scale problem's exactly the same, just the physical mechanism of what's scaling has changed and that is an added complexity to it. >> Yeah, so given that level of similarity and what you've been able to translate from the inside world across into the cloud, what is it that's different? What is the thing that people are struggling with and the customers are really challenged by in this journey to cloud? >> Well, in one word it's speed. So everything that you had to do in the past was at a particular cadence. And so if you're releasing applications once a year, once every six months, even once a quarter, there was a certain amount of slack in the system where if something went wrong, you had time to adjust, you had time to keep up with it. Well now that you're down to hours, minutes, sometimes even seconds, pushing out code all the time, updating your applications all the time, you can't operate, it's beyond human scale and so that's where things like automation being able to tie back to your core systems, be able to have all that automated governance control really helps, you know, all of our customers. >> Speed is one of the things that AWS has done extremely well continuing to-- what? Last year I think it was 1,017 new features and services. This year it's over 1,100 already and you know, Andy Jassy has been very vocal about speed and customer focus is what's helping them. So with that focus on speed and accelerating pace of innovation, how is BMC alike AWS in getting what customers need faster than your competitors? >> You know, absolutely. And so what AWS does really well is providing the core preeminence that the underlying, you know, building blocks of what you need and allowing you to assemble those very quickly to have you realize your own vision and your own dreams. What we do very well is keeping some guardrails on those building blocks and making sure that, you know, we've seen it all over the place. One developer makes a mistake and suddenly, you've got a data breach. Uh, you know, one piece of code doesn't get updated the way it should be or you have a password in GitHub somewhere and now all of a sudden, you know, all your data's out there and you're on the front page of Wall Street Journal. What we help our customers do is to keep out of that news and into the news of satisfying their customers and going fast. So while AWS helps you build things really quickly, we help you do that in the right way, that keeps you safe, keeps you compliant, and keeps you you know, within the normal, corporate governance. >> So what's your favorite example of a customer doing that, where they had this issue and then they came to BMC and you were able to help them to actually solve that problem; what's a great example? >> Well we obviously do a lot of business with a lot of big banks and we have one of our customers, is a very large bank, was hesitant about the cloud, was experimenting with it, and they started with just five projects and within six months that five, those five projects had ballooned up to 65 projects, and all without really governance control oversight. And then WannaCry hit and our customer was so nervous, so scared about it, that their only response was, since they didn't know what their exposure was, they just shut 'em all down, they just pulled the plug, and says, "We're not gonna do anything." And so what we did is we came in and provided them the ability to do that, to revive those innovation products, to provide the ability to build quickly, but also know where you are, how to be safe, and can continue to update, you know, your compliance and security posture with new information as it comes in. So it gives them that safety factor that they can feel safe. One of my favorite examples and one of the best metaphors I've had is one of my customers from Savience said, "You know, Daniel, look I love to go fast, but the last thing I want to do is put my problems on roller skates, like that doesn't do any good." And I was like , "That's what we're here to do. We're here to provide you, you know, those bumper rails on the bowling alley so you can go fast." >> I do love that problems on roller skates idea. >> I'm gonna use that. >> Yeah, I was feeling that one. >> Go ahead, I use it all the time. >> So you know, we talk a lot about a lot of buzzwords, a lot of hot terms, right? Uh, multi-cloud. I'm curious about what BMC is doing in multi-cloud. How does an enterprise understand what multi-cloud is? What's hybrid cloud? How do you guys help sort of break down some of these buzzwords into actions for your customers so they can be fast and competitive? >> So for me, if I were to sound out what multi-cloud really means is that you're choosing the best technology at the best price point for what the need of the business is. And sometimes that means running of the data center. And there are a lot of things in the data center that run, you know, more cheaply, more efficiently, but at a much more cost effective basis than they ever will in the cloud. And those things belong in the data center. And I think over time, you'll see the data center loads will actually increase, as well. There's some things that you have to go very quickly, you can be experimental with it, you have to have the DevOps team attached to, and the public cloud is great for those things. And then even within the public cloud space, there are things that Azure does well, there's things that AWS does well, and individual enterprises, especially large enterprises, which is our constituency, need to be able to make those choices and be able to do that for the best underlying reason of their technology. What BMC then provides you is ability to say whether it's OnPrem, whether it's in Azure, whether it's AWS, wherever you wanna run that, you know, we can provide you the controls and the compliance and the governance that you can be safe regardless. You get the same policies in place regardless of where that individual technology's targeted. >> Yeah, absolutely. And when talking with large, particularly large customers as you've point out, you only have to buy one other company and all of a sudden, you're multi-cloud. You might've decided, "You know what, we're all in on AWS." A different company that you'd buy for business reasons may have decided, "You know what, I wanna have some Azure, I wanna have some Google Cloud." It's like kaboom, you buy them and now all of a sudden, IT has this multi-cloud issue and they need someone who can help them to manage that. And really, you wanna be able to manage that in the same way across all of the different environments and I can see that that's where BMC would be really strong. >> You know, you're exactly right. Give me one of the great things, like this is a great show, and there's so many vendors and there's so much great technology here, but if you talk to Gardner or Forester or ADC or 451, one of the main things they'll tell you is you've got to have not individual tools for every individual problem, you need to have a platform in place that provides you the breadth of coverage where you have the ability to be flexible across those technologies. And that's another thing that BMC is offering in the market. >> Yeah, so one of the challenges of building that platform, though, is that you've got all of these little different silos that tend to just sort of build up all by themselves. And then when you come and try like the central IT comes along and says, "No, thall shalt use the one true solution." How do you actually provide the right level of flexibility for individual solutions that can be tailored in need, but still provide that scalability and sameness across everything that gives you those efficiencies in scale? How does BMC help you manage that? >> Well that's one of BMC's historical strongest parts of the offering, is the breadth of content, being able to support, you know, in the data center all of the different operating systems, all of the different applications. We do the same thing now by us forwarding all the different microservices within AVDS, all of the different microservices within Azure, being able to then provide that breadth of content so that the developer, himself, can choose whatever and then from a central IT standpoint, you know you've got the policies in place to be able to make sure that they're safe. Another one of my favorite expression is that developers will argue with people but they won't argue with systems. And so if you then being able to incorporate that, the compliance and control into the DevOps pipeline, into the DNAP driven-approach, where a developer does something that's outside of those guidelines and they just get an immediate response back saying, "No, I'm sorry, that's not allowed." or you know, "There's an air message in law." they're like, "Okay, well I gotta go fix that." verus being on the phone or having to go through any of that process. Developers are very argumentative about that. So what we do is be able to take that corporate IT perspective and just be able to eject it programmatically across all the different dev teams. >> I think our question we wanna pivot on the developer role for a second, you know, AWS has done a great job of attracting a lot of awareness in the developer community for a long time now. They've never really had to advertise, because this awareness was so strong, very sticky. We've seen them this year, sort of advertising, which as a marketer kinda signaled to me, interesting. We know that their massive growth rate isn't predicated upon us, you know, startups alone. That the enterprise is also a major play for AWS and they need to get to now, the CEO, the corporate board. I'm just curious, is BMC seeing in like a customer, like a large bank or an insurance company for example, where are you seeing the C-Suite help influence product development? How influential is that higher tier of management now as this transition becomes an absolute business imperative? >> Well, it's interesting because you see not only the rise of the CIO as a digital transformer within the business, you also see the CEO being more and more involved with us. And you also have the rise of the CSO. So being able to inject security into this conversation, and so you've got a monopoly of different voices that are all happening at the board level and that there's board visibility in the center of these things as well. But the board now pays attention to, "How are we developing our applications? Are they safe? Are they secure? You know, is there an existential risk to our business by the way that we're conducting ourselves from an information technology standpoint?" So those conversations are obviously happening. You know, we see them happening all the time, it's been really great for our business, because we've been working with these companies for years and years and years to help them be safe and compliant, to keep their banking licenses in order, things of that nature, and now we're just extending that to the cloud, as well. So we definitely see it and honestly, it's one of the things that we feel like is a core competitive advantage for us, is we have those relationships in place today and have for decades. >> Yeah, do you see yourselves going into customers in sort of a partnering relationship with AWS, particularly for those enterprises? I can see that, I mean IT has been wanting a seat at this table for so, so long. It's like, "Well, you've got one now. It happened to come from security which is possibly not the best introduction ever." But now that they have their seat at the table, how are you finding to manage that conversation to influence board level, which is a far different conversation than what it would be when you're talking about technical things? And even from developer land, it's like, "API's and so on", that's not really a board level conversation or is it? >> Well AWS is one of our strategic partners and so it's very easy for us to go into customers together, and be able to tell that message of, "Go safe but be fast at the same time." And so we're much more of an and-world now than an or-world, you know, that we were in the past. And the ability to make trade-offs with somebody that we all kinda took for granted, but now we really don't have that ability anymore, like we have to be all things to all people and that forces a lot of innovation. And it forces a lot of the kind of the new things that you're seeing everyday, no matter of AWS and other vendors as well. It's really an exciting time to be in information technology. >> Never a dull moment. And yeah I wanted to kinda pivot on it, symbiosis. Like how much business do you drive for AWS, but also conversely, how much does AWS sorta push BMC to innovate at their pace? >> Right, so you know, just being a AWS partner pushes you. Because you're now along for the ride and wherever they go, whatever they're doing, you know, our customers are looking at us and saying, "When do you support that? And how are you gonna support that?" You know, we want to be easing into these things and so we've had to put on ourselves, a very strict SLA that as soon as AWS gets someone new, we have to support it with our very breviated time, 'cause that's what our customers have had it and that's great 'cause it enforces us to innovate, forces us to do things in new ways and be able to you know, actually have a lot of the technologies, a lot of the processes in place that our customers, themselves are trying to emulate. So that's been wonderful. In addition to that, if you look at you know, how we're pushing AWS, AWS is definitely you know, is already in the enterprise, there's a lot of enterprises that already used us but being able to think about things from an enterprise standpoint is different than a developer bottom-up standpoint and so we've always been a lot more holistic about understanding what are the needs of the business? And especially from a C-Suite communication perspective, like how do we articulate and how do we do that well? And that's part of what we bring to the relationship. >> You mentioned a lot of customers are banks and insurance companies, I'm curious about healthcare. There's sort of an anticipation that Andy Jassy might be announcing a broader partnership with Cerner, who has 25% market share in electronic health records. Healthcare being historically slower to adopt cloud, massive security challenges there. What are you guys seeing in the healthcare space? What are some of the primary concerns there that you're helping to mitigate? >> Well so if you talk about healthcare, the first thing that everybody will talk about, especially in the IT space is HIPAA, right? So it's you know, what am I doing with my private data? If you talk about it from an AMIA perspective, you know, it's GDPR, you know, what are we gonna do about private data, how do we keep it segregated? You know, how do we not only have those mechanisms in place, but how do we ensure that they're in place, be able to prove that they are in place? And when our auditors come to us, we can provide them all that data. And that's exactly what BMC provides. So we have out of the box content for HIPAA compliance, for SOX, for PCI, for anything that you want to do. And so we can just look at your systems or they're in the data center or in the cloud, tell you exactly how they need to be configured, and then also I'll remediate them for you. So we can take that next step and provide the automation in place for you, so that you can actually then just worry about running your business. So it's a really, really interesting vertical for us to go into 'cause of our history and 'cause of our background. >> Yeah, there's gonna be so much growth in that area. I mean, even from my part of the world, down in Australia. We've got our electronic health records is a big, big thing with the whole program of work that's involved in putting that in, being able to keep that data safe, but also useful. It's gonna be a big challenge and I can only see it getting larger. >> Oh right, absolutely. And it's important for us not to lose sight that the end person we're protecting is the consumer. The end person we're protecting is the individual who that's their data, like they own that, and so it's our job and our duty to do the best we can for our customers to protect that. And ultimately, that's the value. >> Last question for you, some of the things that have come out already in the last day and a half or so, from AWS on AI, what are you seeing in terms of customers' comprehension of machine learning and what the potential is for them to truly become data driven, leveraging advanced technologies like that? >> So we're definitely in the hype cycle with AI, right? I mean and I think we all kinda know that. I think when you talk about machine learning and basing and reasoning and-- it's all part of the cape on having the data in place to do the analysis on. And so just like we saw with the data, it's like, "Oh I want big data, but then now what do I do with it?" Now, we have AI machine learning for the people that do have large data sets, they can start to do some interesting analysis, they can start to do some interesting things. But you have to have the data first, before you start to apply the actual algorithms to it. 'Cause the algorithm, you know, just give it two data points, it's not gonna be very smart. Give it two trillion and it's gonna be able to do some really interesting things. >> So what can people see and learn and touch and feel at the BMC booth here? >> So just this week, we launched a new product called policy service, which is policy and compliance for public cloud and for DevOps pipelines, so we'd love to show anybody who wants to come by a demo of that, we're very excited about it. Also it ties back to our core automation and so if you have to do something also in the data center, we can bring those two worlds together for you. >> Excellent. Well Daniel Nelson, thank you so much for joining us. You're now in the CUBE alumni. >> Alright, that's exciting, I appreciate it. >> And I'm Lisa Martin, for my co-host Justin Warren, we are live from day one of our three day coverage at AWS re:Invent 2017, stick around, we'll be right back. (techno music)