>> Announcer: Live from Las Vegas, it's theCUBE! Covering Informatica World 2018. Brought to you by Informatica. >> Hey, welcome back everyone, it's theCUBE's exclusive coverage here at the Venetian, Live in Las Vegas CUBE coverage. I'm John Furrier the co-host of theCUBE with Peter Burris my co-host for the next two days of wall-to-wall coverage. Our next guest is Andrew Joss, who's the Head of Solutions and Data Governance for Europe, Middle East and Africa, and Latin America for Informatica. Great to have you on, thanks for joining us. >> Thank you! >> I could not stop waiting for this question because your anemia, Europe, Middle East and Europe. GDPR is kicking in this Friday. >> Andrew: Absolutely. >> So we're in May 2018. The big release of the law that kicks into place for GDPR in effect. Two things, what's the mood and then what does it mean? I mean, it's a shot across the bow of the industry. But we know what it means for people but like, what's the impact of this, what's going on? >> So I think we're seeing it at a couple of different levels. I think at a very individual level. I think the awareness of what GDPR potentially means for people, I think we're starting to feel that as individuals, in EMEA. We're seeing increasingly organizations reaching out to us, you know, we want permission to use your information or consensus in coding GDPR. You're customers of ours, here's our new privacy policy. We see lots of this and it's happening from lots of different organizations that we work with. So I think people are starting to see it and feel it, are starting to feel like it's real now, not just something we've been talking about for a long period of time. But I think also in terms of potentially what the impact of this will be, that I think organizations are starting to look at some of the major tenants that sit underneath GDPR, how are they going to address those, and what does that mean for the data subject? Like people like me, for example, I'm a data subject. What does it all mean for me? And I think they realize-- >> John: As an individual you have data rights. >> Exactly. Absolutely. >> The concern I have, I had a big rant on Facebook, it was good conversation, but here's the thing. It's like, you know, when laws came out, like it's so hard being so obviously, when your public, you're ready to go public, you have all the infrastructure to comply with all those regulations, a lot of people aren't prepared for GDPR because, where their, they might not even know where their data is, >> Absolutely. >> what's the format, what's the schema, they don't have mechanisms in place, 'cause there's IT legacy involved. (laughing) I mean GDPR, great on paper, everyone's got their own rights it sounds good, you know, but when you have to get under the hood and saying, hey Enterprise, you know that stuff you've been putting in drives, and the storage administrator quit 10 years ago and, you don't know what's going on and, guess what? You're now liable. >> Andrew: Major issue. >> People were scared. So, this is a problem, how can someone get ready, 'cause just like when people go public they have to be ready hire all these, process stuff, what do you guys see that, I mean Informatica has some solutions, I'm sure, but, what's the client relationship like for you guys as you talk to customers? >> I think it kind of varies, some industries seem to be a little bit more advanced in their thinking so, regulated industries for example, they're kind of used to regulation and compliance, they kind of get a lot of these things, so I think some of those have found this process a little bit easier. I think some industries, this is generally quite new, some of the ideas, some of the practices that come with GDPR I think are also quite new, for some of these industries. >> Internet companies, fast and loose, if you're fast and loose you're going to be doing a lot of work. >> But ultimately, when you think about, a lot of what GDPR brings to the data subject, that people like me and my colleagues, then, a lot of that then is about these rights, and the ability for us to be able to actually take back more control of our data, 'cause fundamentally it is our data. So if we have more control, then it's about how organizations help us with those rights, and help us move along that journey of what we can now do with our data, and what GDPR gives us. >> And just to be clear too, we reported on this in depth with Wikibon, SiliconANGLE, and theCUBE, GDPR it's been clear it's going to be a process. They're going to look for compliance, they're not lookin' for everyone to be like, they want to see directional progress, right, so it's not like the hammer's going to come down tomorrow, but people now, data subjects now can bring claims against companies, so. >> Actually John, I think it's, you're right but, we have a client, the Chief Privacy Officer of one of our clients, made the observation that had the Equifax breach occurred after Friday in Europe, it would have cost that company 160 billion dollars, My guess is what's going to happen is, they're going to look for that direction unless a company has a serious problem, then they're going to use GDPR to levy fines, and generate some, and remunerate back to the people affected, some real relief would you agree with that? >> Actually I see GDPR in a slightly different way, maybe that's just because it feels quite personal to me, because I feel it's something that's going to be a part of my life. And actually I think it's about organizations really respecting my data, and therefore respecting me. So, you know, when we talk about fines, yes I'm sure there's probably going to be some of those. A lot of the customers I talk to are actually, they're worried about reputational damage. You know, what's going to happen to their brand, what's going to happen to their image if something happens? And that, for many organizations, is far more serious and significant than any kind of fine potentially may be, so it's actually-- >> And there's a mega trend goin' on, you're seeing with blockchain and decentralized applications where people who create the value should capture it, hence the personal relationship to your data, and we all look at Facebook and say, hey I signed up for a free app so I could meet my high school friends and see them, do some things on Facebook, but I didn't sign a contract to give you my data to, have the election be thrown in the US, (laughing) so it's kind of like, wait a minute, what're you doin' with my data? >> Talk about blockchain and immutability of the data, if you have, does GDPR make it more difficult to use technologies like blockchain? >> I think organizations just have to look at GDPR and say, you know, it's a principles-based regulation, so it's not going to tell you, you know, the details of how you should do things, but it's tryna take you on a journey around kind of how you can then start to bring a lot more respect to the data subject, because of the data that you're managing and processing for them. The organizations are going to have to look at that and say, how do we take all of this, and how do we start to move it into our environment, whether it be blockchain, or any other technology, how does it apply, and do we have to make some changes, do we have to think tactically or strategically, I think organizations are going to have to look at this and say what does this mean longer term? Because I don't think anyone really knows right now. >> Well I want to get your thoughts on this, as Head of Solutions and Governance we chatted with the Deloitte guys came on earlier, and they kind of laid out, I mean, I'm just paraphrasing the playbook, data engineering, data governance, data enablement, so they're kind of looking at it, you know, as kind of a playbook. Got to do the engineering work to figure out where the data is, throw the catalog in there, MDM, there's a variety of solutions out there, and tools for other things, and then the governance piece is super critical. Then the enablement is where, then you're in an ideal state for a GDPR, or wherever where, everything's foundationally built and engineered and governed, ideally you could have things like consensus, you could have some security, do you see it the same way, and how are you guys at Informatica talking to customers? Does that jive with some of the things that you guys--? >> Yeah, it does, it resonates quite well, so, I think because it's a principles based regulation then, actually that has some potentially quite interesting and beneficial impacts for some of our customers, so a lot of our customers are going through some kind of transformation, mostly digital transformation, and you think about the principles that GDPR gives you, I look at that and I think, but actually some of these are just good data management practices and principles, it happens to be around personal data for GDPR right now but those principles are just valued for probably kind of any kind of data. So if you're on a digital transformation journey, with all the change and with all the opportunity that brings actually these practices and principles for GDPR they should be helping drive things like your digital transformation, and for a lot of our customers change is the only constant they've got. So actually managing all this, whilst everything is changing around you, it's tough for a lot of them. >> Opensource has been a big driver in our industry, we've seen some there, open always beats closed, and having all the open data's key, have you seen any GDPR impact around being open, is there like, opensource groups that are out there helping companies, you guys obviously can get called on, but what dose the customer do, I mean like, Peter and I say hey, maybe we're impacted by GDPR, who do we call? Is there an opensource community that can help with, you know, terms of service, if they want to go down the right roads of data hygiene or data setup cataloging, what do they do, I mean what's the? (laughing) I mean it's the shock, and people going well we're not really kind of where we should be, what do they do? With any movement? >> Yeah, I've seen quite a bit of movement, so, I think probably one of the biggest single challenges that I've seen is, for many organize--many of our customers, they'll be saying to us, okay, so what should we do in this circumstance? And actually that's really tough for us to answer, because it's a principles-based regulation than actually somebody needs to look at that, that's probably the legal or the privacy teams, say well what does that mean for us? How do we take that, and then come up with a set of requirements that says this is what we need to do for our organization, in our markets, in our territory, for example? So there's probably no one-size-fits-all answer, so, there's legal aspects to this, there's privacy aspects, data management, risk, compliance, opensource groups they can give opinion, but it's nothing more than that. >> And they might not have the talent internally to actually understand culturally what the principle is, so they got to call in the consultant, so our integrators, Deloitte-- >> Exactly, exactly. >> But fundamentally, it seems that one of the things GDPR is going to do, is it's going to force companies, force enterprises, to be very explicit and declare what attributes of that personal data they make money with. And be very, and effectively open that up, and be much more, as you said, what'd you call it private subject or? >> Data subjects. >> Data subjects, they're going to have to be more explicit declaring to data subjects, in simple terms, how they're making money off of data, or how they're avoiding that problem. >> Yeah, I think organizations, and I think about some of the privacy notices I've received, recently for example, I think, what organizations are doing, I think they're trying to explain to people, this is the kind of data we have, these are types things that we have to do with it, sometimes it's maybe regulatory, but actually other times it's about, these other types of business activities, so they're starting to be a lot more transparent, I think, in what they're doing with the data. Is it transparent enough? I guess time will tell. And the reaction of data subjects will also be the indicator whether people think that's acceptable or not, I don't think we know yet, it's early days, but actually that change, I think over time what we'll start to see is organizations are going to be looking at the way that they manage data, I think transparency, I think will be a huge topic for a lot of industries, I think that the notion of kind of having a respect for people and their data, and how it then leads to trust. So lots of industries have kind of lost the trust of people around the ability to manage their data, so how do they get that back? Well potentially GDPR might be a way of helping people access to that. >> Many of these guys, they got to get their act together and build up a quality data policy around it. Okay, final question for ya, I know we're tight on time, but I want to get it out there, what do you guys have for solutions for customers, what are you guys offering, specifically for products, that helps them with the compliance, any gap analysis, I mean what do you guys do for customers, what's the solution? >> It's, it's in a couple of different areas, so I'm going to tackle a couple quite specific things, then something slightly a little bit broader, so, organizations, I think you were mentioning earlier, just kind of knowing what their data is. Well actually we have some fantastic technology to go and discover, you know, or to make the discovery of that data, that's great for organizations 'cause that, today, a lot of them are doing it by hand, they're doing it manually, so discovery of data really important, so we have technology in that space. The ability to go and mask an archive, get rid of data, if you don't have a legitimate reason for having data, then why have you got it? So technology to help you, you know, get rid of that data. Other types of technology about being able to connect what you have in terms of your physical data assets, to actually your interpretation of what GDPR means to you and your business, that's fantastic, the ability to connect those together, that's our governance environment, and then technologies around, kind of, building that view of the data subject, so we can then enact all these rights that people like me have now got, but also then too, can sense that we may potentially have to give, how do you associate that with all the complexity of the data? So we have technologies in our massive data management space to do that. But I think probably the one thing that I hear fairly consistently for customers, it's not necessarily about those isolated kind of views, of the technology and how it solves specific problems, I think they're looking at it quite wholistically, and they're looking at solutions that can really automate a lot of this, as much as possible, they're looking for solutions that scale, some of these are very large, complex organizations, it's not small amounts of data, in cases, some cases, it's huge amounts of data, so they're tying to cope with this scale, but they're also looking to solve some very specific problems. So I think there's kind of a combination of things, which I think plays really well, through Informatica's core strengths. >> And it also creates awareness for companies to put data as a strategic centerpiece, not as a side thing, bring it right to the front and center. >> Andrew, thanks for sharing the insight on theCUBE, appreciate your time. theCUBE, live coverage here in Las Vegas at the Venetian, this is exclusive coverage of Informatica World 2018, I'm John Furrier with Peter Burris, stay with us for more, here on day one of two days of coverage. We'll be right back, after this short break. (bubbly music)