(soft electronic music) >> Welcome to this special CUBE Conversation. I'm John Furrier here, in theCUBE's Palo Alto studio. We're here, remotely, with Nick Halsey who's the CEO of OKERA, hot startup doing amazing work in cloud, cloud data, cloud security, policy governance as the intersection of cloud and data comes into real stable operations. That's the number one problem. People are figuring out, right now, is how to make sure that data's addressable and also secure and can be highly governed. So Nick, great to see you. Thanks for coming on theCUBE. >> It's great to be here, John, thank you. >> So you guys have a really hot company going on, here, and you guys are in an intersection, an interesting spot as the market kind of connects together as cloud is going full, kind of, whatever, 3.0, 4.0. You got the edge of the network developing with 5G, you've got space, you've got more connection points, you have more data flowing around. And the enterprises and the customers are trying to figure out, like, okay, how do I architect this thing. And oh, by the way, I got a, like all these compliance issues, too. So this is kind of what you could do. Take a minute to explain what your company's doing. >> Yeah, I'm happy to do that, John. So we're introduced a new category of software that we call universal data authorization or UDA which is really starting to gain some momentum in the market. And there're really two critical reasons why that happening. People are really struggling with how do I enable my digital transformation, my cloud migration while at the same time making sure that my data is secure and that I'm respecting the privacy of my customers, and complying with all of these emerging regulations around data privacy like GDPR, CCPA, and that alphabet soup of regulations that we're all starting to become aware of. >> I want to ask about the market opportunity because, you know, one of the things we see and the cloud covers normal conversations like, "Hey, modern applications are developing." We're starting to see cloud-native. You're starting to see these new use cases so you're starting to see new expectations from users and companies which creates new experiences. And this is throwing off all kinds of new, kinds of data approaches. And a lot of people are scratching their head and they feel like do they slow it down, they speed it up? Do I get a hold of the compliance side first? Do I innovate? So it's like a real kind of conflict between the two. >> Yeah, there's a real tension in most organizations. They're trying to transform, be agile, and use data to drive that transformation. But there's this explosion of the volume, velocity, and variety of data, we've all heard about the three Ds, we'll say there're five Ds. You know, it's really complicated. So you've got the people on the business side of the house and the Chief Data Officer who want to enable many more uses of all of these great data assets. But of course, you've got your security teams and your regulatory and compliance teams that want to make sure they're doing that in the right way. And so you've got to build a zero-trust infrastructure that allows you to be agile and be secure at the same time. And that's why you need universal data authorization because the old manual ways of trying to securely deliver data to people just don't scale in today's demanding environments. >> Well I think that's a really awesome approach, having horizontally scalable data. Like infrastructure would be a great benefit. Take me through what this means. I'd like to get you to define, if you don't mind, what is universal data authorization. What is the definition? What does that mean? >> Exactly and people are like, "I don't understand security. "I do data over here and privacy, "well I do that over here." But the reality is you really need to have the right security platform in order to express your privacy policies, right. And so in the old days, we used to just build it into the database, or we'd build it into the analytic tools. But now, we have too much data in too many platforms in too many locations being accessed by too many, you know, BI applications and A-I-M-L data apps and so you need to centralize the policy definition and policy enforcement so that it can be applied everywhere in the organization. And the example I like to give, John, is we are just like identity access management. Why do I need Okta or Sale Point, or one of those tools? Can't I just log in individually to, you know, SalesForce or to GitHub or? Sure, you can but once you have 30 or 40 systems and thousands of users, it's impossible to manage your employee onboarding and off-boarding policy in a safe and secure way. So you abstract it and then you centralize it and then you can manage and scale it. And that's the same thing you do with OKERA. We do all of the security policy enforcement for all of your data platforms via all of your analytic tools. Anything from Tableau to Databricks to Snowflake, you name it, we support those environments. And then as we're applying the security which says, "Oh, John is allowed access to this data in this format "at this time," we can also make sure that the privacy is governed so that we only show the last four digits of your social security number, or we obfuscate your home address. And we certainly don't show them your bank balance, right? So you need to enable the use of the data without violating the security and privacy rights that you need to enforce. But you can do both, with our customers are doing at incredible scale, then you have sort of digital transformation nirvana resulting from that. >> Yeah, I mean I love what you're saying with the scale piece, that's huge. At AWS's Reinforce Virtual Conference that they had to run because the event was canceled due to the Delta COVID surge, Stephen Schmidt gave a great keynote, I called it a master class, but he mainly focused on cyber security threats. But you're kind of bringing that same architectural thinking to the data privacy, data security piece. 'Cause it's not so much you're vulnerable for hacking, it's still a zero-trust infrastructure for access and management, but-- >> Well you mean you need security for many reasons. You do want to be able to protect external hacks. I mean, every week there's another T-Mobile, you know, you name it, so that's... But 30% of data breaches are by internal trusted users who have rights. So what you needed to make sure is that you're managing those rights and that you're not creating any long tails of data access privilege that can be abused, right? And you also need, one of the great benefits of using a platform like OKERA, is we have a centralized log of what everybody is doing and when, so I could see that you, John, tried to get into the salary database 37 times in the last hour and maybe we don't want to let you do that. So we have really strong stakeholder constituencies in the security and regulatory side of the house because, you know, they can integrate us with Splunk and have a single pane of glass on, weird things are happening in the network and there's, people are trying to hit these secure databases. I can really do event correlation and analysis, I can see who's touching what PII when and whether it's authorized. So people start out by using us to do the enforcement but then they get great value after they've been using us for a while, using that data, usage data, to be able to better manage their environments. >> It's interesting, you know, you bring up the compliance piece as a real added value and I wasn't trying to overlook it but it brings up a good point which is you have, you have multiple benefits when you have a platform like this. So, so take me through like, who's using the product. You must have a lot of customers kicking the tires and adopting it because architecturally, it makes a lot of sense. Take me through a deployment of what it's like in the customer environment. How are they using it? What is some of the first mover types using this approach? And what are some of the benefits they might be realizing? >> Yeah, as you would imagine, our early adopters have been primarily very large organizations that have massive amounts of data. And they tend also to be in more regulated industries like financial services, biomedical research and pharmaceuticals, retail with tons of, you know, consumer information, those are very important. So let me give you an example. We work with one of the very largest global sports retailers in the world, I can't use their name publicly, and we're managing all of their privacy rights management, GDPR, CCPA, worldwide. It's a massive undertaking. Their warehouse is over 65 petabytes in AWS. They have many thousands of users in applications. On a typical day, an average day OKERA is processing and governing six trillion rows of data every single day. On Black Friday, it peaked over 10 trillion rows of data a day, so this is scale that most people really will never get to. But one of the benefits of our architecture is that we are designed to be elastically scalable to sort of, we actually have a capability we call N scale because we can scale to the Nth degree. We really can go as far as you need to in terms of that. And it lets them do extraordinary things in terms of merchandising and profitability and market basket analysis because their teams can work with that data. And even though it's governed and redacted and obfuscated to maintain the individuals' privacy rights, we still let them see the totality of the data and do the kind of analytics that drive the business. >> So large scale, big, big customer base that wants scale, some, I'll say data's huge. What are some of the largest data lakes that you guys have been working with? 'Cause sometimes you hear people saying our data lakes got zettabytes and petabytes of content. What are some of the, give us a taste of the order of magnitude of some of the size of the data lakes and environments that your customers were able to accomplish. >> I want to emphasize that this is really important no matter what size because some of our customers are smaller tech-savvy businesses that aren't necessarily processing huge volumes of data, but it's the way that they are using the data that drives the need for us. But having said that, we're working with one major financial regulator who has a data warehouse with over 200 petabytes of data that we are responsible for providing the governance for. And one thing about that kind of scale that's really important, you know, when you want to have everybody in your organization using data at that scale, which people think of as democratizing your data, you can't just democratize the data, you also have to democratize the governance of the date, right? You can't centralize policy management in IT because then everybody who wants access to the data still has to go back to IT. So you have to make it really easy to write policy and you have to make it very easy to delegate policy management down to the departments. So I need to be able to say this person in HR is going to manage these 50 datasets for those 200 people. And I'm going to delegate the responsibility to them but I'm going to have centralized reporting and auditing so I can trust but verify, right? I can see everything they're doing and I can see how they are applying policy. And I also need to be able to set policy at the macro level at the corporate level that they inherit so I might just say I don't care who you are, nobody gets to see anything but the last four digits of your social security number. And they can do further rules beyond that but they can't change some of the master rules that you're creating. So you need to be able to do this at scale but you need to be able to do it easily with a graphical policy builder that lets you see policy in plain English. >> Okay, so you're saying scale, and then the more smaller use cases are more refined or is it more sensitive data? Regulated data? Or more just levels of granularity? Is that the use case? >> You know, I think there's two things that are really moving the market right now. So the move to remote work with COVID really changed everybody's ideas about how do you do security because you're no longer in a data center, you no longer have a firewall. The Maginot Line of security is gone away and so in a zero-trust world, you know, you have to secure four endpoints: the data, the device, the user, and the application. And so this pretty radical rethinking of security is causing everybody to think about this, big, small, or indifferent. Like, Gartner just came out with a study that said by 2025 75% of all user data in the world is going to be governed by privacy policy. So literally, everybody has to do this. And so we're seeing a lot more tech companies that manage data on behalf of other users, companies that use data as a commodity, they're transacting data. Really, really understand the needs for this and when you're doing data exchange between companies that is really delicate process that have to be highly governed. >> Yeah, I love the security redo. We asked Pat Gelsinger many, many years ago when he was a CEO of VMware what we thought about security and Dave Allante, my co-host at theCUBE said is it a do-over? He said absolutely it's a do-over. I think it was 2013. He mused around that time frame. It's kind of a do-over and you guys are hitting it. This is a key thing. Now he's actually the CEO of Intel and he's still driving forward. Love Pat's vision on this early, but this brings up the question okay, if it's a do-over and these new paradigms are existing and you guys are building a category, okay, it's a new thing. So I have to ask you, I'm sure your customers would say, "Hey, I already got that in another platform." So how do you address that because when you're new you have to convince the customer that this is a new thing. Like, I don't-- >> So, so look, if somebody is still running on Teradata and they have all their security in place and they have a single source of the truth and that's working for them, that's great. We see a lot of our adoption happening as people go on their cloud transformation journey. Because I'm lifting and shifting a lot of data up into the cloud and I'm usually also starting to acquire data from other sources as I'm doing that, and I may be now streaming it in. So when I lift and shift the data, unfortunately, all of the security infrastructure you've built gets left behind. And so a lot of times, that's the forcing function that gets people to realize that they have to make a change here, as well. And we also find other characteristics like, people who are getting proactive in their data transformation initiatives, they'll often hire a CDO, they'll start to use modern data cataloging tools and identity access management tools. And when we see people adopting those things, we understand that they are on a journey that we can help them with. And so we partner very closely with the catalog vendors, with the identity access vendors, you know, with many other parts of the data lake infrastructure because we're just part of the stack, right? But we are the last mile because we're the part of the stack that lets the user connect. >> Well I think you guys are on a wave that's massive and I think it's still, it's going to be bigger coming forward. Again, when you see categories being created it's usually at the beginning of a bigger wave. And I got to ask you because one thing's I've been really kind of harping on on theCUBE and pounding my fist on the table is these siloed approaches. And you're seeing 'em everywhere, I mean, even in the consumer world. LinkedIn's a silo. Facebook's a silo. So you have this siloed mentality. Certainly in the enterprise they're no stranger to silos. So if you want to be horizontally scalable with data you've got to have it free, you've got to break the silos. Are we going to get there? Is this the beginning? Are we breaking down the silos, Nick, or is this the time or what's your reaction to that? >> I'll tell you something, John. I have spent 30 years in the data and analytics business and I've been fortunate enough to help launch many great BI companies like Tableau and Brio Software, and Jaspersoft and Alphablocks we were talking about before the show. Every one of those companies would have been much more successful if they had OKERA because everybody wanted to spread those tools across the organization for better, more agile business analytics, but they were always held back by the security problem. And this was before privacy rights were even a thing. So now with UDA and I think hand-in-hand with identity access management, you truly have the ability to deliver analytic value at scale. And that's key, you need simplicity at scale and that is what lets you let all parts of your organization be agile with data and use it to transform the business. I think we can do that, now. Because if you run in the cloud, it's so easy, I can stand up things like Hadoop in, you know, like Databricks, like Snowflake. I could never do that in my on-prem data center but I can literally press a button and have a very sophisticated data platform, press a button, have OKERA, have enforcement. Really, almost any organization can now take advantage of what only the biggest and most sophisticated organizations use to be able to do it. >> I think Snowflake's an example for all companies that you could essentially build in the shadows of the big clouds and build your own franchise if you nail the security and privacy and that value proposition of scale and good product. So I got, I love this idea of security and privacy managed to a single platform. I'd love to get your final thought while I got you here, on programmability because I'm seeing a lot of regulators and people in the privacy world puttin' down all these rules. You got GDPR and I want to write we forgot and I got all these things... There's a trend towards programmability around extraction of data and managing data where just a simple query could be like okay, I want to know what's goin' on with my privacy and we're a media company and so we record a lot of data too, and we've got to comply with all these like, weird requests, like hey, can you, on June 10th, I want, can you take out my data? And so that's programmatic, that's not a policy thing. It's not like a lawyer with some privacy policy. That's got to be operationalized. So what's your reaction to that as this world starts to be programmable? >> Right, well that's key to our design. So we're an API first approach. We are designed to be a part of a very sophisticated mesh of technology and data so it's extremely simple to just call us to get the information that you need or to express a policy on the fly that might be created because of the current state-based things that are going on. And that's very, very important when you start to do real-time applications that require geo-fencing, you're doing 5G edge computing. It's a very dynamic environment and the policies need to change to reflect the conditions on the ground, so to speak. And so to be callable, programmable, and betable, that is an absolutely critical approach to implementing IUDA in the enterprise. >> Well this is super exciting, I feel you guys are on, again, a bigger wave than it appears. I mean security and privacy operating system, that's what you guys are. >> It is. >> It is what it is. Nick, great to chat with you. >> Couldn't have said it better. >> I love the category creation, love the mojo and I think you guys are on the right track. I love this vision merging data security policy in together into one to get some enablement and get some value creation for your customers and partners. Thanks for coming on to theCUBE. I really appreciate it. >> Now, it's my pleasure and I would just give one piece of advice to our listeners. You can use this everywhere in your organization but don't start with that. Don't boil the ocean, pick one use case like the right to be forgotten and let us help you implement that quickly so you can see the ROI and then we can go from there. >> Well I think you're going to have a customer in theCUBE. We will be calling you. We need this. We've done a lot of digital events now with the pandemic, so locked data that we didn't have to deal with before. But thanks for coming on and sharing, appreciate it. OKERA, hot startup. >> My pleasure, John and thank you so much. >> So OKERA conversation, I'm John Furrier here, in Palo Alto. Thanks for watching. (soft electronic music)