(gentle upbeat music) >> Hello, everyone, and welcome to theCUBE's coverage of Commvault Connections 21. My name is Dave Vellante and I'll be hosting the program today. I want to start with a bit of an assessment on the keynotes that we heard this morning, but before I get into that, I want to set the framework for thinking about Commvault as a company. This company has been around for a long time, since the late 1980s, but really came into prominence in the client server era and it has ridden numerous waves, including network backup and recovery, data management, and now cloud data services. It's a company with more than $700 million in revenue and a market value of nearly $3 billion. Since coming on as CEO, Sanjay Mirchandani has embarked on moving the company towards a subscription model, focusing on optionality for on premises, hybrid and cloud workloads. It's launch of metallic and data management as a service are two components that underpin the strategy. At his keynote earlier today, Mirchandani drew on his experience as both a former CIO and current CEO roles to connect with his audience. His major themes hit on data, the value of data, and the imperative to get control of your data. Of course, data protection has become a fundamental component of digital transformations. For years, data protection was an afterthought or a bolt on, but today, organizations are forced to think about their digital stacks in their entirety, which means they have to build resilience into their platforms from the start. Mirchandani said that if we embrace, manage, and properly protect data, it will become the defining disruptive difference for an organization. But he talked about the gap between what the business wants to do and what the technology teams are actually equipped to do and when it comes to data, I couldn't agree more. He called this the business integrity gap and I'll come back to that. He also put out some fun facts and I'll share those here. According to IDC, 64 zettabytes of data was created and replicated in 2020. That's the equivalent of 2 trillion 4K movies. That's a lot of data. Gardner says by 2025, 85% of business will be delivered through SAS applications. Sophos, the security firm, estimates that the average cost of a ransomware attack is approaching nearly $2 million. The security company Proofpoint did a survey and 64% of surveyed CSOs felt that they were at risk of a material cyber attack in the next 12 months. I'm surprised that number was so, so low. I think the other 36% are busy responding to a cyber attack. Coming back to Sanjay's business integrity gap. Here's how I see it. Data by its very nature is distributed, decentralized, and it's becoming more so with hybrid connections, multicloud installations, and edge use cases. This is only going to accelerate in the future. As such, organizations need to rethink their approaches to getting value from data. Instead of building monolithic data architectures and hyper-specialized technical data teams, organizations are beginning to empower lines of business and domain owners to take end-to-end responsibility for data ownership. The underlying technology platform is becoming an operational detail that serves the data owners, where data protection and governance is computationally automated in a federated model. So the policy is centralized, but the implementation of that policy is done by software. This means that data governance, security, privacy, access, and policy are all adjudicated wherever possible by software and our automated, irrespective of physical location. Data silos are not just a technology problem. They're a symptom of flawed organizational constructs, steeped in the notion that highly technical data specialists and centralized teams should be the stewards of the data and serve multiple lines of business simultaneously, without proper business context. Now, this is changing. Data is being used to create a new class of products and services that can be directly or indirectly monetized, or drive other value, for instance, like saving lives. It's about the organizational mission. Now in this sense, data is undergoing a renaissance, where the responsibility for end-to-end data ownership is being distributed and decentralized, where highly specialized technical teams are becoming enablers for generalists that reside within the lines of business, i.e., those who are building data products and services. This is not shadow IT. It's decentralized management with federated governance. Now, by rethinking the data management paradigm, the responsibility for good data protection policy transcends technical teams and becomes a priority for the entire organization. To that end, Commvault laid out its strategy to deliver a comprehensive set of intelligent data services, spanning data protection, security, compliance, governance, data transformation, and data insights. In my view, a huge part of Commvault's strategy lies in automation. That's a key ingredient of cloud and any cloud strategy. In other words, supporting cloud native and cloud-like data management capabilities that can be programmatically deployed, secured, managed, and governed, and applied across an organization's sprawling data empire. The world of enterprise technology is complex and the winning technology companies are going to be those that can abstract the underlying complexity and assist organizations to implement sound data management practices, irrespective of data location, in the most efficient way. So as you hear the stories and examples here at Commvault Connections, you can decide for yourself if the company is on the right track and if what you hear aligns with your digital business skill goals. So let's now get a practitioner's perspective and hear how the CSO is thinking about data protection. Up next is Dave Martin, Chief Information Security Officer at ADP. You're watching theCUBE. (gentle upbeat music)

>>Mhm. Mhm. >>We're here with the Cube covering Calm Vault Connections 21. We're gonna look at the data protection space and how cloud computing has advanced the way we think about backup recovery and protecting our most critical data. Ranga Rajagopalan, who is the vice president of products at Con vault and Stephen Orban, who's the General manager of AWS marketplace and control services gents. Welcome to the cube. Good to see you. >>Thank you. Always A pleasure to see you here >>steve. Thanks for having us. Very >>welcome, Stephen, let's start with you. Look the cloud has become a staple of digital infrastructure. I don't know where we'd be right now without being able to access enterprise services I. T. Services remotely. Um But specifically how our customers looking at backup and recovery in the cloud, is it a kind of a replacement for existing strategies? Is it another layer of protection? How are they thinking about that? >>Yeah. Great question. David again, thank thanks for having me. And I think you know, look if you look back to 15 years ago when the founders of AWS had the hypothesis that many enterprises governments and developers we're gonna want access to on demand pay as you go I. T. Resources in the cloud. Uh None of us would have been able to predict that it would have Matured and um you know become the staple that it has today over the last 15 years. But the reality is that a lot of these enterprise customers, many of whom have been doing their own IT infrastructure for the last 10, 20 or multiple decades do have to kind of figure out how they deal with the change management of moving to the cloud. And while a lot of our customers um will initially come to us because they're looking to save money or costs, almost all of them decided to stay and go big because of the speed at which they are able to innovate on behalf of their customers and when it comes to storage and backup, that just plays right into where they're headed. And there's a variety of different techniques that customers use, whether it be, you know, a lift and shift for a particular set of applications or a data center where they do very much. Look at how can they replace the backup and recovery that they have on premises in the cloud using solutions like, but we're partnering with console to do or completely reimagining their architecture for net new developments that they can really move quickly for their customers. Um and and completely developing something brand new, where it is really a, you know, a brand new replacement and innovation for for for what they've done in the past. >>Great, thank you, Stephen Rachael, I want to ask you about the d were digital. Look, if you're not a digital business today, you're basically out of business. So, my question to you is how have you seen customers change the way they think about data protection during what I call the forced March to digital over the last 18, 19 months or customers, you know, thinking about data protection differently today >>definitely Dave and and thank you for having me and steven. Pleasure to join you on this cube interview first going back to stevens comments can't agree more. Almost every business that we talked with today has a cloud first strategy, a cloud transformation mandate and you know, the reality is back to your digital comment. There are many different paths to the hybrid multi cloud and different customers. You know, there are different parts of the journey. So I still was saying most often customers at least in the data protection perspective start the conversation by thinking here have all these tips. Can I start using cloud as my air gap long term retention target and before they realized they start moving their workloads into the cloud and none of the backup and record yesterday's are going to change. So you need to continue protecting the clothes, which is where the cloud native data protection comes in and then they start innovating around er, can I use cloud as media sites so that you know, I don't need to meet in the other side. So this year is all around us. Cloud transformation is all around us and and the real essence of this partnership between AWS and calm vault is essentially to dr and simplify all the paths to the club regardless of whether you're going to use it as a storage started or you know, your production data center, all your dear disaster recovery site. >>Yeah, it really is about providing that optionality for customers. I talked to a lot of customers and said, hey, our business resilience strategy was really too focused on D. R. I've talked to all the customers at the other end of the spectrum said we don't even have a D. R. Strategy now, we're using the cloud for that. So it's really all over the map and you want that optionality. So steven and then go ahead. >>Please, ransomware plays a big role in many of these considerations that greatly. It's unfortunately not a question of whether you're going to be hit by ransomware, it's almost we can like, what do you do when you're hit by ransomware and the ability to use the clothes scaled immediately, bring up the resources, use the cloud backups has become a very popular choice simply because of the speed with which you can bring the business back to normal our patients. The agility and the power that cloud brings to the table. >>Yeah, ransomware is scary. You don't, you don't even need a high school diploma to be a ransomware ist you can just go on the dark web and by ransomware as a service and do bad things and hopefully you'll end up in jail. Uh Stephen we know about the success of the AWS marketplace, uh you guys are partnering here. I'm interested in how that partnership, you know, kind of where it started and how it's evolving. >>Yeah, happy to highlight on that. So, look when >>we when we started >>Aws or when the founders of aws started aws, as I said 15 years ago we we realized very early on that while we were going to be able to provide a number of tools for customers to have on demand access to compute storage, networking databases that many, particularly enterprise and government government customers still use a wide range of tools and solutions from hundreds, if not in some cases thousands of different partners. I mean I talked to enterprises who literally use thousands of of different vendors to help them deliver their solutions for their customers. So almost 10 years ago, we're almost at our 10 year anniversary for AWS marketplace, we launched the first substantiation of AWS marketplace which allowed builders and customers to find try buy and then deploy third party software solutions running on amazon machine instances also noticed as armies natively right in their AWS and cloud accounts to complement what they were doing in the cloud. And over the last nearly 10 years we've evolved quite a bit to the point where we support software and multiple different packaging types, whether it be amazon machine instances, containers, machine learning models and of course SAS and the rise of software as a service. So customers don't have to manage the software themselves. But we also support data products through the AWS Data exchange and professional services for customers who want to get services to help them integrate the software into their environments. And we now do that across a wide range of procurement options. So what used to be pay as you go amazon machine instances now includes multiple different ways to contract directly, customer can do that directly with the vendor with their channel partner or using kind of our public e commerce capabilities. And we're super excited, um, over the last couple of months we've been partnering with calm vault to get their industry leading backup and recovery solutions listed on AWS marketplace, which is available for our collective customers now. So not only do they have access to convulse awesome solutions to help them protect against ransomware as we talked about and to manage their backup and recovery environments, but they can find and deploy that directly in one click right into their AWS accounts and consolidate their building relationship right on the AWS and voice. And it's been awesome to work with with Rhonda and the product teams and convo to really, um, expose those capabilities where converts using a lot of different AWS services to provide a really great native experience for our collective customers as they migrate to the cloud. >>Yeah, the marketplace has been amazing. We've watched it evolve over the past decade and, and, and it's a, it's a key characteristic of everybody has a cloud today. We're a cloud to butt marketplaces unique uh, in that it's the power of the ecosystem versus the resources of one and Ringo. I wonder from, from your perspective, if you could talk about the partnership with AWS from your view and then specifically you've got some hard news, I wonder if you could talk about that as well. >>Absolute. So the partnership has been extended for more than 12 years. Right. So aws and Commonwealth have been bringing together solutions that help customers solve the data management challenges and everything that we've been doing has been driven by the customer demand that we seek. Right customers are moving their workloads in the cloud. They're finding new ways of deploying their workloads and protecting them. Um, you know, earlier we introduced cloud native integration with the EBS API which has driven almost 70% performance improvements in backup and restores. And when you look at huge customers like coca cola who have standardized on AWS um, combo. That is the scale that they want to operate in. You manage around 1 50,000 snapshots 1200 ec, two instances across six regions. But with just one resource dedicated for the data management strategy. Right? So that's where the real built in integration comes into play and we've been extending it to make use of the cloud efficiencies like our management and auto scale and so on. Another aspect is our commitment to a radically simple customer experience and that's, you know, I'm sure Stephen would agree it's a big month for at AWS as well. That's really together with the customer demand which brought us together to introduce com ball into the AWS marketplace exactly the way Stephen described it. Now the heart announcement is coming back up and recovery is available in native this marketplace. So the exact four steps that Stephen mentioned, find, try buy and deploy everything simplified through the marketplace So that our aws customers can start using far more back of software in less than 20 minutes. A 60 year trial version is included in the product through marketplace and you know, it's a single click buy, we use the cloud formation templates to deploy. So it becomes a super simple approach to protect the AWS workloads and we protect a lot of them. Starting from easy to rds dynamodb document DB um, you know, the containers, the list just keeps going on. So it becomes a very natural extension for our customers to make it super simple to start using convert data protection for the w >>well the con vault stack is very robust. You have extremely mature stack. I want, I'm curious as to how this sort of came about and it had to be customer driven. I'm sure where your customers saying, hey, we're moving to the cloud, we had a lot of workloads in the cloud, we're calm vault customer. That intersection between calm vault and AWS customers. So again, I presume this was customer driven. but maybe you can give us a little insight and add some color to that. >>Everything in this collaboration has been customer driven. We were earlier talking about the multiple paths to chlorine vapor example and still might probably add more color from his own experience at our jones. But I'll bring it to reference Parsons who's a civil engineering leader. They started with the cloud first mandate saying we need to start moving all our backups to the cloud but we have wanted that bad actors might find it easy to go and access the backups edible is um, Conwell came together with the security features and com well brought in its own authorization controls and now we have moved more than 14 petabytes of backup data into the club and it's so robust that not even the backup administrator and go and touch the backups without multiple levels of authorization. Right. So the customer needs, whether it is from a security perspective performance perspective or in this case from a simplicity perspective is really what is driving this. And and the need came exactly like that. There are many customers who have no standardized on it because they want to find everything through the AWS marketplace. They want to use their existing, you know, the AWS contracts and also bring data strategy as part of that so that that's the real um, driver behind this. Um, Stephen and I hope actually announced some of the customers that I actively started using it. You know, many notable customers have been behind this uh, innovation, don't even, I don't know, I wanted to add more to that. >>I would just, I would, I would just add Dave, you know, look if I look back before I joined a W S seven years ago, I was the C I O at dow jones and I was leading a a fairly big cloud migration there over a number of years. And one of the impetus is for us moving to the cloud in the first place was when Hurricane Sandy hit, we had a real disaster recovery scenario in one of our New Jersey data centers um, and we had to act pretty quickly convert was, was part of that solution. And I remember very clearly Even back then, back in 2013, they're being options available to help us accelerate are moved to the cloud and just to reiterate some of the stuff that Rhonda was talking about consoles, done a great job over the last more than a decade, taking features from things like EBS and S three and EC two and some of our networking capabilities and embedding them directly into their services so that customers are able to more quickly move their backup and recovery workloads to the cloud. So each and every one of those features was as a result of, I'm sure combo working backwards from their customer needs just as we do at >>AWS >>and we're super excited to take that to the next level to give customers the option to then also by that right on their AWS invoice on AWS marketplace. >>Yeah, I mean, we're gonna have to leave it there steven, you've mentioned several times the sort of the early days of back then we were talking about gigabytes and terabytes and now we're talking about petabytes and beyond. Guys. Thanks so much. I really appreciate your time and sharing the news with us. >>Dave. Thanks for having us. >>All right. Keep it right there more from combat connections. 21. You're watching the >>cube. Mm hmm.

>>mhm mhm. Mhm Welcome back to convert connections 2021. This is the power panel. My name is Dave vellante joined by Reza more like a body was the ceo of calm vault. Isabel geese is the CMO of calm vault and john Gallagher he leads global enterprise infrastructure at sing Creon. And folks welcome to the cube. Thanks for coming on. >>Thank you. >>Thank you. >>So john we heard you this morning. You know, great job you guys are in the industrial logistics business. So supply chains at all a hot topic today. It's got to be challenging. Maybe you could talk about what you're seeing there, but specifically how are you thinking about data management in the context of your overall IT strategy. >>Okay, thank you. So in terms of data management, Synchrotron has 100 sites globally. So if we were to rewind by say 10 years we had data residing a lot out of those remote sites. Uh so over the last few years were basically consolidated a lot of that data and also centralist. So we've brought that into our data centers that we now have, which is a very, very centralist model. So that, that makes it a lot easier to understand where all of that data resides. >>So in the decision pie, as it relates to data, it sounds like cost efficiency is pretty, pretty ranks pretty highly. How does that impact your data management strategy and approach? I mean, is is that like the number one consideration? Is that one of many factors. How should we think about that? >>I would say cost is one of many factors. So obviously cost is key, but you don't want to introduce unnecessary risks. So you've got to keep costs at the forefront. But that's just one of the factors. Obviously data protection is one of the factors ensuring that data is protected and safe. And also understanding, is that exactly where that data resides, making sure that data is encrypted. So I would say that cost is just one of the factors. >>So Isabel good to see you again. I wonder if you could talk about how you're seeing your customers and what they're thinking about, how they're thinking differently about data management today, Are they changing the way they manage data giving given the escalation of ransomware that comprise the called the forced march to digital over the last 18, 19 months, but you've got new threats, new business dynamics, how is that affecting organizations? >>It does, it does affect them a lot. It's um we see a lot more. Actually, I asked a lot of virtual coffee talks with our customers so they can share best practices and a lot of C IOS network ending end with sizzles and they have a readiness plan because they know the question is not if they're going to have an attack, but when and how to recover from it is critical. So all the security team is really looking at the prevention but they know that if they can't stop it all, then they have a plan of end of to the data team for recovery. I see a lot more thoughtfulness because not all data is created equal. So which one is in the cloud and you can recover which one you need fast for minimum business was sorry, minimum business disruption and you keep on prime and which one you cannot lose and you have a go. So we see a lot more planning, a lot more collaboration across all verticals. We have also new services that help customers before the attacks to design and plan and also helping them post attack to recover so very much and to end and as we've seen the king out right now it's all about the people enabling them to do the business while you're risking the business too. So >>All right, thank you for that. So Reza and the fact that your Ceo is C I O. Uh so you must have some interesting conversations there but and you can be a sort of tap Sanjay's brain, how did you handle this kind of thing? And and uh that's a nice collaboration I bet. But what advice can you give to other, see IOS or grappling with cyber threats, data volumes and just the ongoing pressure to do more with less that never changes does it? >>It doesn't. And you're absolutely right. And I obviously as part of my job attracted benchmarks about budgets and everything else that before the pandemic used to track about like 3% growth year over year which is a hard to kind of do a whole lot with them. Um What what I can tell you is not for C I O not two areas the areas of investments are not created equal and from my perspective the biggest areas of investment for somebody like me in my position should be data and protecting the data. So that means that you have to find ways of on the budget side, find ways of shifting money whether you reallocate resources, whether you reform or a really organized differently, automate simplified etcetera. My background is operation so when you talk about people process technology outside of things, I leave the technology to the people that are really good at it and I focus on people and process side and for me that's about again efficiencies and finding ways that you can reorganize, you probably have the people that do the work that you want them to do and you just have to think about reorganizing them differently. And the last thing I said is prioritize prioritize initiatives across the board and it is like partner in crime in these things and we don't always say yes to her and what she wants because we need to be transparent so where we put our money >>so rest, I want to stay with you for me, I want to talk about data sprawl was interesting john during your session this morning I was sort of laying down some of my thoughts because I I feel like data sprawl, it's like social change. You can't fight it. You can maybe, you know for a period of time control it. But data is is out of control. So how do you address data sprawl in an organization? Both from a management perspective there's obviously risk. Somebody said this morning we used to keep, I think it was the C. I. A. In New Jersey. We used to keep everything forever. But that's risky. So how do you deal with that result from an organizational and management perspective? >>Yeah. You again, I'm gonna have to agree with you. As as I said in in a morning session, I like it's a natural phenomenon for a company to go through it. I've seen it in companies that are 150% people and I've seen it in companies that have tens of thousands of people. It's like a foundation onto what what entropy is in thermodynamics. It's the natural order of events. If you don't apply structure, organization data is going to go haywire and everything else. The only way. The best way that I know when the pendulum is here and everybody is doing the wrong thing is to push the pedal on the other side at least for a while to centralize, pick a few of your brightest people that know the data in and out, put them in a team and say you're responsible for making sense out of these things. Identify sources of truth for us and architect them differently. But but start with executive level metrics and board level metrics and push them down. >>So I see. I I agree with that with that. I think the people who have the data context are in the best position to add value as to whether it's data quality and how to get the most out of that data. But the problem is uh john I'd love to pick your brain on this. Especially your urine mia. You got all these different regulations and data silos, which I believe are a byproduct of how we organize. Uh, but but anyway, you have a lot of the considerations to deal with whether it's G. D. P. R. Or or or or data sovereignty etcetera. How do you approach that? >>So one of the first approaches we took when we moved over to con vault with our data protection was to reduce the number of products we used for the data protection. So we had six products through various acquisitions that we, we've done over the last 10-15 years. We've now reduced that six products down to one single product. So it means that all of your data is managed through a sort of single pane, which definitely gives you a much better insight. And also just going back to the costs that you mentioned in the previous question. Obviously going down from six products to one product, we managed to strip around $500,000 out of our costs over three years. We also moved data like I said into the center and allowed us to also concentrate the teams. So also the teams became more efficient because less people were dealing with that data as well. But yes you are right around GDP are there is definitely compliance to be considered and you just have to make sure you're up to date on all of those compliance regulations. >>So it's interesting resident here you talk about you know Isabelle, she's got needs but I would say Isabel that you probably know in your team, you know the marketing data better than anybody but there's got to be Federated governance, you've got to enforce policy in this data sprawl world. So anyway this is sort of a side but Sanjay Isabelle talk today about as a service growing like crazy and given your background I wonder if you can share any insights about how and why you think customers are going to be looking towards SAs I mean the whole world is becoming SAs ified you had some data on that this morning from, from Gardner. What are your thoughts? >>Yeah, no, absolutely, you're right experience this percent coming from cell phones and yes angie mentioned in the keynote by I think 2025 85% of business will be delivered through SAAS apps and that's very simple look at the world today the market dynamics of business changes. You mentioned the supply chain is you were talking you know all the line of business people of the business executives have to change fast. And the fastest way to do that is SAS because it has speed agility and you get the value faster problem being then it becomes very complex or I. T. Because you have workloads in multiple clouds on premise multiple apps and and what convo stands for and what everybody should look at is being able to enable all this innovation but at the same time removing the complexity for I. T. To protect this data to recover it and that's really where you know we're focusing our attention that is unavoidable. It's all about business and gT but it doesn't mean that you should compromise on data management. Yeah. >>Yeah I think you know we gotta we have to wrap here but I think the model, you know again it's about you coming from salesforce, we've contextualized our operational systems. You know, whether it's you know the sales cloud, the logistics, cloud, it's the lines of business actually have a good handle on this. And where I see the role of calm vault is that that notion of Federated governance, you've got to have centralized policy but you've got to programmatically and automate that out to the lines of business and I think that is kind of where the where the future is headed. Uh And I think that's really kind of controlled strategy. I'm hearing a lot on automation cloud like services and pushing that out. Um And so I see a new era in data coming and you guys talked a lot about this but but Isabelle will give you the last word. Put a put a bumper sticker on the on the panel for us. >>Well absolutely. I mean you said it's not left for no workload, sorry, it should be left behind and that's why you know you need a single architecture. I think businesses is changing fast and it's exciting. Uh And as long as you know you got a great I. T. Team with a great plan to have your back as a business leader. Every company should really embrace um all the change and innovation. So thank you day for for giving me the last world >>go. Thank you guys. I really appreciate you coming on the cube has been a fun day. We got more here that convulsed connections, keep it right there. We're gonna come back right after this short break my nose and I are going to wrap up and summarize the day. Yeah

(upbeat music) >> Welcome to Commvault Connections. My name is Dave Vellante, and we're going to dig into the changing security landscape and look specifically at ransomware and what steps organizations can take to better protect their data, their applications and their people. As you know cyber threats continue to escalate. In the past 19 months, we've seen a major shift in CISO strategies, tactics and actions as a direct result of the trend toward remote work, greater use of the cloud and the increased sophistication of cyber criminals. In particular, we've seen a much more capable well-funded and motivated adversary than we've ever seen before, stealthy techniques like living off the land, island hopping through the digital supply chain, self-forming malware and escalations in ransomware attacks, necessitate vigilant responses. And we're super pleased today to be joined by Dave Martin who's a global chief security officer at ADP. Dave, welcome, good to see you. >> Thanks for having me today. >> It's our pleasure. Okay, let's get right into it, it's a great topic. I mean, ADP, we're talking about people's money. I mean, it doesn't get more personal and sensitive than that, maybe healthcare, but money is right there on the priority list. But maybe you could start by telling us a bit about your role at the company, how you fit into the organization with your colleagues, like the the CIO, the CDO, maybe describe that a bit if you would. >> Yeah, absolutely. So we're somewhat unusual and both structure and we, one of the ways is we are, I have a very converged organization. So my responsibility extends from both the physical protection of kind of buildings, our associates, travel safety through fraud that we see in attempted in our products all the way through to a more traditional chief security officer in the cyberspace. And the other thing that's a little bit unusual is rather than reporting into a technology organization. I actually report into our chief administrative officer. So my peers in that organization are legal compliance. So it's a great position to be in the organization. And I've had various different reports during my career. And there's always a lot of debate with my peers about where's the best place to report and I think they always come back to, it's not really where you report, it's about those relationships that you mentioned. So how do you actually collaborate and work with the chief data officer, the CIO, the head of product, the product organization, and how do you use that to create this kind of very dynamic angel force to defend against the threats we face today? >> Yeah, now, so let's just want to clarify for the audience. So when you talk about that converged structure, oftentimes if I understand what your point is that the network team might be responsible for some of the physical security or the network security, that's all under sort of one roof in your organization, is that correct? >> So a lot of the controls and operations, something like firewalls is out in the CIO organization, but the core responsibility and accountability, whether it's protecting the buildings, the data centers, the data in our applications, the kind of the back office of all the services that we use to deliver value to our clients and kind of the same things that everyone has, the ERP environments now, all of that, protecting those environments rolls up to my team from an accountability and governance business. >> Got it, so, I mean, as I was saying upfront, I mean the acceleration, we all talk about that acceleration that compression, the force marched to digital that SolarWinds hack. It was like a Stuxnet moment to me 'cause it's signaled almost this new level of escalation by cyber criminals and that had send a shockwave through your community, I wonder you could, if you could talk about at a high level, how did that impact the way that CISOs think about cyber attacks or did it? >> I think we're very used to watching the outside world kind of adversaries don't stand still our businesses don't stand still, so we're constantly having to evolve. So it's just another call to action. How do we think about what we just saw and then how do we kind of realign the controls that we have and then how do we think about our program going forward that we need to address? >> Yeah, so we've seen, when we talk to other CISOs, your colleagues, they tell us, we've made a big sort of budget allocation toward endpoint security, cloud, identity access management and obviously focus on a flatter network. And of course, ransomware, how have you shifted priorities as a result of sort of the last, the pandemic 19 months? >> Yeah, we're definitely seeing that shift in kind of the necessity of working from home and we are kind of thinking by what tools do we need to get to our associates to really make them successful. And then also keep the integrity of our data and the availability of our services in that new model. And so we've made that shift in technology and controls, reinforced a lot of things that we already had. One thing thinking about the supply chain change that we saw out of SolarWinds is thinking about ransomware defense prior to that was very much around aligning the defenses within the perimeter of your network within the cloud environments. And I really thinking about where do I outside that environment where do I exchange files from, what connectivity do I have with partners and suppliers? What services do they provide to support us as an enterprise? And what's going to happen if they're not there at a minimum but then what happens if they had some kind of attack that can actually drive some of this malware and spread into the network or via some of those file transfer, make sure we'd really sure shored up the controls in that area but the response is actually part of that. How am I going to react when I hear from even a client, we're a very customer service focused company, we want to do whatever we can to help. And the instinct of one of our frontline associates say, Hey, send me that Excel file, I'll take care of it. So now yet we still want to help that client through, but we want to think through a little bit more before we start sharing an office file back and forth between two environments, one of which we know to be confident. >> Right, that's interesting what you're saying about the change in just focus on the perimeter to the threats within, without et cetera, because you don't even need a high school degree or diploma to be a ransomware attacker these days, you could go on the dark web. And if you're a bad, bad person, you can hire ransomware as a service. If you have access to a server credentials, you can do bad things and hopefully you'll end up in handcuffs, but that's a legitimate threat today, which is relatively new in the way in which people are escalating, whether it's crypto ransoms, et cetera, really do necessitate new thinking around or ransomware. So I wonder if you could talk a little bit more about the layered approach that you might take, the air gapping, be interested to understand where Commvault fits in to the portfolio, if you will. >> Sure and really it's thinking about this in depth. You're not going to be able to protect or recover everything so really understand, first of all, that if what is most important to be able to maintain service, what data do you do you need to protect and have available, armed with that now you can go through the rest of the NIST Cybersecurity Framework, the main thing you're doing the best for prevention, for the detection and response in that area. And then you kind of really interesting when we get to the recovery phase, both from a Commvault perspective and in many attacks where we really want to focus on prevention, but ultimately we'll likely to see a scenario even in some small part of our environment, where some kind of attack is effective and now we're back at that recovery step. And we don't want that to be the first time we're testing those backgrounds, we don't want to be the first time that we figured out that those backups have been on the network the whole time, and they can't be used for recovery. So partnering with everyone in the environment we talk about it takes a village to defend against this kind of threat, getting everyone engaged, the experts in each of these fields to make sure that we're thinking they understand this threat and how real it is and what their role is going to be in setting up that protection and defense, and then come that dark day that we all hope will never happen, when do you need them? When do you need them to be doing so that you can get back to a restoration and effective operation point as soon as possible. >> Yeah, hope for the best plan for the worst. So it's a big part of that is education. And of course the backup corpus is an obvious target because everything's in there. But before we get into sort of the best practice around that, I wanted to ask you about your response because one of the things that we've seen is that response is increasingly have to be stealthy so that you don't necessarily alert the attackers that you know that they're inside. Is that sort of a new trend and how do you approach that? >> Yeah, I mean, it's always a balance depending on the type of data and the type of attack as to kind of how can violent and swift. And obviously you have to be able to protect the environment, protect the integrity of the data, and then also balance again this kind of tipping off the attacker which could potentially make things worse. So always a conversation depending on the different threat type, you're going to have to go through. And it really helps to have some of those conversations up front, to have tabletops, not just at a technical level, to make sure that you're walking through the steps of a response to make it as seamless and quick and effective as possible, but also having that conversation with leadership team and even the board around the kind of decisions they're going to have to make and make sure that you wherever possible use scenarios to figure out what are some of those actions that are likely to be taken and also empower some teams. It's really important to be able to act autonomously and quickly, you don't want to be at 2:00 AM kind of looking for the CEO or kind of the executive team to get them out there to make a decision. Some of these decisions need to be made very quickly and very effectively, and you can only do that with empowered upfront and sometimes even automated processes to do them. >> Dave, describe what you mean by tabletops. I presume you're talking to a top-down view versus sort of being in the weeds but add some color to that please. >> Yeah, definitely it literally is kind of getting everyone around the table and at ADP at least once per year, we actually get the full executive team together and challenge them with a scenario, making sure that they're working through the problem. They know what each of their roles are at the table. And I am lucky to have a fantastic leadership team. We're actually very practiced. We've done this often enough now that they really pull apart really hard problems and think about what that decision is going to mean to me, so come that dark day, if it ever does, they're not kind of challenged by the never thought, they don't know, they've understand the technical background of why being asked to make the decision or the limitations of what their responses may be. >> So a lot of people and process goes into this always the case, but let's talk a little bit about the tech, I mentioned the backup Corpus is an obvious target before, what are some of the best tech practices in terms of protecting, whether it's that backup corpus, other data, air gaps, maybe you could give us some guidance on that front. >> Sure, we're not going to be able to protect everything. So focus on those favorite children is the best advice up front to think about the the critical components that enable you to bring things up, easy to go focus on that critical data and that most important app that everyone in the company understands. But all of that and cannot even start if you don't have the foundation, the network's not up and running, the authentication services is not up and running. So it's good to get a focus in some elements and practice on technical tabletop setting of how do you go through recovering an active directory forest back to a known, trusted state? Because that's one of the foundations you're going to need to build anything else back up on. On the backup side is make sure that you don't use the same credentials that your backup administrators use everyday, ensure there's only the smallest number of people have access to be able to control the backpacks, if at all possible and Commvault and many backup solutions, now make sure they're using a second-factor authentication to be able to get into those systems, and also make sure that some of the backups that you have are kind of offline, air gaps can be touched. And then also you think about the duration. You talked about the attackers being very smart and determine, they know how enterprises prepare and respond. So think about how long you're retaining them and where you're retaining some of the backups, not just incremental as to be able to fully restore a system, basically from bare metal or from that climate. >> And you're using Commvault software to manage some of this capability, is that right? I'm sure you have a bevy of tooling. >> Yeah, we have a wide range of tooling but yeah we are a certainly a combo farmer, >> And somebody said, a consultant said to me today Dave, I'm thinking about advising my clients that their air gap process should be air gapped. In other words, they should have sort of a separate remote removed from the mainstream process just for extra protection and I was like, okay, that's kind of interesting, but at the same time then do they have the knowledge to get back to a low RPO state? What do you think about about that approach? >> So the challenges of any kind of recovery and control design is like making sure that you're not making things overly complex and introducing other issues and also other exposures, if you're moving out of your normal control environment, that you have a 24 by 7, 365 set of monitoring, the more creative you get your plans are in danger of kind of having control erosion and visibility to that other state. But it is really important to think about, even at the communication level is in this kind of attack, you may not be able to rely on email, kind of Teams, all the common services that you have. So how are you actually going to communicate with this village it's going to take to recover, to be able to work through the process. So that's definitely an area that I would advocate for having offline capabilities to be able to have people react, gather, respond, plan and control the recovery even though the main enterprise may not be currently. >> I wonder if I could pick your brain on another topic, which is zero trust prior to the pandemic. A lot of times people would roll their eyes like it's a buzzword but it's kind of become a mandate where people are now talking about eliminating credentials to talking about converging identity access management, and governance and privilege access management. I mean, what are those some of the sea changes you see around so-called zero trust. >> Yeah, I think kind of zero trust has become that kind of call-to-action buzzword. These concepts that are embodied in zero trust journey are ones that have been around for forever and least privilege and it's how we think about you can't go buy a product that I like I'm just implemented zero trust. How do you think strategically about where you take your starting point and then go on this journey to kind of increase the various tools that start to limit, improve the segmentation not only from a network standpoint, from a service standpoint, from an identity standpoint and make sure you're embracing concepts like persona so that you start to break up the, may not get to zero trust anytime soon, but you're able to get less and less trust in that model. And to think about it in many different worlds, think about your product access. If you're a service provider company like we are, as well as kind of the internal employee context. So there is many elements, it's a complex journey. It's not something you're going to buy off the shelf and go implement but it's one that you're going to have to again partner with those other stakeholders that you have because there's user experience and client experience components of this journey, some of which are actually quite positive. You mentioned passwordless as one of those components in the gym certainly something that actually has a better user experience and also can offer a better security and freedom from the traditional passwords that you've come to love to hate. >> Dave, I know you're tight on time. I got two more questions for you. One is what is the CISO's number one challenge. >> Wow, that's getting enough sleep, now, really is, just staying hard with that business environment, that threat environment and the available tool sets and making sure that we're constantly working with those partners that we keep describing to chat that course to the future so that we're, this is a race that doesn't have a finish line. The marathon gets a little bit longer every year and bringing my peers on and making them understand that it's easy to get fatigued and say, ah, we thought we were done when we when we finished this initiative. It's just keeping everyone's energy up and focus on a very long mode. >> One A in that question if I may is many organizations lack the talent to be able to do that. You may not, you may have a firmer, but the industry as a whole really lacks the skills and the talent, and really, that's why they're looking to automation. How acute do you see that talent shortage? >> It's definitely there. And I think it's important to realize the back to that village concept, everybody has a play here. So what is a smaller available talent born in the security industry is we've really got to be that call-to-action, we've got to explain why this is important. We've got to be the consultants that kind of lead through what changes are we going to need to make to be successful? It's tempting to say, oh, they'll never do that. They're like, we've got to do it ourselves. We will never be successful. And just being the security team that tries to do everything, it's bringing everyone along for the journey. And part of that is just going to be this constant socialization and education of what they need to do and why it's so important. And then you really will build a great partnership. >> My last question, I was kind of been keeping a list of Dave's best practice. I saw obviously the layered approach, you want to get to that NIST framework. There's a lot of education involved. You've got to partner with your colleagues, the tabletops, executive visibility. So everybody knows what their role is, kind of the do your job, you've got to build zero trust. You can't just buy zero trust off the shelf and so that was my kind of quick list. Am I missing anything? >> I think that's pretty good. And then just in that partnership this is a tiring kind of hard thing to do and kind of just bringing everyone along, they can help you do so much, especially if you explained to them how it's going to make that product better, how it's going to make that client experience better, how it's going to make the CIO, the internal associate experience better, that this isn't just about adding friction into an already challenging environment. >> Like frontline healthcare workers, the SecOps pros are heroes day-to-day, you don't necessarily hear a lot about the work they're doing but Dave we really appreciate you coming on and sharing some of the best practices. And thank you for the great work that you guys are doing out there and best of luck. >> Thanks for the exchange, it has been a pleasure. >> All right, and thank you for watching everybody. This is Dave Vellante for theCUBE, keep it right there. (upbeat music)

>>Mhm. Mhm. Mhm. >>We're back with the notion there to wrap up conv all connections. 2021 the virtual edition. Okay, let's do this. You ready? >>Absolutely. >>All right. I'll get a starting .1. Data. You ain't seen nothing yet. You just wait. We're gonna look back on the big data era of the 20 tens and joke about how trivial was compared to the next 10 years. You know, what are your thoughts on data value and data exposures? >>The data has never been more valuable. Right? The new oil your most critical asset and neither has it been more vulnerable. So you kind of get these two things value increasing. Obviously it becomes more attractive to the to the bad actors and that's the era that we're living in and really, you know what organizations are needed. You know, you kind of think about business resilience and all that. You need the ability to as someone said the anti fragile right? Keep testing it. See, you know, if if your data defenses are now ready to a point where your data is not a liability, but you can make it something that becomes a business advantage. So kind of that business resilience gap that we've been talking about. The business integrity gap uh is really you know what we had focused on. So our customers can really start just taking advantage of the value equation of the data. >>And I think you know, I'm gonna I'm gonna push my community here a little bit and I'm gonna I think we need a new new metaphor because you know why? Because data minnows it's actually more valuable than oil it's not scarce like oil we're never gonna run out of data. So I'm trying to come up with a new a new one but we'll work on that. The cloud. The 2nd point is the cloud is expanding. It's moving to the data center. We got hybrid connections were going across clouds, we got edge nodes, we got new workloads, real time streaming and ai influencing microservices and containers and Ai and all this R. P. A. And hyper automation. All the crazy buzzwords that combined your digital business stack. But the point is data is not only exploding, it's exploding everywhere. You know it's not just in one place anymore. >>Absolutely. And that's that's you know part of the challenge here that our customers space you know unless you know you're a company that was born yesterday you have applications everywhere. Your your pace is different, every customer's journey and the transformation is different. So you might take different directions, different ways. What do you do you have some sass applications you might start there or you start with some public cloud. Maybe you start using some stories in public cloud. So as you transform and as you are now creating more sprawl and that sprawl as we talked about before this is like swiss cheese you got lights that you know people can take advantage of. On the other hand because of that lack of a single unified data services platform. What you lose is the ability to take advantage of all your data, your application, mobility and people die. Let's take the example of containers and kubernetes. What is the point of having you know transportation and ability to move these containers to any cloud if your data is not available in all those clocks. What's the strategy for that? So the problems are also changing their more business centric than just that, you know, what I call the active data management era is really upon us and that's really what's gonna help take it full advantage of all of the other technologies around us. Ai microservices edge, you know, IOT you need to make sure you have a unified data services and intelligent data services platform. >>So what I see is is calm vault is essentially building that that data protection cloud or you might want to call it the data management cloud that starts to get into database and some other areas but but the concept of an abstraction layer that hides that underlying complexity of all the clouds and allows you to protect your data irrespective of location. That's to me that's how you get control of your data which is kind of point number three. And we heard Sandy this morning talking about embrace, manage and protect your data properly. It can be the defining disruptive difference for an organization, which I agree. However, I want to play devil's advocate in the sense that I think the only way you can get control of your data is do you have to embrace that sprawl in that complexity and admit you're not gonna shove it all into a single monolithic source of truth that those days are over. You have to you have to realize that the world is decentralized, It's coming it's here. So we have to implement automation and software to Federated governance and policy and security and privacy and data protection across that abstraction layer that I just just describe someone. Let's talk about that. What are your thoughts? >>Yeah. And I said that earlier too and Sonya is absolutely right. You have to embrace that. You figure out how to make it a competitive advantage. No workload left behind Commonwealth customers are able to protect everything from S 400 to dynamics 3 65 in the cloud and everything in between. Right. So microservices app multi cloud today we're top solution provider for the top clouds. We talked to Microsoft order today, AWS DCP we are driving exabytes of data and protecting exabytes of data. That is our strategic advantage. As you said, you cannot leave you know, strategies behind and say you know what that workload. Not interesting anymore with your data is in there. So that that is the approach that comprehensive platform and then I'm built on that. You start seeing protection grade, not data security, how to use tackle that intelligence from data insights from data compliance challenges my e discovery challenges. So being able to tackle those things ecosystem very key. How do I build on top of this intelligence, data services platform and ecosystem to take advantage of my data. These are all the layers that we believe. You know, it's very differentiated compared to anyone else out there. We're not forcing anyone into a single architecture and saying this is the best because you know what you have learned from 25 years, there's no such thing as one single best architecture. >>Oh, I asked 401 of the most innovative systems in the day. >>Uh but at the >>point of we talked about all the sprawl, this makes ransomware more difficult because an insidious because of the expanding supply chain, the ecosystem, the threat surface. And really the sophistication of the adversary, we've kind of talked about that and and and really new techniques are the Attackers are going mainstream. So but you know, I want to give you the last word here, I want to address two things if you would. Security. Like what's the big news there? Why the big deal and why con vault bring us home with the big picture of your differentiators? >>Absolutely. So you mentioned ransomware? Bad guys always looking to find those exit drawers and break it, Break it down security. I q we're proud to launch this today. It's kind of brings together the culmination of a lot of security that we have done allows customers to be proactive in terms of, you know, we've brought in Gamification into that security i aspect like make it easy and almost make it fun to make sure you're plugging all the holes so that your last mile of defense is secure, then you figure out how you can become more proactive. I have data intelligence that the security tools don't when the bad guys start sniffing around the data or anomaly detection and machine learning the ability to bring that intelligence a highly, you know, relevant signal into the security tools, building that bridge. And lastly, what happens when the, you know, worst case scenario happens almost like a rewind button to go back on your data. Look this is where malware came in and now you're able to just go back and delete that. So that's security, I. Q. Amazing. Or you know, customers are going to try it out and the live hands on lab that's happening and you know, there are feedback has been, this is just brilliant, they love it. So, one more, you know, innovation, we keep doing this, we go we're setting the bar a year ago, we launched them CSS, you know, air gap copy in the cloud, you know, a few weeks ago now we're saying, oh we can also do it right, well we have now innovative to the next level that's combo, you know, bringing it on why combo, 25 years of innovation, you know, it is just amazing how the company had the vision to build a distributed architecture. You talked about a distributed world are beauties, we're not forcing preference customers might have self managed applications that they want, you know, to be used software, they might have the need in some locations to have everything integrated with an appliance, you know, new workloads in the cloud. Let me see if I can start shifting to the data management as a service, which is really the next wave in the industry. And then finally, you know, what about that whole distribution that's happening again. So people will be, you know, we have that unique ability to build a platform. We have amazing ecosystem partners and the biggest companies in the world. Trust us as you heard, you know, throughout the show. So that's what's comin, you know, sustain technology differentiation to make our customers really realize their vision of, you know, leveraging their data as an asset. >>Nice job knows, I love it. Okay, that's a wrap from convoked connections 2021 this is dave vellante from an ocean air and the entire conv all team and the cube team encouraging to come back and check out the on demand videos for anything that you miss tell a friend, let us know what you think for everyone here at convoked connections. 21. Thanks for watching and we'll see you next time. Yeah. >>Mhm Yeah

(lighthearted music) >> We're here now with Manoj Nair, who's the general manager of Metallic and Dave Totten CTO with Microsoft. And we're going to talk about some of the announcements that we heard earlier today and what Metallic and Microsoft are doing to meet customer needs around cyber threats and ensuring secure cloud data management. Gentlemen, welcome to theCUBE. Good to see you. >> Thanks Dave. >> Thank you. >> Hey Manoj, let me start with you. We heard early this morning, Dave Totten was here, David Noe, talk a lot about security. Has the conversation changed, how has it changed when you talk to customers, Manoj? What's top of mind. >> Yeah, thank you, Dave. And thank you, Dave Totten. You know, great conversation earlier. Dave, you and I have talked about this in the past, right? Security long a big passion of mine. You know, having lived through nation state attacks in the past and all that. We're seeing those kinds of techniques really just getting mainstream, right? Ransomware has become a mainstream problem in the scourge in our lives. Now, when you look at it from a lens of data and data management, data protection, backup, all of this was very much a passive you know, compliance centric use case. It was pretty static you know, put it in tapes, haul it all over. And what has really changed with this ransomware and cybercrime change rate is data, which is now your most precious asset, is under attack. So now you see security teams, just like you talked with Dave Martin, from ADP earlier, they are looking for that bridge between SecurityOps and ITOps. That data management solution needs to do more. It needs to be part of an active conversation, you know? Not just, you know, recovery readiness. Can you ensure that, are you testing that, is it recoverable? That is your last mile of defense. So then you get questions like that from security teams. You get you know, the need for doing more, signals. Can I get better signals from my data management stack to tell me I might be under attack? So what we're seeing in the conversation is the need to have more active conversations around data management and the bridge between ITOps and SecurityOps is really becoming paramount for our customers. >> Yeah, Dave Totten I mean, I often say that I think data protection used to be this bolt on. Now it's a fundamental component of the digital business stack. Anything you would add to what Manoj just said. >> Yeah, I would just say exactly that. Data is an asset, right? We talked about it a lot about the competitive advantage that customers are now realizing that no longer is IT considered sort of this cost center element. We need to be able to leverage our interactions with customers, with partners, with supply chains, with manufacturers, we need to be able to leverage that to sort of create differentiation and competitive advantage in the marketplace. And so if you think about it, as that way as the fuel for economic profitability and business growth, you would do everything in your power to secure it, to support it, to make sure you had access to it, to make sure that you didn't have you know, bad intent users accessing it. And I think we're seeing that shift with customers as they think more about how to be more efficient with their investments in information technology and then how just to make sure that they protect the lifeblood of their businesses. >> Yeah, and that just makes it harder because the adversary is very capable. They're coming in through the digital supply chain. So it's complicated. And so Dave and maybe Manoj, you can comment as well after, Microsoft and Commvault, you guys have been working together for decades and so you've seen a lot of the changes, a lot of the waves. So I'm curious as to how the partnership has evolved. You've got a recent strategic announcement around Azure with Metallic. Dave, take us through that. >> Yeah, I mean you know, Commvault and Microsoft aren't newlyweds, we've been together now for 25 plus years. We send each other anniversary gifts, all that good stuff. And you know, listen, there's a couple things that are key to our relationship. One, we started believing in each other's engineering organizations, right? We hire the best, we train and retain the best. And we both put a lot of investment behind our infrastructure and the ability to work together to really innovate at real time, rapid speeds. Two, we use Commvault products so you know, there's no greater I think, advantage that if a major supplier or platform partner like Microsoft uses your products. We've used it for years in our Xbox group to support and store the data for a hundred million XBox live users. And we're very avid with it with our data centers, our access to Azure data centers, our Microsoft office products. And so we use Commvault services as well. And through that mutual relationship you know, obviously Commvault has seen the ins and outs of what's great about our services and where we're continuing to build and invest. And so they've been able to really you know, dedicate a team of engineers and architects to support all that Azure as a platform, as a service can provide. And then how to take the best of those features and build it into their own first party products. I think when you get close enough to somebody for so many years right, 25 plus years, you figure out what they're great at and you learn to take those advantages like Commvault has with Microsoft and Azure and use it to your advantage, right? To build the best in class product that Metallic actually is. And you're right, the announcement this week it feels culminating, it feels like it's a major milestone in first off, industry innovation but also in our relationship. But it's really not that big of a step change from what we've been doing and building and innovating on for the past you know, 25 years. >> Yeah so Manoj, that's got to be music to your ears. Because you come at it with this rich data protection stack, Microsoft there's so many capabilities. One of the courses, which is Azure. It's like the secret weapon, it's become the secret weapon. How do you think about that relationship, Manoj? >> Absolutely Dave said it right. We are strong partners, 25 years, founding in Western Commvault, mutual customers, partnership. You know, really when you look at it from a customer lens, what our customers have appreciated, over the last year of that strengthening of that partnership basically the two pillars of Commvault the leader of data protection, or you know, for the last 25 years, 10 out of 10 in the Gartner MQ comes together with Azure, the enterprise secure cloud leader in creating Metallic. Metallic, now with 1,000 plus customers around the world, there's a reason they trust it. It's now become part of how they protect their Office 365. No workload left behind, which is very unique, you know? So what we have architected together and now we're taking it to the next phase, our joint partners, right? Our joint customers, that those are some of the things that are really changing in terms of how we're accelerating the partnership. >> Manoj, you and I have talked about ransomware a lot, we did a special segment a while back on that. The adversary is very capable. And you know, I put in the chat this morning, at Commvault Connections, you don't even need a high school diploma to be a ransomwarist. You can go on the dark web, you can buy ransomware as a service. All you need is access to a server and you can stick you know, some malware on it. So you know, it's very, very dangerous times. What is it about data management as a service that makes it a good fit right now from a customer perspective to solve this problem? >> Absolutely. Bad guys, real life, or in the cyber world, they have some techniques. First thing they do in a ransomware is you go after the exits. What are the exit doors? Now you back up data, they know that that backup data can be used to recover. So they go and try to defeat the backup products in that environment. That's number one game that changes with data management as a service. Your data management data protection environment is not inside your environment. Chances to do two simultaneous penetrations to try and anything is possible. But now you've got an additional layer of recovery readiness because that control plane secured on top of Microsoft, Azure, 3,500 security professionals, FedRAMP high standard only data management and service entity to get it. As one of our customers said, "A unicorn in the wild", that is what you have as your data management environment. So if something bad happens, worst case, this environment is ready. Our enterprise customers are starting to understand that this is becoming a big reason to shift to this model. You know, then it's okay if you're not ready to shift the entire model, you're given the easy button of just air gapping of your data. So if you're an existing Commvault customer, appliance, software, anything, secure air gap Metallic cloud storage on hardened Azure Blob protected jointly by us, start there. And finally things like active directory. Talk about shutting the exit path, right? Take that down, your entire environment is not accessible. We make it easy for you to recover that. And because of our partnership, we're able to get it for free to every one of our customers. Go protect your active directory environment using (speaks faintly) kind of three big reasons that we're seeing that entire conversation shift in the minds of our customers. >> Yeah, thank you for that. That's a no brainer. Dave, how do Metallic and Microsoft fit together? Where's the you know, kind of value chain if you will, when it comes to dealing with cyber protection or ransomware recovery, how are your customers thinking about that? >> Yeah well, first it's a shared responsibility model, right? When you've got the best in class platform like Azure with built in protections, scalable data centers all over the global footprint. But then also we spend 10 plus billion dollars a year in security and defense and our own data center environments, right? And so I always find it inspiring when companies believe that their investments in security and platform protection is going to do the job. That's true, that used to be true. Now with Azure, you can take advantage of this global scale and secure you know, footprint of investment that a company like Microsoft has done to really set your heart at ease. Now, what do you do with your actual applications and who has access to it, and how do you actually integrate like Manoj was talking about down to the individual or the individual account that's trying to get access to your environment? Well, that's where Commvault comes in at that point of attack or at that point of an actual data element. So if you've got that environment within Commvault system backed by the umbrella of the Azure security infrastructure, that's how the two sort of compliment each other. And again, it's about shared responsibility, right? We want every customer that leverages Azure to make sure that they know it's secure, it's protected. We've got a mechanism to protect your best interests. Commvault has that exact same mission statement, right? To make sure that every single element that comes into contact with their products is protected, is secure, is trustworthy. You know, I got a long lesson, long, long time ago, early in my career that says you can goof up a product feature, you can goof up the color scheme on a website but if you lose a customer's data or somebody trust, you never get it back. And so we don't take our relationships with customers very lightly. And I think our committed and joint responsibility to delight and support our customers is what has led to this partnership being so successful over the past couple of decades. >> Great, thank you, Dave. And so Manoj, I was saying earlier that data protection has become a fundamental component of your digital business stack. So that sounds good but what should customers be doing to make data protection and data management, a business value driver versus just a liability or exposure or cost factor that has to be managed? What do you think about that? >> No, and then David added earlier, right? It's no longer a liability. In fact it is you know, someone said data is the new oil, right? It is your crown jewels. You got to to start with thinking about an active data protection strategy, not you know, thinking about passive tools and looking at it in terms of a compliance or I need to keep the data around. So that's the number one part is like, how do I have something that protects all my workloads and everyone has a different pace of transformation. So unless you know, you're a company that just got created, you have environments that are on-prem, on the edge, in CoLOS, public cloud. You got you know, SaaS applications, all of those have a critical data that needs to come together. Look for breadth of data protection, something that doesn't leave your workloads behind. Siloed solutions, create a Swiss cheese that create light for the attackers to go after those gaps. You don't want to look for that, you know? And then finally trust. I mean you know, what are the pillars of trust that the solution is built on? You got to figure out how your teams can get to doing more productive things rather than patching systems. You know, making sure that the infrastructure is up. As Dave said you know, we invest a ton jointly in securing this infrastructure. Trust that and leverage that as a differentiator rather than trying to duplicate all of that. So those are some of the you know, key things. And you know, look for players who understand that hybrid is here, give you different entry points. Don't force you know, the single single mode of operation. Those are the things we have built to make it easier for our customers to have a more active data management strategy. >> Dave, Todd, I'll give you the last word we got to go but I want to hit on this notion of zero trust. It used to be a buzz word now it's mainstream. There's so much that this discussion, is it Prudentialist access? Every access is treated maybe as privileged but what does zero trust mean to you in less than a minute? >> Yeah you know, trust but verify, right? Every interaction you have with your infrastructure, with your data, with your applications and you do it at the identity level. We care about identity and we know that that's the core of how people are going to try and access infrastructure. Used to be protect the perimeter. The analogy I always use is we have locks on our houses. Now the bad guys are everywhere. They're getting inside our houses and they're not immediately taking things, they're hiding in the closet and they're popping out three weeks later before anybody knows it. And so being able to actually manage, measure, protect every interaction you have with your infrastructure and do it at the individual or application level, that's what zero trust is all about. So don't trust any interaction, make sure that you pass that authorization through with every ask. And then make sure you protect it from the inside out. >> Great stuff. Okay guys, we've got to leave it there. Thanks so much for the time today. All right next, right after a short break, we're headed into the CXL Power Panel to hear what's on the minds of the executives as it relates to data management in the digital era. Keep it right there, you're watching theCUBE. (lighthearted music)

(Techno music plays in intro) >> We're here with theCUBE covering Commvault Connections 21. And we're going to look at the data protection space and how cloud computing has advanced the way we think about backup, recovery and protecting our most critical data. Ranga Rajagopalan who is the Vice President of products at Commvault, and Stephen Orban who's the General Manager of AWS Marketplace & Control Services. Gents! Welcome to theCUBE. Good to see you. >> Thank you, always a pleasure to see you Dave. >> Dave, thanks for having us. Great to be here. >> You're very welcome. Stephen, let's start with you. Look, the cloud has become a staple of digital infrastructure. I don't know where we'd be right now without being able to access enterprise services, IT services remotely, Um, but specifically, how are customers looking at backup and recovery in the cloud? Is it a kind of a replacement for existing strategies? Is it another layer of protection? How are they thinking about that? >> Yeah. Great question, Dave. And again, thanks. Thanks for having me. And I think, you know, look. If you look back to 15 years ago, when the founders of AWS had the hypothesis that many enterprises, governments, and developers were going to want access to on demand, pay as you go, IT resources in the cloud. None of us would have been able to predict that it would have matured and, um, you know become the staple that it has today over the last 15 years. But the reality is that a lot of these are enterprise customers. Many of whom have been doing their own IT infrastructure for the last 10, 20 or or multiple decades do have to kind of figure out how they deal with it. The change management of moving to the cloud, and while a lot of our customers will initially come to us because they're looking to save money or costs. Almost all of them decide to stay and go big because of the speed at which they're able to innovate on behalf of their customers. And when it comes to storage and backup, that just plays right into where they're headed and there's a variety of different techniques that customers use. Whether it be, you know, a lift and shift for a particular set of applications. Or a data center or where it, where they do very much look at how can they replace the backup and recovery that they have on premises in the cloud using solutions like what we're partnering with Commvault to do. Or completely re-imagining their architecture for net new developments that they can really move quickly for, for their customers and, and completely developing something brand new, where it is really a, um, you know a brand new replacement and innovation for, for, for what they've done in the past. >> Great. Thank you, Stephen. Ranga, I want to ask you about the D word, digital. Look, if you're not a digital business today, you're basically out of business. So my question to you Ranga is, is how have you seen customers change the way they think about data protection during what I call the forced March to digital over the last 18, 19 months? Are customers thinking about data protection differently today? >> Definitely Dave, and and thank you for having me and Stephen pleasure to join you on this CUBE interview. First, going back to Stephen's comments, can't agree more. Almost every business that we talk with today has a cloud first strategy, a cloud transmission mandate. And, you know, the reality is back to your digital comment. There are many different paths to the hybrid micro cloud. And different customers. You know, there are different parts of the journey. So as Stephen was saying, most often customers, at least from a data protection perspective. Start the conversation their thinking, hey, I have all these tapes, can I start using cloud as my air gap, long-term retention target. And before they realize they start moving their workloads into the cloud, and none of the backup and recovery facilities are going to change. So you need to continue protecting the cloud, which is where the cloud meta data protection comes in. And then they start innovating around DR Can I use cloud as my DR sites so that, you know, I don't need to meet in another site. So this is all around us, cloud transmissions, all around us. And, and the real essence of this partnership between AWS and Commvault is essentially to drive, and simplify all the paths to the cloud Regardless of whether you're going to use it as a storage target or, you know, your production data center or your DR. Disaster Recovery site. >> Yeah. So really, it's about providing that optionality for customers. I talked to a lot of customers and said, hey, our business resilience strategy was really too focused on DR. I've talked to all the customers at the other end of the spectrum said, we didn't even have a DR strategy. Now we're using the cloud for that. So it's a, it's really all over the map and you want that optionality. So Stephen, >> (Ranga cuts in) >> Go ahead, please. >> And sorry. Ransomware plays a big role in many of these considerations as well, right? Like, it's unfortunately not a question of whether you're going to be hit by ransomware. It's almost become like, what do you do when you're hit by ransomware? And the ability to use the cloud scale to immediately bring up the resources. Use the cloud backers has become a very popular choice simply because of the speed with which you can bring the business back to normal operations. The agility and the power that cloud brings to the table. >> Yeah. Ransomware is scary. You don't, you don't even need a high school degree diploma to be a ransomware-ist. You could just go on the dark web and buy ransomware as a service and do bad things. And hopefully you'll end up in jail. Stephen, we know about the success of the AWS Marketplace. You guys are partnering here. I'm interested in how that partnership, you know, kind of where it started and how it's evolving. >> Yeah. And happy to highlight on that. So look, when we, when we started AWS or when the founders of AWS started AWS, as I said, 15 years ago. We realized very early on that while we were going to be able to provide a number of tools for customers to have on demand access to compute storage, networking databases, that many particularly, enterprise and government government customers still use a wide range of tools and solutions from hundreds, if not in some cases, thousands of different partners. I mean, I talked to enterprises who who literally used thousands of of different vendors to help them deliver those solutions for their customers. So almost 10 years ago, we're almost at our 10 year anniversary for AWS Marketplace. We launched the first instantiation of AWS Marketplace, which allowed builders and customers to find, try, buy, and then deploy third-party software solutions running on Amazon Machine Instances, also known as AMI's. Natively, right in their AWS and cloud accounts to compliment what they were doing in the cloud. And over the last, nearly 10 years, we've evolved quite a bit. To the point where we support software in multiple different packaging types. Whether it be Amazon Machine Instances, containers, machine learning models, and of course, SAS and the rise of software as a service, so customers don't have to manage the software themselves. But we also support a data products through the AWS data exchange and professional services for customers who want to get services to help them integrate the software into their environments. And we now do that across a wide range of procurement options. So what used to be pay as you go Amazon Machine Instances now includes multiple different ways to contract directly. The customer can do that directly with the vendor, with their channel partner or using kind of our, our public e-commerce capabilities. And we're super excited, um, over the last couple of months, we've been partnering with Commvault to get their industry leading backup and recovery solutions listed on AWS Marketplace. Which is available for our collective customers now. So not only do they have access to Commvault's awesome solutions to help them protect against ransomware, as we talked about and, and to manage their backup and recovery environments. But they can find and deploy that directly in one click right into their AWS accounts and consolidate their, their billing relationship right on the AWS invoice. And it's been awesome to work with with Ranga and the, and the product teams at Commvault to really expose those capabilities where Commvault's using a lot of different AWS services to, to provide a really great native experience for our collective customers as they migrate to the cloud. >> Yeah. The Marketplace has been amazing. We've watched it evolve over the past decade and it's just, it's a key characteristic of cloud. Everybody has a cloud today, right? Ah, we're a cloud too, but Marketplace is unique in, in, in that it's the power of the ecosystem versus the resources of one. And Ranga, I wonder if from your perspective, if you could talk about the partnership with AWS from your view, and and specifically you've got some hard news. Would, if you could, talk about that as well. >> Absolutely. So the partnership has been extending for more than 12 years, right? So AWS and Commvault have been bringing together solutions that help customers solve the data management challenges and everything that we've been doing has been driven by the customer demand that we see, right. Customers are moving their workloads to the cloud. They are finding new ways of deploying the workloads and protecting them. You know, earlier we introduced cloud native integration with the EBS AVI's which has driven almost 70% performance improvements in backup and restore. When you look at huge customers like Coca-Cola, who have standardized on AWS and Commvault, that is the scale that they want to operate on. They manage around one through 3,000 snapshots, 1200 easy, two instances across six regions, but with just one resource dedicated for the data management strategy, right? So that's where the real built-in integration comes into play. And we've been extending it to make use of the cloud efficiencies like power management and auto-scale, and so on. Another aspect is our commitment to a radically simple customer experience. And that's, you know, I'm sure Stephen would agree. It's a big mantra at AWS as well. That's really, together, the customer demand that's brought us together to introduce combo into the AWS Marketplace, exactly the way Stephen described it. Now the hot announcement is calmer, backup and recovery is available in AWS Marketplace. So the exact four steps that Stephen mentioned: find, try, buy, and deploy everything simplified to the Marketplace so that our AWS customers can start using our more backup software in less than 20 minutes. A 60 day trial version is included in the product through Marketplace. And, you know, it's a single click buy. We use the cloud formation templates to deploy. So it becomes a super simple approach to protect the AWS workloads. And we protect a lot of them starting from EC2, RDS DynamoDB, DocumentDB, you know, the, the containers, the list just keeps going on. So it becomes a very natural extension for our customers to make it super simple, to start using Commvault data protection for the AWS workloads. >> Well, the Commvault stack is very robust. You have an extremely mature stack. I want to, I'm curious as to how this sort of came about? I mean, it had to be customer driven, I'm sure. When your customers say, hey, we're moving to the cloud, we had a lot of workloads in the cloud. We're a Commvault customer, that intersection between Commvault and AWS customer. So, so again, I presume this was customer driven, but maybe you can give us a little insight and add some color to that, Ranga. >> Every everything, you know, in this collaboration has been customer driven. We were earlier talking about the multiple paths to cloud and a very good example, and Stephen might probably add more color from his own experience at Dow Jones, but I I'll, I'll bring it to reference Parsons. Who's, you know, civil engineering leader. They started with the cloud first mandate saying, we need to start moving all our backups to the cloud, but we averted that bad actors might find it easy to go and access the backups. AWS and Commvault came together with AWS security features and Commvault brought in its own authorization controls. And now we are moved more than 14 petabytes of backup data into the cloud, and it's sort of as that, not even the backup administrators can go and patch the backups without multiple levels of authorization, right? So the customer needs, whether it is from a security perspective, performance perspective, or in this case from a simplicity perspective is really what is driving us and, and the need came exactly like that. There are many customers who have now standardized on AWS, they want to find everything related to this Marketplace. They want to use their existing, you know, the AWS contracts and also bring data strategy as part of that. So that, that's the real driver behind this. Stephen and I were hoping that we could actually announce some of the customers that have actively started using it. You know, many notable customers have been behind this innovation. And Stephen I don't know if you wanted to add more to that. >> I would just, I would just add Dave, you know, like if I look back before I joined AWS seven years ago, I was the CIO at Dow Jones. And I was leading a, a fairly big cloud migration there over a number of years. And one of the impetuses for us moving to the cloud in the first place was when Hurricane Sandy hit, we had a real disaster recovery scenario in one of our New Jersey data centers. And we had to act pretty quickly. Commvault was, was part of that solution. And I remember very clearly, even back then, back in 2013, there being options available to help us accelerate our move to the cloud. And, and just to reiterate some of the stuff that Ranga was talking about, you know, Commvault's done a great job over the last, more than a decade. Taking features from things like EBS, and S3, and TC2 and some of our networking capabilities and embedding them directly into their services so that customers are able to, you know, more quickly move their backup and recovery workloads to the cloud. So each and every one of those features was, is a result of, I'm sure, Commvault working backwards from their customer needs just as we do at AWS. And we're super excited to take that to the next level, to give customers the option to then also buy that right on their AWS invoice on AWS Marketplace. >> Yeah. I mean, we're going to have to leave it there. Stephen you've mentioned this several times, there's sort of the early days of AWS. We went back then we were talking about gigabytes and terabytes, and now we're talking about petabytes and beyond. Guys thanks so much. We really appreciate your time and sharing the news with us. >> Dave, thanks for having us. >> All right, keep it right there more from Commvault Connections 21, you're watching theCUBE.

(upbeat music) >> Hello everyone. This is Dave Vellante with theCUBE. On October 28th, we'll be attending Commvault Connections '21. This is a premier industry event and it's focused on hybrid data services. The broadcast will be live from Commvault's Tinton Falls HQ. Now the agenda is packed with educational inspirational keynote speakers. For example, Dave Martin will be speaking. He is in the global chief security office at ADP, Stephen Orban of AWS and Dave Taunton of Microsoft will be sharing insights. And of course Commvault CEO Sanjay Mirchandani, he's a long-time guest of theCUBE and a rare example of a CIO transitioning to a CEO role and having excellent success with Commvault transformation. These sessions that are referencing will engage you on topics like ransomware, SaaS, and hybrid cloud, and more there's something for every data professional. And by attending, you have the chance to have an exclusive consultation with the dev team at Commvault, which is always a hot ticket item. Now you can catch all the action live on SiliconANGLE and thecube.net so go right now, register for connections '21, it takes less than a minute. I just did it. We'll see you there. (upbeat music)