>> from Boston, Massachusetts. It's the queue covering active eo 2019. Data driven to you by activity. >> Hi, everyone. Welcome back to Boston. This is the Cube, the leader, and on the ground tech coverage. My name is David. Want a stupid woman. And John for you have been here. Uh, all day we've been plowing through some great interviews. This is active FiOS data driven 19 conference, the second conference. They've had this kind of about 500 people here in Boston. Shaheen peruses here. He's the chief technical officer and chief information security officer at data endure Cuba. LEM, good to see you. Thanks very much for coming back on. >> Thank you. Thanks for having me. >> You're very welcome. So, um, let's talk about backup. Gave a talk today. What is your backup done for you lately? Essentially. You know, so interesting question, right? You look at the data. A lot of customers air rethinking their backup. We sort of saw this with the ascendancy of virtual ization. We're seeing again with cloud and digital transformation. What's that? What was the theme of your talk? What was the catalyst behind the thoughts there? >> I really walk through the concept that storage has continued to evolve so aggressively and so fast with Moore's law and everything else and what has really proliferated. Part of that is that our data keeps growing and growing fast, and a very big contributor of that is copy data management. So we take a backup of something, but we don't ever use that backup. We restore it, and now we have a second copy of production so that development could do work in it. Then we restore it somewhere else so that analytics can happen against that. Then we restored another place, and pretty soon you have 45456 ten 10 20 copies of the exact same data and that proliferation keeps growing and growing. And it's time to think about backup differently. And almost all traditional backup players have not changed the way they operate have not changed the way they deal with backups. They continue to do it the same way, and their programs were written to go to tape versus to Cloud or to do copy data management >> properly. So it's That's a color today, if you would, sir, you said to do it the same way it was meant to go to take meeting. What? It's just a designed to be essentially a serial process. Exactly designed. Maybe maybe recovery is sort of a hope. We never have to recover kind of kind of thought, and that's it. Back up and no other additional value >> and file it somewhere. So just in case something, it's an insurance policy. >> So how should be done >> so before I get into how it should be done, One of the other attributes that makes backup a challenge with traditional players is they convert the data into their proprietary format, so you can't use the data unless you rehydrate it and put it back into its native format. Then you can start doing analytics or a I, or whatever you wanna do against that. So what activity was done differently, which is what I feel is that how you should do it is they keep the data in native format, and then when you need to access that copy of that data, they create a virtual copy of that data. So you're not taking a penny dis space, but its performance, because the underlying this subsystem that you assigned to active fio is have whatever performance, you want to assign it. So now you can spend up 10 copies of the same server without ever taking up 10 copies of storage and give the give all of your constituents that development team, the analytics team, whatever teams the ability to access it in real time. >> Why did the traditional vendors do it that way? Because they want to reduce it to save cost is they wanna optimize on on performance or they want to have control. From a catalog standpoint, Wise >> said, the popular if you go back to tape tape, was really slow. And it was a serial right, like you were saying earlier. And so you had to write software that would know how to take advantage of that slow speed and not make any mistakes and then be able to recover from it. So they were converting it to a format that was easier to write, easier to read. But that format doesn't play anymore in today's world, however, they haven't really adopted their king technologies to today's world and what I 50 0 did differently when they came out 10 years ago, they said. We need to reshape this whole backup landscape on DH. They created this copy data management space and all other backup players. Air tryingto ad copy data management to compete. But active Theo isn't a backup solution. It's a copy data management solution and backup is a nice artifact. >> Okay, so you deliver services on top of this and other technologies, right? Maybe talk a little bit more about your business and what you're going to market >> way help companies that our whole go to market is around this concept of digital resilient. So the ability to survive and thrive in the middle of an attack and whether that be Mother Nature or that be a cyber attack, or that your system's crashing on you and the in order to do that, let's just pick security. Let's parts that for a second. If you have a ransomware attack, for example, you can have the best controls. However, if a foothold gets into your environment and encrypts your data, your only choices recovery. And if you can't recover, you have to pay the ransom to get the encryption back way had a customer who had challenges on their their backups were on the virtual ization platform, which got encrypted and they weren't able to recover. So their only option was to pay ransom ware and, uh, fair to say they weren't the customer until after that happened. But the But the reality is that solutions like after Theo in by nature of the way they act, the way they store the data off promises in cloud or the way they store it s so that it's not easily it's immutable. It makes it a lot easier for a organization to leverage it and be able to recover quickly from it and have offsite copies or multiple data center copies. So that's the That's the challenge. I would say that a solution like activity of >> Psalms, where our customers I've got to take a little change for second and ask you CTO and a C. So I was taking a little security knowledge servant, test your security knowledge, and I actually did really well. I was like, 90% on. But what I got wrong was, you know, if you get hit with ransom where it said you should should pay it, and I said, Well, yeah, I guess so. They said, Nah, you're wrong, like, well, how else would I get my data back? If that's the way you know, I could avoid it if I were. I work with numbers like yours, but should people pay the ransom? >> So the odds of getting an encryption key that allows you to recover your data are minimal there. What usually happens is they don't want to get caught, so they don't want to send you the encryption key. They get the money and run because the more interactions they have with you, the more opportunity for somebody to trail them and figure out how >> to. So you shouldn't pay. You shouldn't, because your chances of infant testable that you're going to get your data back. >> The only way to pay in this customer they happen to have cyber insurance. And so their actual out of pocket expense was a fraction of the ransom. But not all cyber insurance covers all ransomware scenario. So it's They're not all kind of like, so it's a really it's a really complex question. Actually, I was >> wondering if you could do a smart contract. Yeah. Wait. What? >> You get the keys >> and you could be right. Yeah, on, then, then that's the challenge. right. It's leased like who's Who's way >> got to do it at the same time. But yeah, it's it's typically my recommendation is don't pay, but ideally, if you have, if you don't have a backup, then you really don't have an option. >> So part of your your job is obviously information security, which is the fast moving. I mean, that market is exploding. It feels like it's a big do over, You know that's going on. Um, you know, we all know the narrative. It's you know, there is no perimeter. All the money has been spent, you know, sort of hardening, you know, the perimeter building that moat. But now the queen leaves the castle so the whole paradigm changes. So how are you addressing that for your customers? >> So a couple ways Number one, the endpoint is the perimeter now, So the device that's sitting in front of here is an example is where you have to to treat the security, you need to monitor the activity of the behavior that's happening on that device. And if there's something that moves away from baseline, so if you're capturing a baseline of how you operate, what you do day today, and if all of a sudden you start encrypting your files and you never did before, the flag should go off. And those flags need to be able to get back to a central location, which is the business we operate. We offer a sock is a service. We deployed tools on the end points. We collect data from the perimeter, the firewalls around hers, the switches So we see the health of the network. But then we also monitor the end point to make sure if something's happening at that end point, we want to know we want to stop it before it spreads to anywhere else. >> It is a manage service. So another question around, you know, this is the buzz words of multi Cloud. It's a hot space, but it looks legit. I mean, multi cloud, I've always said, is the son of almost a symptom of multi vendor right versus a strategy. But increasingly, people are saying, Okay, we need a strategy. There's horses for courses, certain clouds or better for certain things, and that's where we're going. We're going, maybe rain in the shadow it in the line of business, or at least support them. So we need a strategy. Their So what? Your thoughts on multi cloud. How are you participating in that space? Is there any role for active fio? There >> absolutely is active fio supports all of before the major clouds out there. So they support a WS czar, G, C, P and IBM. And having that strategy allows a customer who's leveraging activity to protect their data to be able to spin up workloads in any of those clouds. And, for example, GP is known for better. Aye, Aye. And analytics. So spin up a copy of your data in G C. P. Do your analytics and then shut it down. Um uh, a czar is known integrate better with any Microsoft platform so spent up your Microsoft workloads and his whore and used them for whatever purposes, whether it's analytics or other and shut him down. Andi, each cloud does have its attributes and benefits that are better >> universes just good. Yeah, well, >> they have a lead, right? They've done a lot of application ecosystem, right? And then IBM, with Watson is kind of taking a lead in the Aye aye space. So, really, it's you as a company. As a architect cloud architect, you need to decide what cloud has the benefits you need and the ability to move between them with a technology like Octavio is pretty key >> thoughts on, uh, security. The cloud In the early days that was a real blocker. You know, people were concerned about security of Cloud, and today it's almost becoming an advantage. Do you buy that? >> So sort of. I've been I've been a c T O N C So for the last 15 years, and early clouds start ups and number one objection I always got was security in the cloud. You can't put your data there. The reality is, the cloud is no different than another data center. It's You can't abdicate your responsibility to secure your infrastructure just because it's in somebody else's data center, it's You still have to do what you would do. Apply your security policies, apply your security controls and manages if it's another one of your polos, for example, and that's where people forget. They think just because it's somewhere else I'm protected. The only benefit that the cloud gives us from a security perspective is the physical security. So nobody can get into that data center because they have great security controls. But that doesn't mean electronically people can't get it. That you're still you. You haven't really gained anything by going to cloud other than reliability and availability. >> Yeah, your point about endpoint security before a bad user behavior is going to trump great security every single time. Exactly. Okay, final thoughts on this event, your business, your partnership, the marketplace take us home. >> I think I think is a great event. Lots of great topics are covered some great partnerships. Way heard some great information about analytics from IBM. I think that active FiOS uniquely positioned where you can take that one, back up your data and then be able to use it in so many different facets of your business rather than, like I said, creating the copies and exploding your data growth. And so because of that, you're seeing the partnership in the ecosystem coming together. The other attributes that makes it powerful is that they've got the AP integration. Anything you could do in the user interface, you can do the FBI, so that allows third party companies to come in and do integrations. That extend the capability and leverage that data even better on DH. So I think this event is good to help show people some of those capabilities and how some of those integration >> support that's here. It's all about creating incremental value with data as opposed to just below one out copies. So great. Appreciate it. Should you? Thanks very much for coming on the Q. Thank you. Good to see you again. Good to see you. All right. Thanks for watching everybody. We'll be back with our next guest right after this short break. You watching the Cube from data driven 19.