the cyber security landscape has changed dramatically over the past 24 to 36 months rapid cloud migration has created a new layer of security defense sure but that doesn't mean csos can relax in many respects it further complicates or at least changes the ciso's scope of responsibilities in particular the threat surface has expanded and that creates more seams and cisos have to make sure their teams pick up where the hyperscaler clouds leave off application developers have become a critical execution point for cyber assurance shift left is the kind of new buzz phrase for devs but organizations still have to shield right meaning the operational teams must continue to partner with secops to make sure infrastructure is resilient so it's no wonder that in etr's latest survey of nearly 1500 cios and it buyers that business technology executives cite security as their number one priority well ahead of other critical technology initiatives including collaboration software cloud computing and analytics rounding out the top four but budgets are under pressure and csos have to prioritize it's not like they have an open checkbook they have to contend with other key initiatives like those just mentioned to secure the funding and what about zero trust can you go out and buy xero trust or is it a framework a mindset in a series of best practices applied to create a security consciousness throughout the organization can you implement zero trust in other words if a machine or human is not explicitly allowed access then access is denied can you implement that policy without constricting organizational agility the question is what's the most practical way to apply that premise and what role does infrastructure play as the enforcer how does automation play in the equation the fact is that today's approach to cyber resilient type resilience can't be an either or it has to be an and conversation meaning you have to ensure data protection while at the same time advancing the mission of the organization with as little friction as possible and don't even talk to me about the edge that's really going to keep you up at night hello and welcome to the special cube presentation a blueprint for trusted infrastructure made possible by dell technologies in this program we explore the critical role that trusted infrastructure plays in cyber security strategies how organizations should think about the infrastructure side of the cyber security equation and how dell specifically approaches securing infrastructure for your business we'll dig into what it means to transform and evolve toward a modern security infrastructure that's both trusted and agile first up are pete gear and steve kenniston they're both senior cyber security consultants at dell technologies and they're going to talk about the company's philosophy and approach to trusted infrastructure and then we're going to speak to paris arcadi who's a senior consultant for storage at dell technologies to understand where and how storage plays in this trusted infrastructure world and then finally rob emsley who heads product marketing for data protection and cyber security he's going to take a deeper dive with rob into data protection and explain how it has become a critical component of a comprehensive cyber security strategy okay let's get started pete gear steve kenniston welcome to the cube thanks for coming into the marlboro studios today great to be here dave thanks dave good to see you great to see you guys pete start by talking about the security landscape you heard my little rap up front what are you seeing i thought you wrapped it up really well and you touched on all the key points right technology is ubiquitous today it's everywhere it's no longer confined to a monolithic data center it lives at the edge it lives in front of us it lives in our pockets and smartphones along with that is data and as you said organizations are managing sometimes 10 to 20 times the amount of data that they were just five years ago and along with that cyber crime has become a very profitable enterprise in fact it's been more than 10 years since uh the nsa chief actually called cyber crime the biggest transfer of wealth in history that was 10 years ago and we've seen nothing but accelerating cyber crime and really sophistication of how those attacks are perpetrated and so the new security landscape is really more of an evolution we're finally seeing security catch up with all of the technology adoption all the build out the work from home and work from anywhere that we've seen over the last couple of years we're finally seeing organizations and really it goes beyond the i t directors it's a board level discussion today security's become a board level discussion yeah i think that's true as well it's like it used to be the security was okay the secops team you're responsible for security now you've got the developers are involved the business lines are involved it's part of onboarding for most companies you know steve this concept of zero trust it was kind of a buzzword before the pandemic and i feel like i've often said it's now become a mandate but it's it's it's still fuzzy to a lot of people how do you guys think about zero trust what does it mean to you how does it fit yeah i thought again i thought your opening was fantastic in in this whole lead into to what is zero trust it had been a buzzword for a long time and now ever since the federal government came out with their implementation or or desire to drive zero trust a lot more people are taking a lot more seriously because i don't think they've seen the government do this but ultimately let's see ultimately it's just like you said right if if you don't have trust to those particular devices uh applications or data you can't get at it the question is and and you phrase it perfectly can you implement that as well as allow the business to be as agile as it needs to be in order to be competitive because we're seeing with your whole notion around devops and the ability to kind of build make deploy build make deploy right they still need that functionality but it also needs to be trusted it needs to be secure and things can't get away from you yeah so it's interesting we attended every uh reinforce since 2019 and the narrative there is hey everything in this in the cloud is great you know and this narrative around oh security is a big problem is you know doesn't help the industry the fact is that the big hyperscalers they're not strapped for talent but csos are they don't have the the capabilities to really apply all these best practices they're they're playing whack-a-mole so they look to companies like yours to take their r your r d and bake it into security products and solutions so what are the critical aspects of the so-called dell trusted infrastructure that we should be thinking about yeah well dell trusted infrastructure for us is a way for us to describe uh the the work that we do through design development and even delivery of our it system so dell trusted infrastructure includes our storage it includes our servers our networking our data protection our hyper converged everything that infrastructure always has been it's just that today customers consume that infrastructure at the edge as a service in a multi-cloud environment i mean i view the cloud as really a way for organizations to become more agile and to become more flexible and also to control costs i don't think organizations move to the cloud or move to a multi-cloud environment to enhance security so i don't see cloud computing as a panacea for security i see it as another attack surface and another uh aspect in front that organizations and and security organizations and departments have to manage it's part of their infrastructure today whether it's in their data center in a cloud or at the edge i mean i think it's a huge point because a lot of people think oh data's in the cloud i'm good it's like steve we've talked about oh why do i have to back up my data it's in the cloud well you might have to recover it someday so i don't know if you have anything to add to that or any additional thoughts on it no i mean i think i think like what pete was saying when it comes to when it comes to all these new vectors for attack surfaces you know people did choose the cloud in order to be more agile more flexible and all that did was open up to the csos who need to pay attention to now okay where can i possibly be attacked i need to be thinking about is that secure and part of the part of that is dell now also understands and thinks about as we're building solutions is it is it a trusted development life cycle so we have our own trusted development life cycle how many times in the past did you used to hear about vendors saying you got to patch your software because of this we think about what changes to our software and what implementations and what enhancements we deliver can actually cause from a security perspective and make sure we don't give up or or have security become a whole just in order to implement a feature we got to think about those things yeah and as pete alluded to our secure supply chain so all the way through knowing what you're going to get when you actually receive it is going to be secure and not be tampered with becomes vitally important and pete and i were talking earlier when you have tens of thousands of devices that need to be delivered whether it be storage or laptops or pcs or or whatever it is you want to be you want to know that that that those devices are can be trusted okay guys maybe pete you could talk about the how dell thinks about it's its framework and its philosophy of cyber security and then specifically what dell's advantages are relative to the competition yeah definitely dave thank you so we've talked a lot about dell as a technology provider but one thing dell also is is a partner in this larger ecosystem we realize that security whether it's a zero trust paradigm or any other kind of security environment is an ecosystem uh with a lot of different vendors so we look at three areas one is protecting data in systems we know that it starts with and ends with data that helps organizations combat threats across their entire infrastructure and what it means is dell's embedding security features consistently across our portfolios of storage servers networking the second is enhancing cyber resiliency over the last decade a lot of the funding and spending has been in protecting or trying to prevent cyber threats not necessarily in responding to and recovering from threats right we call that resiliency organizations need to build resiliency across their organization so not only can they withstand a threat but they can respond recover and continue with their operations and the third is overcoming security complexity security is hard it's more difficult because of the things we've talked about about distributed data distributed technology and and attack surfaces everywhere and so we're enabling organizations to scale confidently to continue their business but know that all all the i.t decisions that they're making um have these intrinsic security features and are built and delivered in a consistent security so those are kind of the three pillars maybe we could end on what you guys see as the key differentiators that people should know about that that dell brings to the table maybe each of you could take take a shot at that yeah i think first of all from from a holistic portfolio perspective right the uh secure supply chain and the secure development life cycle permeate through everything dell does when building things so we build things with security in mind all the way from as pete mentioned from from creation to delivery we want to make sure you have that that secure device or or asset that permeates everything from servers networking storage data protection through hyper converge through everything that to me is really a key asset because that means you can you understand when you receive something it's a trusted piece of your infrastructure i think the other core component to think about and pete mentioned as dell being a partner for making sure you can deliver these things is that even though those are that's part of our framework these pillars are our framework of how we want to deliver security it's also important to understand that we are partners and that you don't need to rip and replace but as you start to put in new components you can be you can be assured that the components that you're replacing as you're evolving as you're growing as you're moving to the cloud as you're moving to a more on-prem type services or whatever that your environment is secure i think those are two key things got it okay pete bring us home yeah i think one of one of the big advantages of dell is our scope and our scale right we're a large technology vendor that's been around for decades and we develop and sell almost every piece of technology we also know that organizations are might make different decisions and so we have a large services organization with a lot of experienced services people that can help customers along their security journey depending on whatever type of infrastructure or solutions that they're looking at the other thing we do is make it very easy to consume our technology whether that's traditional on-premise in a multi-cloud environment uh or as a service and so the best of breed technology can be consumed in any variety of fashion and know that you're getting that consistent secure infrastructure that dell provides well and dell's forgot the probably top supply chain not only in the tech business but probably any business and so you can actually take take your dog food and then and allow other billionaire champagne sorry allow other people to you know share share best practices with your with your customers all right guys thanks so much for coming thank you appreciate it okay keep it right there after this short break we'll be back to drill into the storage domain you're watching a blueprint for trusted infrastructure on the cube the leader in enterprise and emerging tech coverage be right back concern over cyber attacks is now the norm for organizations of all sizes the impact of these attacks can be operationally crippling expensive and have long-term ramifications organizations have accepted the reality of not if but when from boardrooms to i.t departments and are now moving to increase their cyber security preparedness they know that security transformation is foundational to digital transformation and while no one can do it alone dell technologies can help you fortify with modern security modern security is built on three pillars protect your data and systems by modernizing your security approach with intrinsic features and hardware and processes from a provider with a holistic presence across the entire it ecosystem enhance your cyber resiliency by understanding your current level of resiliency for defending your data and preparing for business continuity and availability in the face of attacks overcome security complexity by simplifying and automating your security operations to enable scale insights and extend resources through service partnerships from advanced capabilities that intelligently scale a holistic presence throughout it and decades as a leading global technology provider we'll stop at nothing to help keep you secure okay we're back digging into trusted infrastructure with paris sarcadi he's a senior consultant for product marketing and storage at dell technologies parasaur welcome to the cube good to see you great to be with you dave yeah coming from hyderabad awesome so i really appreciate you uh coming on the program let's start with talking about your point of view on what cyber security resilience means to to dell generally but storage specifically yeah so for something like storage you know we are talking about the data layer name and if you look at cyber security it's all about securing your data applications and infrastructure it has been a very mature field at the network and application layers and there are a lot of great technologies right from you know enabling zero trust advanced authentications uh identity management systems and so on and and in fact you know with the advent of you know the the use of artificial intelligence and machine learning really these detection tools for cyber securities have really evolved in the network and the application spaces so for storage what it means is how can you bring them to the data layer right how can you bring you know the principles of zero trust to the data layer uh how can you leverage artificial intelligence and machine learning to look at you know access patterns and make intelligent decisions about maybe an indicator of a compromise and identify them ahead of time just like you know how it's happening and other ways of applications and when it comes to cyber resilience it's it's basically a strategy which assumes that a threat is imminent and it's a good assumption with the severity of the frequency of the attacks that are happening and the question is how do we fortify the infrastructure in the switch infrastructure to withstand those attacks and have a plan a response plan where we can recover the data and make sure the business continuity is not affected so that's uh really cyber security and cyber resiliency and storage layer and of course there are technologies like you know network isolation immutability and all these principles need to be applied at the storage level as well let me have a follow up on that if i may the intelligence that you talked about that ai and machine learning is that do you do you build that into the infrastructure or is that sort of a separate software module that that points at various you know infrastructure components how does that work both dave right at the data storage level um we have come with various data characteristics depending on the nature of data we developed a lot of signals to see what could be a good indicator of a compromise um and there are also additional applications like cloud iq is the best example which is like an infrastructure wide health monitoring system for dell infrastructure and now we have elevated that to include cyber security as well so these signals are being gathered at cloud iq level and other applications as well so that we can make those decisions about compromise and we can either cascade that intelligence and alert stream upstream for uh security teams um so that they can take actions in platforms like sign systems xtr systems and so on but when it comes to which layer the intelligence is it has to be at every layer where it makes sense where we have the information to make a decision and being closest to the data we have we are basically monitoring you know the various parallels data access who is accessing um are they crossing across any geo fencing uh is there any mass deletion that is happening or a mass encryption that is happening and we are able to uh detect uh those uh patterns and flag them as indicators of compromise and in allowing automated response manual control and so on for it teams yeah thank you for that explanation so at dell technologies world we were there in may it was one of the first you know live shows that that we did in the spring certainly one of the largest and i interviewed shannon champion and a huge takeaway from the storage side was the degree to which you guys emphasized security uh within the operating systems i mean really i mean powermax more than half i think of the features were security related but also the rest of the portfolio so can you talk about the the security aspects of the dell storage portfolio specifically yeah yeah so when it comes to data security and broadly data availability right in the context of cyber resiliency dell storage this you know these elements have been at the core of our um a core strength for the portfolio and the source of differentiation for the storage portfolio you know with almost decades of collective experience of building highly resilient architectures for mission critical data something like power max system which is the most secure storage platform for high-end enterprises and now with the increased focus on cyber security we are extending those core technologies of high availability and adding modern detection systems modern data isolation techniques to offer a comprehensive solution to the customer so that they don't have to piece together multiple things to ensure data security or data resiliency but a well-designed and well-architected solution by design is delivered to them to ensure cyber protection at the data layer got it um you know we were talking earlier to steve kenniston and pete gear about this notion of dell trusted infrastructure how does storage fit into that as a component of that sort of overall you know theme yeah and you know and let me say this if you could adjust because a lot of people might be skeptical that i can actually have security and at the same time not constrict my organizational agility that's old you know not an ore it's an end how do you actually do that if you could address both of those that would be great definitely so for dell trusted infrastructure cyber resiliency is a key component of that and just as i mentioned you know uh air gap isolation it really started with you know power protect cyber recovery you know that was the solution more than three years ago we launched and that was first in the industry which paved way to you know kind of data isolation being a core element of data management and uh for data infrastructure and since then we have implemented these technologies within different storage platforms as well so that customers have the flexibility depending on their data landscape they can approach they can do the right data isolation architecture right either natively from the storage platform or consolidate things into the backup platform and isolate from there and and the other key thing we focus in trusted infrastructure dell infra dell trusted infrastructure is you know the goal of simplifying security for the customers so one good example here is uh you know being able to respond to these cyber threats or indicators of compromise is one thing but an i.t security team may not be looking at the dashboard of the storage systems constantly right storage administration admins may be looking at it so how can we build this intelligence and provide this upstream platforms so that they have a single pane of glass to understand security landscape across applications across networks firewalls as well as storage infrastructure and in compute infrastructure so that's one of the key ways where how we are helping simplify the um kind of the ability to uh respond ability to detect and respond these threads uh in real time for security teams and you mentioned you know about zero trust and how it's a balance of you know not uh kind of restricting users or put heavy burden on you know multi-factor authentication and so on and this really starts with you know what we're doing is provide all the tools you know when it comes to advanced authentication uh supporting external identity management systems multi-factor authentication encryption all these things are intrinsically built into these platforms now the question is the customers are actually one of the key steps is to identify uh what are the most critical parts of their business or what are the applications uh that the most critical business operations depend on and similarly identify uh mission critical data where part of your response plan where it cannot be compromised where you need to have a way to recover once you do this identification then the level of security can be really determined uh by uh by the security teams by the infrastructure teams and you know another you know intelligence that gives a lot of flexibility uh for for even developers to do this is today we have apis um that so you can not only track these alerts at the data infrastructure level but you can use our apis to take concrete actions like blocking a certain user or increasing the level of authentication based on the threat level that has been perceived at the application layer or at the network layer so there is a lot of flexibility that is built into this by design so that depending on the criticality of the data criticality of the application number of users affected these decisions have to be made from time to time and it's as you mentioned it's it's a balance right and sometimes you know if if an organization had a recent attack you know the level of awareness is very high against cyber attacks so for a time you know these these settings may be a bit difficult to deal with but then it's a decision that has to be made by security teams as well got it so you're surfacing what may be hidden kpis that are being buried inside for instance the storage system through apis upstream into a dashboard so that somebody could you know dig into the storage tunnel extract that data and then somehow you know populate that dashboard you're saying you're automating that that that workflow that's a great example and you may have others but is that the correct understanding absolutely and it's a two-way integration let's say a detector an attack has been detected at a completely different layer right in the application layer or at a firewall we can respond to those as well so it's a two-way integration we can cascade things up as well as respond to threats that have been detected elsewhere um uh through the api that's great all right hey api for power skill is the best example for that uh excellent so thank you appreciate that give us the last word put a bow on this and and bring this segment home please absolutely so a dell storage portfolio um using advanced data isolation um with air gap having machine learning based algorithms to detect uh indicators of compromise and having rigor mechanisms with granular snapshots being able to recover data and restore applications to maintain business continuity is what we deliver to customers uh and these are areas where a lot of innovation is happening a lot of product focus as well as you know if you look at the professional services all the way from engineering to professional services the way we build these systems the way we we configure and architect these systems um cyber security and protection is a key focus uh for all these activities and dell.com securities is where you can learn a lot about these initiatives that's great thank you you know at the recent uh reinforce uh event in in boston we heard a lot uh from aws about you know detent and response and devops and machine learning and some really cool stuff we heard a little bit about ransomware but i'm glad you brought up air gaps because we heard virtually nothing in the keynotes about air gaps that's an example of where you know this the cso has to pick up from where the cloud leaves off but that was in front and so number one and number two we didn't hear a ton about how the cloud is making the life of the cso simpler and that's really my takeaway is is in part anyway your job and companies like dell so paris i really appreciate the insights thank you for coming on thecube thank you very much dave it's always great to be in these uh conversations all right keep it right there we'll be right back with rob emsley to talk about data protection strategies and what's in the dell portfolio you're watching thecube data is the currency of the global economy it has value to your organization and cyber criminals in the age of ransomware attacks companies need secure and resilient it infrastructure to safeguard their data from aggressive cyber attacks [Music] as part of the dell technologies infrastructure portfolio powerstor and powermax combine storage innovation with advanced security that adheres to stringent government regulations and corporate compliance requirements security starts with multi-factor authentication enabling only authorized admins to access your system using assigned roles tamper-proof audit logs track system usage and changes so it admins can identify suspicious activity and act with snapshot policies you can quickly automate the protection and recovery process for your data powermax secure snapshots cannot be deleted by any user prior to the retention time expiration dell technologies also make sure your data at rest stays safe with power store and powermax data encryption protects your flash drive media from unauthorized access if it's removed from the data center while adhering to stringent fips 140-2 security requirements cloud iq brings together predictive analytics anomaly detection and machine learning with proactive policy-based security assessments monitoring and alerting the result intelligent insights that help you maintain the security health status of your storage environment and if a security breach does occur power protect cyber recovery isolates critical data identifies suspicious activity and accelerates data recovery using the automated data copy feature unchangeable data is duplicated in a secure digital vault then an operational air gap isolates the vault from the production and backup environments [Music] architected with security in mind dell emc power store and powermax provides storage innovation so your data is always available and always secure wherever and whenever you need it [Music] welcome back to a blueprint for trusted infrastructure we're here with rob emsley who's the director of product marketing for data protection and cyber security rob good to see a new role yeah good to be back dave good to see you yeah it's been a while since we chatted last and you know one of the changes in in my world is that i've expanded my responsibilities beyond data protection marketing to also focus on uh cyber security marketing specifically for our infrastructure solutions group so certainly that's you know something that really has driven us to you know to come and have this conversation with you today so data protection obviously has become an increasingly important component of the cyber security space i i don't think necessarily of you know traditional backup and recovery as security it's to me it's an adjacency i know some companies have said oh yeah now we're a security company they're kind of chasing the valuation for sure bubble um dell's interesting because you you have you know data protection in the form of backup and recovery and data management but you also have security you know direct security capability so you're sort of bringing those two worlds together and it sounds like your responsibility is to to connect those those dots is that right absolutely yeah i mean i think that uh the reality is is that security is a a multi-layer discipline um i think the the days of thinking that it's one uh or another um technology that you can use or process that you can use to make your organization secure uh are long gone i mean certainly um you actually correct if you think about the backup and recovery space i mean people have been doing that for years you know certainly backup and recovery is all about the recovery it's all about getting yourself back up and running when bad things happen and one of the realities unfortunately today is that one of the worst things that can happen is cyber attacks you know ransomware malware are all things that are top of mind for all organizations today and that's why you see a lot of technology and a lot of innovation going into the backup and recovery space because if you have a copy a good copy of your data then that is really the the first place you go to recover from a cyber attack and that's why it's so important the reality is is that unfortunately the cyber criminals keep on getting smarter i don't know how it happens but one of the things that is happening is that the days of them just going after your production data are no longer the only challenge that you have they go after your your backup data as well so over the last half a decade dell technologies with its backup and recovery portfolio has introduced the concept of isolated cyber recovery vaults and that is really the you know we've had many conversations about that over the years um and that's really a big tenant of what we do in the data protection portfolio so this idea of of cyber security resilience that definition is evolving what does it mean to you yeah i think the the analyst team over at gartner they wrote a very insightful paper called you will be hacked embrace the breach and the whole basis of this analysis is so much money has been spent on prevention is that what's out of balance is the amount of budget that companies have spent on cyber resilience and cyber resilience is based upon the premise that you will be hacked you have to embrace that fact and be ready and prepared to bring yourself back into business you know and that's really where cyber resiliency is very very different than cyber security and prevention you know and i think that balance of get your security disciplines well-funded get your defenses as good as you can get them but make sure that if the inevitable happens and you find yourself compromised that you have a great recovery plan and certainly a great recovery plan is really the basis of any good solid data protection backup and recovery uh philosophy so if i had to do a swot analysis we don't have to do the wot but let's focus on the s um what would you say are dell's strengths in this you know cyber security space as it relates to data protection um one is we've been doing it a long time you know we talk a lot about dell's data protection being proven and modern you know certainly the experience that we've had over literally three decades of providing enterprise scale data protection solutions to our customers has really allowed us to have a lot of insight into what works and what doesn't as i mentioned to you one of the unique differentiators of our solution is the cyber recovery vaulting solution that we introduced a little over five years ago five six years parapatek cyber recovery is something which has become a unique capability for customers to adopt uh on top of their investment in dell technologies data protection you know the the unique elements of our solution already threefold and it's we call them the three eyes it's isolation it's immutability and it's intelligence and the the isolation part is really so important because you need to reduce the attack surface of your good known copies of data you know you need to put it in a location that the bad actors can't get to it and that really is the the the the essence of a cyber recovery vault interestingly enough you're starting to see the market throw out that word um you know from many other places but really it comes down to having a real discipline that you don't allow the security of your cyber recovery vault to be compromised insofar as allowing it to be controlled from outside of the vault you know allowing it to be controlled by your backup application our cyber recovery vaulting technology is independent of the backup infrastructure it uses it but it controls its own security and that is so so important it's like having a vault that the only way to open it is from the inside you know and think about that if you think about you know volts in banks or volts in your home normally you have a keypad on the outside think of our cyber recovery vault as having its security controlled from inside of the vault so nobody can get in nothing can get in unless it's already in and if it's already in then it's trusted exactly yeah exactly yeah so isolation is the key and then you mentioned immutability is the second piece yeah so immutability is is also something which has been around for a long time people talk about uh backup immunoability or immutable backup copies so immutability is just the the the additional um technology that allows the data that's inside of the vault to be unchangeable you know but again that immutability you know your mileage varies you know when you look across the uh the different offers that are out there in the market especially in the backup industry you make a very valid point earlier that the backup vendors in the market seems to be security washing their marketing messages i mean everybody is leaning into the ever-present danger of cyber security not a bad thing but the reality is is that you have to have the technology to back it up you know quite literally yeah no pun intended and then actually pun intended now what about the intelligence piece of it uh that's that's ai ml where does that fit for sure so the intelligence piece is delivered by um a solution called cybersense and cybersense for us is what really gives you the confidence that what you have in your cyber recovery vault is a good clean copy of data so it's looking at the backup copies that get driven into the cyber vault and it's looking for anomalies so it's not looking for signatures of malware you know that's what your antivirus software does that's what your endpoint protection software does that's on the prevention side of the equation but what we're looking for is we're looking to ensure that the data that you need when all hell breaks loose is good and that when you get a request to restore and recover your business you go right let's go and do it and you don't have any concern that what you have in the vault has been compromised so cyber sense is really a unique analytic solution in the market based upon the fact that it isn't looking at cursory indicators of of um of of of malware infection or or ransomware introduction it's doing full content analytics you know looking at you know has the data um in any way changed has it suddenly become encrypted has it suddenly become different to how it was in the previous scan so that anomaly detection is very very different it's looking for um you know like different characteristics that really are an indicator that something is going on and of course if it sees it you immediately get flagged but the good news is is that you always have in the vault the previous copy of good known data which now becomes your restore point so we're talking to rob emsley about how data protection fits into what dell calls dti dell trusted infrastructure and and i want to come back rob to this notion of and not or because i think a lot of people are skeptical like how can i have great security and not introduce friction into my organization is that an automation play how does dell tackle that problem i mean i think a lot of it is across our infrastructure is is security has to be built in i mean intrinsic security within our servers within our storage devices uh within our elements of our backup infrastructure i mean security multi-factor authentication you know elements that make the overall infrastructure secure you know we have capabilities that you know allow us to identify whether or not configurations have changed you know we'll probably be talking about that a little bit more to you later in the segment but the the essence is is um security is not a bolt-on it has to be part of the overall infrastructure and that's so true um certainly in the data protection space give us the the bottom line on on how you see dell's key differentiators maybe you could talk about dell of course always talks about its portfolio but but why should customers you know lead in to dell in in this whole cyber resilience space um you know staying on the data protection space as i mentioned the the the work we've been doing um to introduce this cyber resiliency solution for data protection is in our opinion as good as it gets you know the you know you've spoken to a number of our of our best customers whether it be bob bender from founders federal or more recently at delton allergies world you spoke to tony bryson from the town of gilbert and these are customers that we've had for many years that have implemented cyber recovery vaults and at the end of the day they can now sleep at night you know that's really the the peace of mind that they have is that the insurance that a data protection from dell cyber recovery vault a parapatex cyber recovery solution gives them you know really allows them to you know just have the assurance that they don't have to pay a ransom if they have a an insider threat issue and you know all the way down to data deletion is they know that what's in the cyber recovery vault is good and ready for them to recover from great well rob congratulations on the new scope of responsibility i like how you know your organization is expanding as the threat surface is expanding as we said data protection becoming an adjacency to security not security in and of itself a key component of a comprehensive security strategy rob emsley thank you for coming back in the cube good to see you again you too dave thanks all right in a moment i'll be back to wrap up a blueprint for trusted infrastructure you're watching the cube every day it seems there's a new headline about the devastating financial impacts or trust that's lost due to ransomware or other sophisticated cyber attacks but with our help dell technologies customers are taking action by becoming more cyber resilient and deterring attacks so they can greet students daily with a smile they're ensuring that a range of essential government services remain available 24 7 to citizens wherever they're needed from swiftly dispatching public safety personnel or sending an inspector to sign off on a homeowner's dream to protecting restoring and sustaining our precious natural resources for future generations with ever-changing cyber attacks targeting organizations in every industry our cyber resiliency solutions are right on the money providing the security and controls you need we help customers protect and isolate critical data from ransomware and other cyber threats delivering the highest data integrity to keep your doors open and ensuring that hospitals and healthcare providers have access to the data they need so patients get life-saving treatment without fail if a cyber incident does occur our intelligence analytics and responsive team are in a class by themselves helping you reliably recover your data and applications so you can quickly get your organization back up and running with dell technologies behind you you can stay ahead of cybercrime safeguarding your business and your customers vital information learn more about how dell technology's cyber resiliency solutions can provide true peace of mind for you the adversary is highly capable motivated and well equipped and is not standing still your job is to partner with technology vendors and increase the cost of the bad guys getting to your data so that their roi is reduced and they go elsewhere the growing issues around cyber security will continue to drive forward thinking in cyber resilience we heard today that it is actually possible to achieve infrastructure security while at the same time minimizing friction to enable organizations to move quickly in their digital transformations a xero trust framework must include vendor r d and innovation that builds security designs it into infrastructure products and services from the start not as a bolt-on but as a fundamental ingredient of the cloud hybrid cloud private cloud to edge operational model the bottom line is if you can't trust your infrastructure your security posture is weakened remember this program is available on demand in its entirety at thecube.net and the individual interviews are also available and you can go to dell security solutions landing page for for more information go to dell.com security solutions that's dell.com security solutions this is dave vellante thecube thanks for watching a blueprint for trusted infrastructure made possible by dell we'll see you next time

live from New York it's the cube covering the cube New York City 2018 brought to you by silicon angle media and its ecosystem partners i'm jeff workday Villante we're here nine years our nine years of coverage two days live in New York City and our next two guests shot Mrazek CEO amana stayed at fiendish males CMO mystic good to see you again welcome back thank you bad to be here guys so obviously this show we've been here nine years we were the first original Hadoop world we've seen a change Hadoop was gonna change the world it kind of didn't but we get the idea of it did not it did didn't but it would change our world it brought open source and the notion of low-cost Hardware into the big data game and then the big data became so much more powerful around these new tools but then the cloud comes in full throttles and while they can get horsepower that compute you can stand up infrastructure for analytics all this data goodness starts to change machine learning then becomes the the real utility that's showing this demand for using data right now not the set up using data this is a fundamental big trend so I don't get you guys reaction what do you see this evolving more cloud like how do you guys see the trend in this as data science certainly becoming more mainstream and productivity users to hardcore users and then you got cloud native developers doing things like kubernetes we've heard kubernetes here it's like a cloud is a data science what's going on what's your view of the market so I came from a company that was in an tech and we were built on big data and in looking at how big data is evolved and the movement towards analytics and machine learning it really being enabled by Big Data people have rushed to build these solutions and they've done a great job but it was always about what's the solution to my problem how do i leverage this data and they built out these platforms and in our context what we've seen is that enterprises get to a certain point where they say okay i've got all these different stacks that have been built these apps that have been built to solve my bi and analytics problems but what do I do about how do I manage all these and that's what I encounter my last company where we built everything ourselves and then so wait a minute but what we see at an enterprise level is fascinating because when I go to a large company I go you know we work with no sequel databases and Hadoop and you know how much Couchbase do you have how much Mongo etc the inevitable answer is yes and five of each right and they're cutting to this point where I've got all this distributed data distributed across my organization how am I going to actually manage it and make sure that that data is protected that I can migrate to the cloud or in a hybrid cloud environment and all these questions start to come up at an enterprise level we actually have had some very high-level discussions at a large financial institution here in New York where they literally brought 26 people to the meeting the initial meeting this was literally a second call where we were presenting our capability because they're they're now at the point where it's like this is mission-critical data this is not just some cool stuff somebody built off in one of our divisions it matters to the whole enterprise how do we make sure that data is protected backed up how do we move data around and that's really the the trend that we're tapping into and that the founders of our company saw many years ago and said I need to I need to we need to build a solution around this it's interesting you know you think about network data as a concept or data in general it's kind of got the same concepts we've seen in networking and/or cloud a control plane of some sorts out there and you know we're networking kind of went wrong as the management plane was different than the control plane so management and control or huge issues I mean you bring up this sprawl of data these companies are data full it's not like hey we might have data in the future right they got data now they're like bursting with data one what's the control plane look like what's the management plane look like these are all there's a technical concepts but with that with that in mind this is a big problem what our company is doing right now what are what are some of the steps that are taking now to get a handle on the management the data management it's not just your grandfather's data management so we anymore it's different it looks different your thoughts on on this chain of management so they're approaching the problem now and that's our sweet spot but I don't think they have in their minds yet come to exactly how to solve it it's there's this realization about we need to do this at this point and and and in fact doing it right is something that our founders when they built Lee said look if this problem of data management across big data needs to be solved by a data we're platform built on big data so let's use big data techniques to solve the problem all right so let's before getting some of the solution you guys are doing take a minute to explain what you guys are doing for the company the mission you know the value proposition status what do you guys do how are people gonna consume your product I mean take a particular type gen simple elevator pitch and we were enterprise data management focused specific than had you been no sequel so everyone's familiar with the traditional space of data management in the relational space relational world very large market very mature market well we're tapping into is what John was just saying which is you've got this proliferation but Dupin no sequel and people are hitting the wall they're hitting the ceiling because they don't have the same level of operational tools that they need to be able to mainstream these deployments whether it's data protection whether it's orchestration whether it's migration whatever the case may be so what we do that's essentially our value prophecy at a management for a Dupin no sequel we help organizations essentially drive that control plane really around three buckets data protection if it's business critical I got to protect it okay disaster recovery falls into protection bucket good old stuff everyone's familiar with but not in Hadoop in no single space orchestrations the second big bucket for us which is I'm moving to an agile development model how do i do things like automated test dev how do i do things like GD are the compliance management how do i do things like cloud migration you tut you know john touched on this one before a really interesting trend that we're seeing is you said what are customers doing they're trying to create a unified taxonomy they're trying to create a unified data strategy which is why 26 people end up in the but in lieu of that there's this huge opportunity because of what they need they know that it's got to be protected and they have 12 different platforms and they also want to be able to do things like one Cosmo I'm on go today but I'll be cosmos tomorrow I'm a dupe today but I might be HD inside tomorrow I want to just move from one to the other I want to be able to do intelligence so essentially the problem that we solve is we give them that agility and we give them that protection as they're sort of figuring this all out so we have this right you basically come in and say look it you can have whatever platform you want for your day there whether it's Hadoop and with most equals get unstructured and structured data together which makes sense but protections specifically does it have to morph and get swapped out based upon a decision correct make well now we're focused specifically Hadoop and no sequel so we would not be playing like if you we're not the 21st vendor to be helping s AP and Oracle you know customers backup their data it's basically if your Hadoop renewal sequel that's the platform regardless of what Hadoop distribution you're doing or where it's no see you know change out your piece what they do as they evolve and are correct I feel exactly right you're filling white space right because when this whole movement started it was like you were saying commodity Hardware yeah and you had this this idea of pushing code to data and oh hey his life is so easy and all of a sudden there's no governance there's no data protection no business continuity is all his enterprise stuff I didn't you heard for a long time people were gonna bring enterprise grade to Hadoop but they really didn't focus on the data protection space correct or the orchestra either was in those buckets and you touch them just the last piece of that puzzle value wise is on the machine learning piece yeah we do protection we do orchestration and we're bringing machine learning to bear to automate protection what amazing we hear a lot and that's a huge concern because the HDFS clusters need to talk speech out there right so there's a lot of nuances and Hadoop that are great but also can create headache from a user human standpoint because you need exact errors can get folded I gotta write scripts it creates a huge problem on multiple fronts the whole notion of being eventually being clustered in the first base being eventually consistent in the second place it creates a huge opportunity for us because this notion of being a legs we get the question asked the question why well you know there are a lot of traditional vendors they're just getting into the space and then what do that that's actually good because it rises you know rises all boats if you will because we think we've got a pretty significant technology mode around our ability to provide protection orchestration for eventually consistent clustered environments which is radically different than the traditional I love the story about the 26 people showing them me take me through what happened because that's kind of like what your jonquil fishbowl what do they do it they sit in their auditing they take a node so they really raising their hand they peppering you with questions what what happened in that meeting tell us so so it's an interesting microcosm what's happening in these organizations because as the various divisions and kind of like the federated IT structure started building their own stuff and I think the cloud enabled that it's like you know basically giving a the middle finger to central IT and so I can do all this stuff myself and then the organization gets to this realization of like no we need a central way to approach data management so in this meeting basically so we had an initial meeting with a couple of senior people and said we are we are going about consolidating how we manage all this data across all these platforms we want you to come in and present so when we presented there was a lot of engagement a lot of questions you could also see people still though there's an element of I want to protect my world and so this organizational dynamic plays out but you know when you're at a fortune 50 company and data is everything there's the central control starts to assert itself again and that's what we saw in this because the consequences of not addressing it is what is potentially massive data you know data loss loss of millions hundreds of millions of dollars you know data is the gold now right is the new oil so the central organizations are starting to assert that so we say that see that playing out and that's why all these people were in this meeting which is good in a way because then we're not like okay we got to sell ten different groups or ten different organizations it's actually being so there's there's kind of this pull back to the center it's happened in the no sequel world of your perspectives on this I mean early on you had guys like Mongo took off because it was so simple to use and capture unstructured data and now you're hearing everybody's talking about you know acid compliance and enterprise you know great capabilities that's got to be a tailwind for you guys could you bring it in the data protection and orchestration component but yeah what do you see it in that world what do you guys support today and maybe give us a glimpse of the future sure so that what we see as well a couple different things we are we are agnostic to the databases in the sense that we are definitely in Switzerland we were we you know we support all commerce so it's you know it's follow the follow the follow of the market share if you will Cassandra Mongo couch data stacks right on down the line on the no sequel side and what's interesting so they have very there have all varying degrees of maturity in terms of what their enterprise capabilities are some of them offer sort of rudimentary backup type stuff some fancy they have more backup versus others but at the end of the day you know their core differentiation they each it's fascinating to each have sort of a unique value prop in terms of what they're good at so it's a very fragmented market so that's a challenge that's an opportunity for us but it's a challenge from a marketplace networkers they've got to carve out there they all want the biggest slice of the pie but it's very fragmented because each of them is good at doing something slightly different yeah okay and so that like the the situation described before is they've got yes so you got one of everything yeah so they've got 19 different backup and recovery right coordinate processes approach or the or nothing or scripting law so that they do have to they've got a zillion steps associated with that and they're all scripted and so their probability of a failure you know very you drop a mirror that's a human error to is another problem and you use the word tailwind and I think that's very appropriate because with most of these vendors they're there they've got their hands full just moving their database features forward right you know where the engagement so when we can come in and actually help them with a customer who's now like okay great thank you database platform what do you do for backup well we have a rudimentary thing we should belong with it but there is one of our partners a manas who can provide these like robust enterprise it really helps them so with some of those vendors were actually a lot of partner traction because they see it's like that's not what their their strength is and they got to focus on moving their database so I'll give you some stats I'm writing a piece right now a traditional enterprise back in recovery but I wonder if you could comment on how it applies to your world so these are these are research that David flora did and some survey work that we've done on average of global 2000 organizations will have 50 to 80 steps associated with its backup and recovery processes and they're generally automated with scripts which of course a fragile yeah right and their prefer own to era and it's basically because of all this complexity there's a 1 in 4 chance of encountering an error on recovery which is obviously going to lead to longer outages and you know if you look at I mean the average cost the downtime for a typical global global 2000 companies between 75 thousand and two hundred fifteen thousand dollars an hour right now I don't know is your world because it's data it's all digitally the worst built as a source is it probably higher end of the spectrum all those numbers go AHA all those numbers go up and here's why all those metrics tie back to a monolithic architecture the world is now micro services based apps and you're running these applications in clusters and distributor architectures drop a note which is common I mean think you know you're talking about you're talking about commodity hardware to come out of the infrastructure it's completely normal to drop notes drops off you just add one back in everything keeps going on if your script expects five nodes and now there's four everything goes sideways so the probability I would I don't have the same stats back but it's worse because the the likelihood of error based upon configuration changes something as simple as that and you said micro-services was interesting to is is that now is it just a data lake kind of idea of storing data and a new cluster with microservices now you're having data that's an input to another app check so now so that the level of outage 7so mole severity is multiple because there could be a revenue-generating app at good young some sort of recommendation engine for e-commerce or something yeah something that's important like sorry you can't get your bank balance right now can't you any transfers because the hadoo closes down okay this is pretty big yes so it's a little bit different than say oh well to have a guy go out there and add a new server maybe a little bit different yeah and this is the you know this is the type of those are the types of stats that organizations that we're talking to now are caring a lot more it speaks to the market maturity do you run into the problem of you know it's insurance yeah and so they don't want to pay for insurance but a big theme in that you know the traditional enterprises how do we get more out of this data whether it's helping manage you know this I guess where that that's where your orchestration comes in cloud management maybe cloud migration maybe talk about some of the non insurance value add to our components and how that's resonating with with cost yeah yeah I so I'll jump in but the yeah the non protection stuff the orchestration bucket we're actually seeing it comes back to the to the problem sting we just said before which is they don't have it's not a monolithic stack it's a micro services based stack they've got multiple data sources they've got multiple data types it's sort of a it's the it's the byproduct of essentially putting power into into divisions hands to drive these different data strategies so you know the whole cloud let me double click on cloud migrations is a is a huge value problem that we have we talked about this notion of being data where so the ability to I'm here today but I want to be somewhere else tomorrow is a very strong operational argument that we hear from customers that we also also hear from the SI community because they hear it from the other community the other piece of that puzzle is you also hear that from the cloud folks because you've got multiple data for platforms that you're dealing with that you need agility to move around and the second piece is you've got the cloud obviously there's a massive migration to the cloud particularly with the dubidouxs sequel workloads so how do I streamline that process how do I provide the agility to be able to go from point A to point B just from of migration standpoint so that's a very very important use case for us has a lot of strategic value like it's coming it's sort of the markets talking to us like no no no we have this is him but we have to be able to do this and then simple things like not simple but you know automated test step is a big deal for us everybody's moved agile development so they want to spin up you know I don't want it I don't want to basically I want 10% of my data set I want to mask out my PII data I want to spin it up on Azure and I want to do that automatically every hour because I'm gonna run 16 I'm gonna run six builds today clouds certainly accelerates your opportunity big-time it forces everything to the table right yeah everybody's you can't hide anymore right what are you gonna do right you gotta answer the questions these are the questions so okay my final question I want to get on the table is for you in the segment is the product strategy how you guys looking at as an assassin gonna be software on premise cloud how's that look at how people consume the OP the offering and to opportunities because you guys are a young growing company you're kind of good good time you don't have the dog'll or the bagging it's Hadoop has changed a lot certainly there's a use case that neurons getting behind but clouds now a factor that product strategy and then when you're in deal why are you being called in why would someone want to call you rotor signs that would say you know call you guys up when with it when would a customer see signals and what signals would that be and to give you guys a ring or a digital connection product so the primary use cases are talking about recovery there's also data migration and the test step we have a big account right now that we're in final negotiations with where their primary use case is they're they're in health care and it's all about privacy and they need to securely mask and subset the data to your specific question around how are we getting called in basically you've got two things you've got the the administrators either the database architect or the IT or infrastructure people who are saying okay I need a backup solution I'm at a point now where I really need to protect my data as one and then there's this other track which is these higher-level strategic discussions where we're called in like the twenty six person meeting it's like okay we need an enterprise-wide data strategy so we're kind of attacking it both at the use case and at the higher level strategic and and and obviously the more we can drive that strategic discussion and get more of people wanting to talk to us about that that's gonna be better for our business and the stakeholders in that strategic discussion or whomever CIT is involved CIO maybe use their chief data officer and yeah database architect enterprise architecture head of enterprise architecture you know various flavors but you basically it kind of ways comes down to like two polls there's somebody who's kind of owns infrastructure and then there's somebody who kind of owns the data so it could be a chief data officer data architect or whatever depending on the scale of your and they're calling you because they're full they had to move the production workloads or they have production workloads that are from a bond from what uncared-for undershirt or is that the main reason they're in pain or you're the aspirin are you more others like we had a day loss and we didn't have any point in time recovery and that's what you guys provide so we don't want to go through this again so that's that's a huge impetus for us it is all about to your point it is mature its production workloads I mean the simple qualifying are you are you running a duper no sequel yes are you running in production yes you have a backup strategy sort of tip of the spear now to just briefly answer your question before we before we run out of time so it's an it's it's not a SAS basement we're software-defined solution will run in bare mantle running VMs will run in the cloud as your Google whatever you want to run on so we run anywhere you want we're sorry for be fine we use any storage that you want and basically it's an annual subscription base so it's not a SAS consumption model that may come down the road but it's basically in a license that you buy deploy it wherever you want customers choose what to do basically customers can do you know it's complete flexible flexible but back to you so let's go back to something you said you said they didn't have a point in time recovery what their point in time recovery was their last full backup or they just didn't have one or they just didn't have one all of the above you know see we've seen both yeah there's a market maturity issues so it's represented yeah you know that a lot its clustered I you know I just replicate my data and replication is not earth and truth be told my old company that was our approach we had a script but still it was like and the key thing is even if you write that script as you point out before the whole recovery thing so you know having a recovery sandbox is really in thing about this we designed everything exactly extract the value and show the use case prove it out yeah dupes real the history is repeating itself in that regard if you refuel a tional space there's a very in correlation to the Delton between the database platforms of the data mention logical hence they are involved coming in okay let's look at this in the big picture let's dad what's the recovery strategy how we gonna scale this exactly it's just a product Carson so your granularity for a point in time is you offer any point in time any point in time is varying and we'll have more news on that in the next couple weeks okay mantas data here inside the cube hot new startup growing companies really solving a real need need in the marketplace you're kind of an aspirant today but you know growth opportunity for as they scale up so congratulations good luck with the opportunity to secure bringing you live coverage here is part of Cuban YC our ninth year covering the big data ecosystem starting originally 2010 with a dupe world now it's a machine learning Hadoop clusters going at the production guys thanks for coming I really appreciate it this is the cube thanks for watching day one we'll be here all day tomorrow stay with us for more tomorrow be right back tomorrow I'll see you tomorrow