>> Announcer: From theCUBE studios in Palo Alto and Boston, connecting with thought leaders all around the world, this is a CUBE Conversation. >> Hi everybody, this is Dave Vellante, and back in 2013, when it was becoming pretty obvious that the cloud was going to have a major impact on our industry, the IT industry, I wrote at the time that the way incumbents were going to have to compete was to really go into vertical markets and build ecosystems for their own clouds, and that's exactly what IBM did late last year, when it announced a major partnership with Bank of America in the financial services cloud, and guess what, Hillery Hunter is back in the house, she's the vice president and CTO of the IBM cloud, and an IBM fellow, Hillery, great to see you again, thanks for coming back on. >> Thanks so much for having me again, always a pleasure to be here. >> So we had an awesome conversation, I think we got into the FS cloud a little bit, but as I was saying, you guys announced last year, Bank of America, but let me start here. Why does the industry need a financial services cloud? >> Yeah, you know, it's key that we ground ourselves in that question of why a financial services cloud, and I think it really goes back to the sensitivity of the workloads and the data that that industry stewards. The financial services industry stewards the data of millions and millions of customers, and they are heavily regulated because of that, and they handle very high value transactions, and being able to take that context and translate that into what does it mean to do high value transactions, sensitive data, consumer data computing, also with all those benefits of elasticity and the value proposition of different deployment locations, is really what financial cloud is about. And those needs of that industry are a little bit different, the regulations are higher, the bar and data protection is higher, and the need to interlock across workload characteristics and the cloud deployment is a bit different. And so, we are bringing what we know about that industry to bear in the context also of cloud computing. >> Okay, so you're making some new announcements, there's some hard news here, but I want to know, if you're an executive, or business leader in the financial services industry, what's in it for me in these announcements? >> Yeah, what's in it for you is that we are moving into the next phase of financial services cloud in making the policy framework that has been developed through an enormous amount of work available to additional industry participants, and we're also moving into a phase of global expansion, and so being able to take this value proposition of an end to end considered secure and confine environment for financial services, out to more players in the industry, out to additional geographies and deployment locations, it's an exciting moment because everyone's really not looking just for a cloud, but they're looking for a choice of deployment locations, they're looking to move more workload to the cloud, and this is really about providing a cloud solution that more workload can move to, not just the first couple phases of analytics and things like that, but also moving into more transformation of the core of banking and the core of banking business, so it is about getting more workload to the cloud, getting that done faster, and getting it done at a net improved security and compliance posture. >> Got it, so I want to ask you about some learnings, now you're the double whammy of learnings here. When you announced the collaboration with B of A, obviously one of the top banks of the world, you've obviously made some progress since then, but the other part of that whammy was COVID. So what did you learn from the collaboration with B of A, and have you guys, how have you expanded your thinking BC, from before COVID, versus AC, after COVID? >> Yeah, you know, the initial motivation for this program was about having trust and transparency in public cloud, and having a public cloud suited also to sensitive and even core banking workloads. We have seen this conversation and the need for it and the urgency for it only pick up since COVID. A lot of things in the world kind of took a pause, but cloud computing really accelerated. We're seeing that businesses need to digitally transform their banking, so core banking transformation is a very hot topic. They need to deal with elasticity, we worked with banks during COVID that were having to suddenly stand up their national equivalent of the Payroll Protection Program. Banks that had to suddenly have three times the elasticity, because all of a sudden consumers were interacting with them purely digitally. And cloud can enable all of those kind of things, and so COVID has really accelerated the motivation toward banking in the cloud, and also toward core banking transformation, which is at the heart of setting a very high security bar in public cloud, to be able to also enable those kind of workloads. >> Yeah, so many changes as a result of COVID, I mean the volume of loans, like you said, everything was digital. I know a lot of older people that always still like to go into the bank, that like to see people, and they knew people and people knew them, well they had no choice but to go digital, so that's huge, if you didn't have a digital solution, and cloud is fundamental in that equation. But let's get into it a little bit more. We talked a little about this at IBM Think, but what are the key attributes that make the IBM financial services cloud suitable for financial services, is it the certifications, I wonder if you could add some color there. >> Yeah, so the key elements of the financial services cloud program are number one, a policy framework, which is a set of controls that are customized to the financial services industry, so this isn't about some existing standard, this is a customization of controls and security for the financial services industry, and that's a major element of what we're announcing right now. In addition to the policy framework is also the way that the different elements of the industry and of regulatory expertise are coming together, so this cloud, and these public cloud offerings, were co-developed and co-designed with IBM Promontory, with IBM Security Services that work with banks, with our anchor partner, and moving forward, we'll be advised by an advisory council of CSOs who have that day to day experience with security and with regulations. And so that is also a very unique context for not this being just a point in time with a policy framework, but being an ongoing initiative that will stay up to date, as security concerns and as regulatory concerns change. And the third aspect is a really unique set of technologies that make all of that possible, so you have to define how the cloud is going to be secure, and then you have to actually do it, and the unique capabilities that we have in IBM public cloud that have enabled this program include a number of things, but amongst them, the industry's highest standard for data protection, with our FIPS-140-2 Level 4 based key protect service, it includes capabilities that we'll be releasing through our acquisition of Spanugo around cloud security and compliance posture management, mapped back to that context of financial services. And so it's really three things, it's a policy framework custom and optimized for the financial services industry, the forward evolution of that through industry expertise, and participation of multi parties in that, and then core technologies that enable folks to accomplish that security posture through data protection, through cloud security posture management, et cetera. >> I forgot about the Promontory, you guys made that acquisition several years ago, that's a nice little feature of the FS cloud. But I want to ask, how hard is it to get these certifications? I mean it's obviously not a layup. Lot of work, lot of time, my reason of my question, is this a moat for you, as you guys start to scale? How difficult is it? >> Yeah, so we have been putting in the time and effort, and so that's why this is an exciting moment for us with the initial work product of this effort. And so our intention really is not for that to be a moat, but for us having traversed the moat, to now have a bridge there through the methodology that we built, through the control framework that we built, for others to now get across that moat. And so this is really about taking what is an extensive amount of work, and an extensive amount of expertise, IBM Promontory, you just mentioned, but they monitor over 70 regulatory obligations in over 20 jurisdictions globally, right? I mean this is a tremendous depth of expertise, and so having crossed the moat, and having built the bridge across it, this is where we can then help others to save time in this process of adopting public cloud for further workloads. >> You've mentioned workloads, you've talked about core financial workloads, but maybe give us a little insight on what type of workloads are the most suitable for the financial services cloud, because let's face it, most of the hardcore mission-critical workloads haven't moved, actually probably none of 'em have moved to the cloud, you kind of referenced that before. Ginni Rometty talks about that all the time. But what are the right workload strategic fits for your cloud? >> Yeah, you know you mentioned Ginni Rometty, and so I'll take a quick note there from some of the language that you'll hear her use, she talks about, there was chapter one of the cloud journey, and stuff that was on less sensitive data, analytics, some things on public information, were certainly done, also in finance and also in regulated industries in the cloud. And she talks about chapter two, chapter two being mission-critical workloads. And this program really is the definition of chapter two for the financial services industry. It is the enabling expertise, the enabling control set, the enabling security technologies, the enabling cloud services, for that chapter two, right, for that next layer of adoption of things that had been kept behind the firewall, had been kept in a private cloud context, can now be considered also for public cloud. And so easing that adoption, streamlining that process, et cetera, is really what we're looking to accomplish. >> I mean obviously IBM, huge presence in the banking community, is this really for just big banks? What about the ecosystem, what do you got in there for ISVs and SaaS providers? >> Yeah, you know, you asked me a question at the beginning here about COVID and what's happened, and I think, the transformation of ISV providers to become SaaS providers, the expansion of their capabilities being needed in payments and digital client experiences and such, also for regionals and second and third tier banking institutions and such, is as much of what is happening right now as anything else, amongst the first tiers, because there's just as much pressure for transformation and digital consumer experience, and other things like that, also in the regionals and second and third tiers. So part of our announcement is around the ecosystem of partners that we have now for the financial services cloud program. And that includes ISVs and SaaS providers that are servicing many different types of needs of institutions large and small, so we're seeing those that are servicing core banking, and payments, those that are servicing analytics use cases for this industry, and even HR function, just because of that concern about stewarding data well for these industries and those first tier banks, and so that transition to digital, that drive to infuse AI capabilities, the need to transform core banking, is something that's very much also happening within the ISV and SaaS providers, and we're thrilled with the wide variety of partner base that we're seeing develop there within our ecosystem for this program. >> I was talking to a CIO friend of mine several years ago, and he said to me, "You know, this idea of lifting and shifting, "it's fine, you get little cost savings, maybe, "but unless you change your operating model "and you drive an innovation agenda, "you really aren't going to get the type "of telephone number returns from cloud "that you would want or expect." So my question is around innovation, and we've said many times in theCUBE that the new innovation cocktail, it's not Moore's law anymore, it's the combination of data applying machine intelligence and then the cloud, and the reason why the cloud is important is scale, okay, there's maybe a little bit of cost as well, but it's also innovation. It's the ability to attract people into an ecosystem, and that resonates with line of business. If your cloud is just about making IT's life better, well that's nice, but what's in this announcement and in this initiative for the line of business? >> Yeah, it is all about the workloads. I always say that to me the cloud journey is about, number one your platform, which is the thing onto which you modernize. It is what are you going to get out of moving to containers, what are you going to get out of moving to microservices, how does that help all of those cloud metrics that you mentioned? But number two, it's about the workload, right, which workloads are we talking about, how will they deliver, how will those workloads be able to because of cloud deliver not just TCO but improvement in customer experience, how will those workloads be able to meet elasticity, resiliency, cybersecurity concerns, changes in the way the workforce is working these days, et cetera. And from the line of business perspective, there is a tremendous need to consume, for example, fintech-based innovation. But a lot of folks have struggled to move past POCs because of concerns about security and compliance, for those deployment scenarios, and so being able to bring the ISVs and SaaS providers, and then also fintechs into an ecosystem with a prescriptive and proactive security and compliance context is really what we're all about here. And that will enable a flourishing of adoption of innovation. >> You know, I always love to talk about the competition on these episodes. But I want to ask differentiation, how different is this, can I just go to any cloud supplier and get this, will I eventually be able to, what's IBM's differentiation, Hillery? >> Yeah, so you want to think of it that, in financial services, you are concerned, and you have to be concerned about everything. You have to be concerned about things into the details of the cloud itself, you have to be concerned about things that are related to the behavior and the permissions of your developers in that environment. Financial services cloud really has to be an end to end, soup to nuts conversation, and so this is a program of our public cloud, where end to end, we can stand behind and provide trust and resiliency and this policy framework, end to end within an environment that can be trusted for mission-critical workload. And so when we look at differentiation, our investments are in bringing together IBM's expertise all the way going back to regulations and security consulting that we've been doing for decades in this industry, applying that to that cloud context, taking capabilities that are developed all the way down into the transistors, investments we've made even into the silicon around how cryptography is done, bringing that into the cloud context. And so having brought those things together into our public cloud context, that's how we're able to solution this in a different way, because it really is end to end about the expertise, from all of that regulatory advising, that security context, all the way down into the silicon and the transistors, and I think that's a very unique value proposition, as a cloud provider, it's a tremendous opportunity for us to bring together those pieces. And to continue to be a trusted partner to these companies that we have long been a trusted partner of. >> Now of course you guys have a relationship with VMware, you were the first, actually, to announce a VMware cloud relationship. And so let's say, okay, I got some VMware workloads, I move 'em into your FS cloud. Make sure that I've got the security and compliance checked. Six months down the road, so I've done that sort of first step, what's next for me, is that the end, or are there other things on my journey? >> Yeah, so absolutely, I mean VMware is part of what we are solution financial services clients to, but also cloud-native, and OpenShift, containerization, that modernization journey, is an ongoing journey for everyone, and so to your point of what's next, we're seeing a continual conversation of balancing lift and shift and modernization across workloads, and there are different reasons at different points in time, for people to consider that. I think the key is that they trust where they are taking that data, and whatever the form is that the workload goes, it needs to be in the context of that trust around the data in a security context, and so we're absolutely seeing everything, honestly, from financial services institutions looking to engage with us, also in our new research innovation lab, where we're engaging directly with financial services clients that are trying to work through this differentiation, is it virtualization, is it containerization, is it even serverless? What is the right and most effective balance of how workloads are programmed and run for the next generation of banking. >> You know, Hillery, I've been doing a lot of interviews in the last decade, and it's been interesting to see the ascendancy of cloud, of course, but also the change in perception, particularly in financial services, in the early days of cloud, cloud was an evil word. The C that should not be named. And so I want to understand if I'm, and of course COVID has also changed the perception, because if you weren't digital and you didn't have cloud, you couldn't really transact businesses as well, you didn't have that business resiliency. So, what if I'm a financial services person now, okay, I'm through the knothole, I want to get started, where do I start? >> Yeah, well call us first, but past that, I think that the conversations, the first conversations that we're having with our clients are, number one, do you have an architecture? So is cloud not just a place, like I like to say, but is cloud a plan, is there an architectural plan to enable you to have consistency, for example, in your developer experience between your private cloud environment and your public cloud environment? Architecturally are there those foundational choices around common services about being able to deploy capabilities in one location, and develop them in another, et cetera. All those value propositions of what we have been creating around OpenShift and Cloud Paks in our public cloud, and consistency across different environments and such, I think that's the first thing to start with is architecting a cloud, not accidental usage of multiple environments, but architecting use of multiple environments. And then I think the second conversation is to make a security and compliance plan that is going to be robust enough to withstand even the intense scrutiny of a regulated industry CCO and risk team, and so that's the other foundational conversation that we're having with our clients, and helping them with, so we can provide services and reference architectures, and all that other kind of thing, to enable them to stabilize planning on both fronts, both architecturally for what cloud means in its entirety, not just a cloud, but in its entirety, all clouds, multicloud, hybrid cloud, et cetera. And then secondly, then, a comprehensive security plan for that public cloud choice, and that's what we're really locking down with this policy framework, is bringing standardization on that for public cloud. >> Well, lot of innovation for the financial services community, which is again your wheelhouse. I wrote a piece right around Think that IBM's future rests on its innovation agenda, and I'm glad you brought up the notion of private, public, and then the whole hybrid thing, because I see OpenShift as a key, and RedHat as a key enabler of that across whether it's cloud, on-prem, edge, across multiple clouds. That's an ambitious agenda, as somebody who's responsible for cloud. That is something that is real innovation, and really differentiable I think, in the marketplace, and probably pretty expensive to build out across all those different platforms. >> Yeah, it is, but I think on the word innovation, my mind, as an IBMer, goes to the IBM research division. Thousands of researchers globally, and they've very much been a part of this journey with us. The journey with us on containerization, the journey on workload modernization from monolith to microservices, the journey of our public cloud, and now also very much a part of our work in financial services, so our research division is this incredible gift and asset that we have, that is working with us also on our cloud security and compliance posture management, that security and compliance control center that we're talking about in this announcement, et cetera, and so them being a part of this innovation stream for us is a really exciting part, again, of bringing together all these different pieces that IBM has to offer in this space to make it all stack up, to be a cloud for financial services. >> I got a couple of little housekeeping items before we close here. This is announced for the US first, right? What about other regions, first of all, is that correct, and what about other regions? >> That's correct, and we are also announcing additional participation of global banking partners as well in this announcement. And so this is also again our initial public statement of our expansion past the US. >> Last question, so just give us a glimpse of the future, where do you want to be in a few years, thinking about let's say three years down the road, what's that outcome look like? >> Yeah, you know I think that three years from now, we would love to see that people are able to make a decision, going back to your question about the line of business owners, make a decision about what they're trying to accomplish with a workload, and not be held back by security and compliance concerns in terms of putting that workload where it needs to be, where it will be most efficient, and where it can be embraced by a set of cloud capabilities that enable it to move in a competitive pace forward, infusing AI into everything that is done. Leveraging the latest in technologies, and serverless computing and all these other kind of things that can facilitate a line of business delivering more value so that cloud really continues, but also realizes its promises in that chapter two version of the story, also for regulated industries and also for their mission-critical workloads. >> Well Hillery, good luck with this, I mean congratulations on the progress that you've made, really since you guys announced this late last year, and really excited to see this start to take off, and you're a great guest, love having you on, thank you so much. >> Thanks so much for having me, pleasure talking to you as always. >> All right, cheers. And thank you everybody for watching, this is Dave Vellante for theCUBE, and we'll see you next time. (calm music)

>> Narrator: From theCUBE studios in Palo Alto and Boston, it's theCUBE, covering IBM Think. Brought to you by IBM. >> All right everybody welcome back to theCUBE's continuous coverage of IBM Think 2020. It's digital event experience, my name is Dave Vellante, Aki Duvvur's here, he's the vice president of the IBM public cloud. Aki great to see you, thanks for coming on, hope you're safe and-- >> Hey Dave, Thanks for having us on. We're as safe as can be, appreciate it. >> Yeah, so your background is really interesting, your heading IBM cloud now, you got a CTO background, you been in sales, that's interesting to me because it gave you an opportunity to really try to understand the product market fit, if you will, from the customers point of view. But how did that shape your thinking about cloud generally and specifically where you're at today. >> Hey, great question Dave. So I'll tell you from my technology background it really gave me a good appreciation for how applications get built, from everything from the infrastructure all the way up and through the application itself. To all of the criticality around how those applications need to be built, how they need to be made highly available. With business continuance in mind, which is exactly what we're trying to do at scale right now from a public crown perspective, out from an architectural first principles perspective. And then I would say from a sales perspective it gave me a sense of speed and clarity of vision. In terms of just how you have to be very net in terms of the value proposition that you bring forward to a client and how you position the public cloud at large. So those two items or backgrounds have brought me full circle into my product role today and allow me to work with a sense of urgency for our clients and their journeys and their complex transformation as we build a cloud that is very enterprise centric to support their mission critical workload. >> I want to follow up with that. So I mean the traditional approach to developing enterprise apps, you walk inside any large financial institution and a healthcare, pharma, et cetera and you would have very much a waterfall approach. Understand the requirements, you'd have a development team, you'd have an operations team, they'd throw the code over the fence, they'd throw it back. Ah your code doesn't work, well it did when I sent it to you. And the cloud has really changed all that, hasn't it? And so now you're moving much faster, you're doing agile, how do you see that applying to sort of the traditional IBM base, is it being embraced? How is it being embraced? Is it different from other approaches? I wonder if you could address that. >> I think it's a transformation for the entire company, and when I say journey to cloud it really is around not just the public cloud as a destination but it's the entire hybrid approach that we have to take in delivering those applications you just alluded to. They're pretty much the mission critical heart of the enterprise, so it's a transformation from a public cloud perspective, it's a transformation from how our services schemes engage with our clients, how we migrate, how we modernize, how we take that middleware stack and we convert it into containerized software that we can actually leverage and deploy in the public cloud as part of this transformation,. So really it's a reinvention of not just the way our customers interact with the public cloud, but the way that we as a public cloud provider and a services provider can react and give our clients the best value across that entire hybrid transformation. >> So one of the things that of course IBM executives stresses, we've heard Ginni talk about it, we hear Arvind talk about it, across the whole company you guys are aligned on this topic, only 20% of the workloads have moved to the cloud, it's the hard stuff that hasn't moved, IBM has stated you want to be the preferred supplier for all the really challenging, hybrid, workloads et cetera. So what I want to get to is how you're approaching that, is it a combination of using open technologies and it's going to, blending those with your very large software state, what's your kind of secret sauce around succeeding with that vision? >> That's a really good question, so they're kind of three pillars to our strategy. Number one is around open technologies, embracing open technologies and one of the things that we did very early on in our transformation, in fact back in 2017, before any other cloud provider focused on this, we re-based our entire public cloud on Kubernetes as the base. Not only for the way we deliver up-stack services, whether it's Watson, our IOT or other service, but also in the way that we deliver our IaaS. So our entire control plane is built on Kubernetes. That was a big bet that we made probably two years before everybody else in the industry sort of followed suit. And we are the only cloud provider today that has their entire cloud based on Kube. That was one pillar, the second pillar was around pervasive security, so it's ensuring that our client have the controls required to be able to deliver pervasive security, whether it's encryption and flight at rest or in motion, but also ensuring that they're the only one's that have access to their keys. So nobody else, not even the provider can decrypt their data in the public cloud. And then finally it's around enterprise capabilities, so as you talked about this other 80% of workloads, a lot of those apps are brittle workloads, so they have upstream and downstream connectivity that creates a lot of complexity and chatter in the application itself. So you've got to be able to support those workloads from a public cloud perspective so that there is none of that chattiness and you can actually deliver those applications in a way that they can, one, be moved into the public cloud and then later transformed into microservices and or into microservices directly as part of that transformation, so that middleware content et cetera, delivered as containers allows for a lot of that transformation of different aspects of the cloud. >> Know what, take us back to that bet that you made, So Kubernetes obviously for portability, the decision had to be made strategically that, yeah, just going to try to lock everybody into the IBM cloud. You're going to support multiple clouds, and in all fairness you kind of were later to the cloud game so that became part of your strategy, hybrid is obviously a piece of that, but you embraced that. Many cloud providers out there were late to embracing that or flat-out don't embrace that sort of multicloud approach. Security's kind of table stakes and we're going to get into that later but that enterprise apps piece is critical. Take us back to that Kubernetes decision. What was that, was that the strategy of being open cloud and multicloud, was it sort of a Red Hat angle, pre-Red Hat acquisition where you had affinity towards not only Linux but OCP, maybe you can talk about that. >> I think it's a combination of many things, in fact it predates Red Hat too in that, this was back in 2017, and fundamentally after Google open-sourced Kubernetes, one of the big, if you look at the way that the virtual server platforms back in the late 90s, early 2000s, one of the big challenges was around management of those BM's at scale. So very similarly we saw containers as being a very rapid approach to application deployment and really sort of merging that DevOps transformation that many of our clients were going through. So we said that this was a perfect vehicle to not only deliver applications at scale but also ensure all of the attributes of a public cloud, which are higher levels of availability, self-healing and scale-up, scale-downing, able to turn on more storage, more memory so you weren't tied into the physical boundaries of a typical virtual machine. That really allowed us to sort of break the paradigm a little bit in terms of our approach. And the bet paid off, because we have a significant, almost 20,000 production clusters running across our enterprise clients today, so pretty significant footprint just on Kube alone. >> Well I can say and it gives clients the opportunity to have portability, hedges their bets, gives them an exit strategy if in fact they want one, and it just seems like good business. What about Open Shift, how does that fit in there in regards to OCP? >> Well I think Open Shift is a perfect complement right now. So as we talk about the fact that we have a cloud built on Kubernetes. Open Shift becomes the engine that runs all of our capabilities now. So as we think about how we deliver our services, how we deliver common sources whether it's logging or monitoring identity and access, all of the governance and orchestration required around a Kube environment, Open Shift is a terrific solution to be able to provide that at scale. Not just for our clients as a first class deployment in the public cloud but also as a look and deploy on prem so that they have multi-model deployments here with perhaps their applications that are very sensitive, that have PHI data, that they want to control on prem, they have that approach and they have the ability to be able to support it. They also have the ability to take advantage of strangler patterns, so parts of the application that sit, run perhaps in an Open Shift environment in the on prem environment with other aspects of it being controlled, orchestrated and run in the public cloud on our Red Hate Open Shift Kubernetes service. So we've got all of those attributes and capabilities to support that hybrid and even multicloud deployment. >> What if we get, sort of dive into security. You've seen this sort of interesting divergent narrative in the industry. On the one hand you've had executives like Pat Gelsinger come out and say security is broken. On the other hand you had, for instance, the CISO of AWS, say no security in the clouds great. So if you're a customer who do you believe? And you talk to CISO's and they say look it, it's on us, this problem will never be solved, it's an ongoing challenge. But I wonder if you could give us IBM's point of view on security, cause you're on both sides. You got the cloud, you got on prem, you got a deep history in security going back to Rack-F on the mainframes and so I wonder if you can share with us your thoughts on that. >> Well I think security is table stake, and always been table stakes and now more so than ever, especially as we look at that other 80% that we talked about. These are revenue generating applications, they're mission critical and they have significant impact if they're down in any way, shape or form, especially if there's a security attack of some kind and there's a breach. You're talking about businesses completely going out, I mean they're basically bankrupt at that point. So it is table stakes. We have taken a very long strategic look at how we build security, from the chip all the way up into the security architecture and into memory as well. Ensuring that every sort of attack vector is locked down. We have our dedicated HSM's with the highest FIPS, compliance FIPS 140-2 level four. As I mentioned before, we allow for keep your own key and bring your own key, everybody does bring your own key but keep your own key is a clients ability to bring and mange their own key in the public cloud. So if anybody tries to tamper with it, that just gets locked down and there's no access that even the provider could have in terms of decrypting. We have to get rid of that dedicated HSM at that point. So it really puts the control on our clients and ensures that every aspect of their environment from profiles to templates, you had mentioned CICD pipeline before, it's ensuring that we have a shift-left strategy which is really Sec DevOps because it really allows for us to focus on security in every interaction from the start of how code gets integrated and deployed into the cloud. So ensuring that we have that entire end to end approach nailed down is pretty important to us. >> One thing that's key if you're a CISO you don't want to have different security protocols for on prem and the cloud, you want that sort of end to end approach. Now maybe that doesn't happen overnight but presumably that's kind of the vision is that kind of consistency because every CISO will tell you the lack of skills is our biggest challenge. So the last thing we need to do is learn just a whole 'nother environment, all new processes. How have you made progress in terms of that end to end experience? >> Well we've tried to make it completely cloud native. We've tried to make it very API orientated. So it's basically really simple for them to integrate into the cloud and take advantage of the CICD pipeline as I mentioned. So if you look at how we deliver our code from a tekton perspective and if you look at how we can do signed images in the registry, so ensuring that developers are only authorized to run the appropriate applications that they have permission for and that they can't leverage other assets or pools that they're not. So ensuring that role-based access control is very tightly knit, ensuring least privileged access as opposed to opening up and ensuring that everybody has all access all the time and then working your way down into least privileged access is critical. So it's those core first principles that you would leverage in an on prem environment and extending it into the public cloud so that it becomes a very translatable experience for our client. >> Okay, I want to push you a little bit. We started out with openness and you sort of laid down the gauntlet as we made the decision early on to be open. What if I'm a security practitioner, I say hey I like Cloud Stripe or I like Okta or I want to use Zscaler. Can I use those in your environment? How open are you to that type of approach? >> You absolutely can and you can integrate into our security dashboard. So the nice thing about it is you can leverage our capabilities that we have in the cloud, or you can leverage your third-party tools and you can integrate them so you have a single plane of glass and you always know who's accessing your systems, where they're accessing them from, did they succeed or did they fail. This is table stakes allowing integration for best of class and best of breed security technology is core. >> So you're obviously cloud guy, the more cloud, better for you personally, your group, whatever. But what's the business case for moving those mission critical workloads in the cloud. Former CTO, I'm sure you've had a lot of discussions with customers, hey, why not just leave it there put a brick wall around it. It ain't broke, why fix it? What's the business case that you're seeing for putting those workloads in the cloud. >> I think the current healthcare crisis we're in is probably proving out a lot of the challenges of managing a data center in traditional sense, number one. And I think if you think about just the innovation agenda that many of our clients have, they're kind of hand strung by all of the legacy technologies and sometimes monolithic architectures that they've got deployed. They're unable to break out of that because of the amount of cost and the amount of resource it takes to manage those environments today and keep a lot of end of life infrastructure running. And really the move to public cloud and being able to transform and modernize your workloads frees up a lot of that budget in innovation that you can start to infuse into driving new revenue streams from a company perspective. I think that is the critical aspect to it and I think the current crisis just proves out that clients that have built for scale, who've kind of gone in with a cloud first set of principles are actually well setup to be able to navigate some of the current challenges a little bit better than others. >> Yeah and I think, listening to you talk reminds me of a conversation I had probably 10 years ago with a former IBMer legend, Steve Mills who said to me, look we spend way too much money on IT labor and it's just not productive so automation is key, you can't scale without it. I talked earlier about the skills gap, automation is at least one part of that answer. Because people just, to your point, if you're spending money on, wasting it on labor that's not giving you differentiation, that's stealing from the innovation budget. >> Yeah, totally agree Dave. >> So give me the final word, what's your vision for the IBM public cloud, where do you see all this in three to five years? >> Well I think we're just at the tip of the iceberg right now when it comes to a lot of the complex (murmurs) applications that we talked about before, ERP applications, mission critical back office apps that haven't moved and I think we are very, very early in that journey. And I think we're positioned really well to capture and win that marketplace. I think we have the right solutions, we have the right sort of core principles. As I mentioned open and secure and enterprise grade, having a multi-platform approach to support our clients applications, being able to modernize and kind of walk them through this crawl, walk, run approach to how they transform into the public cloud. And having all of the service expertise, so we're not just this CSP but we're also an MSP and we have sense around handling complex workload. We've done that all through our existence and we feel like this is where this starts to get interesting for our clients now as they take these next steps and as you probably heard last year with our announcement of the FFS ready public cloud with Bank of America. We're trying to bring all that together in terms of how we meet our client and ensure that we can take care of their regulatory requirements, which continue to change as well regardless of industry. >> Well it's a multi-trillion dollar, trillion plus dollar opportunity that you guys are after. And you're in the cloud game, a lot of people tried and failed, IBM made it through that knot hole and now you're in a position to really compete and participate in that modernization of those workloads. We've done research that shows that a lot of this, especially for the hard to move workloads is about risk, and to the extent that you can maintain that compatibility if you will, between what's on prem and what's in the cloud. You dramatically de-risk the cloud move and the decision, so yeah, I think you're in a good spot. And I really appreciate you coming on theCUBE. >> Hey Dave, thanks for having me. Appreciate it. >> All right, our please Aki. This is Dave Vellante for theCUBE, this is our continuous coverage of IBM Think 2020, the digital event experience. We'll be right back right after this short break. You're watching theCUBE. (calming music)

(upbeat funk jazz music) >> Hello, and welcome to theCUBE Studios in Palo Alto, California for another CUBE Conversation, where we go in depth with thought leaders driving innovation across tech industry. I'm your host, Peter Burris. What does every CIO want to do? They want to support the business as it evolves and transforms, using data as that catalyst for better customer experience, improved operations, and more profitable options. But to do that we have to come up with a way of improving the underlying infrastructure that makes all this possible. We can't have a situation where we introduce more complex applications in response to richer business needs and have that translated into non-scalable underlying technology. CIOs in 2020 and beyond have to increasingly push their suppliers to make things simpler. And that's true in all domains, but perhaps especially storage, where the explosion of data is driving so many of these changes. So what does it mean to say that storage can be made more simple? Well to have that conversation we're going to be speaking with Eric Herzog, CMO and VP of Global Channels at IBM Storage, about, quite frankly, an announcement that IBM's doing to specifically address that question, making storage simpler. Eric, thanks very much for coming back to theCUBE. >> Great, thank you. We love to be here. >> All right, I know you got an announcement to talk about, but give us the update. What's going on with IBM Storage? >> Well, I think the big thing is, clients have told us, storage is too complex. We have a multitude of different platforms, an entry product, a mid-range product, a high-end product, then we have to traverse to the cloud. Why can't we get a simple, easy to use, but very robust feature set? So at IBM Storage with this FlashSystem announcement, we have a family that traverses entry, mid-range, enterprise and automatically can go out to a hybrid multicloud environment, all driven across a common platform, common API, common software, our award-winning Spectrum Virtualize, and innovative technologies around, whether it be cyber-resiliency, performance, incredible performance, ease of use, easier and easier to use. For example, we can do AI-based automated tiering from one flash array to another, or from storage class memory to flash. Innovation, at the same time driving better value out of the storage but not charging a lot of extra money for these features. In fact, our FlashSystems announcement, the platforms, depending on the configuration, can be as much as 50% lower than our previous generation. Now that's delivering value, but at the same time we added enhanced features, for example, the capability of even better container support than we already had in our older platform. Or our new FlashCore Modules that can deliver performance in a cluster of up to 17.2 million IOPS, up from our previous performance of 15. Yet, as I said before, delivering that enterprise value and those enterprise data services, in this case I think you said, depending on the config, up to as much as 50% less expensive than some of our previous generation products. >> So let me unpack that a little bit. So, historically, when you look at, or even today, when you look at how storage product lines are set up, they're typically set up for one footprint for the low end, one or more footprints in the mid-range, and then one or more footprints at the high-end. And those are differentiated by the characteristics of the technologies being employed, the function and services that are being offered, and the prices and financial arrangements that are part of it. Are you talking about, essentially, a common product line that is differentiated only by the configuration needs of the volume and workloads? >> Exactly. The FlashSystem traverses entry, mid-range, enterprise, and can automatically get you out to a hybrid multicloud environment, same APIs, same software, same management infrastructure. Our Storage Insights product, which is a could-based storage manager and predictive analytics, works on the entry product, at no charge, mid-range product at no charge, the enterprise product at no charge, and we've even added, in that solution, support for non-IBM platforms, again. So, delivering more value across a standard platform with a common API, a common software. Remember, today's storage is growing exponentially. Are the enterprise customers getting exponentially more storage admins? No. In fact, many of the big enterprises, after the downturn of '08 and '09 had to cut back on storage resources. They haven't hired back to how many storage resources they had in 2007 or '8. They've gotten back to full IT, but a lot of those guys are DevOps people or other functions, so, the storage admins and the IT infrastructure admins have to manage extra petabytes, extra exabytes depending on the type of company. So one platform that can do that and traverse out to the cloud automatically, gives you that innovation and that value. In fact, two of our competitors, just as example, do the same thing, have four platforms. Two other have three. We can do it with one. Simple platform, common API, common storage management, common interface, incredible performance, cyber-resiliency, but all built in something that's a common data management infrastructure with common data software, yet continuing to innovate as we've done with this release of the FlashSystem family. >> OK, so talk about the things that, common API, common software, also, I presume, common, the core module, that FlashCore Module that you have, common across the family as well? >> Almost all the family. At the very entry space we still do use interstandard SSDs but we can get as low as a street price for all-flash config of $16,000 for an all-flash array. Two, three years ago that would've been unheard of. And, by the way, it had six lines of availability, same software interface and API as a system that could go up to millions of dollars at the way high end, right? And anything in between. So common ease of use, common management, simple to manage, simple to deploy, simple to use, but not simple in the value proposition. Reduce the TCO, reduce the ROI, reduce the operational manpower, they're overtaxed as it is. So by making this across the portfolio with the FlashSystem and go out to the hybrid multicloud but bringing in all this high technology such as our FlashCore Modules and, as I said, at a reduced price to the previous generation. What more could you ask for? >> OK, so you've got some promises that you made in 2019 that you're also actually realizing. One of my favorite ones, something I think is pretty important, is storage class memory. Talk about how some of those 2019 promises are being realized in this announcement. >> So what we did is, when we announced our first FlashSystem family in 2018 using our new NVMe FlashCore Modules, we had an older FlashSystem family for several years that used, you know, the standard SaaS interface. But our first NVMe product was announced in the summer of 2018. At that time we said, all the way back then, that in early '20 we would be start shipping storage class memory. Now, by the way, those FlashSystems NVMe products that we announced back then, actually can still use storage class memory, so, we're protecting the investment of our installed base. Again, innovation with value on the installed base. >> A very IBM thing to do. >> Yes, we want to take care of the installed base, we also want to have new modern technologies, like storage class memory, like improved performance and capacity in our FlashCore Modules where we take off the shelf Flash and create our own modules. Seven year media warranty, up to 17.2 million IOPS, 17 mites of latency, which is 30% better than our next nearest competitor. By the way, we can create a 17 million IOP config in only eight rack U. One of our competitors gets close, 15 million, but it takes them 40 rack U. Again, operational manpower, 40 rack U's harder to manage, simplicity of deployment, it's harder to deploy all that in 40 rack U, we can do it in eight. >> And pricing. >> Yes. And we've even brought out now, a preconfigured rack. So what we call the FlashSystem 9200R built into the rack with a switching infrastructure, with the storage you need, IBM services will deploy it for you, that's part of the deal, and you can create big solutions that can scale dramatically. >> Now R stands for hybrid? >> Rack. >> Rack. Well talk to me about some of the hybrid packaging that you're bringing out for hybrid cloud. >> Sure, so, from a hybrid cloud perspective, our Spectrum Virtualize software, which sits on-prem, entry, mid-range and at the upper end, can traverse to a cloud called Spectrum Virtualize for Cloud. Now, one of the keys things of Spectrum Virtualize, both on-prem and our cloud version, is it supports not only IBM arrays, but through a storage virtualisation technology, over 450 arrays from multi-vendors, and in short our competition. So we can take our arrays, and automatically go out to the cloud. We can do a lot of things. Cloud air gapping, to help with malware and ransonware protection, DR, snapshots and replicas. Not only can the new FlashSystem family do that, to Spectrum Virtualize on-prem and then out, but Spectrum Virtualize coming on our FlashSystem portfolio can actually virtualize non-IBM arrays and give them the same enterprise functionality and in this case, hybrid cloud technology, not only for us, but for our competitors products as well. One user interface. Now talk about simple. Our own products, again one family, entry, mid-range and enterprise traversing the cloud. And by the way, for those of you who are heterogeneous, we can deliver those enterprise class services, including going out to a hybrid multi-cloud configuration, for our competitors products as well. One user interface, one throat to choke, one support infrastructure with our Storage Insights platform, so it's a great way to make things easier, cut the CAPEX and OPEX, but not cut the innovation. We believe in value and innovation, but in an easy deploy methodology, so that you're not overly complex. And that is killing people, the complexity of their solutions. >> All right. So there's a couple of things about cloud, as we move forward, that are going to be especially interesting. One of them is going to be containers. Everybody's talking about, and IBM's been talking about, you've been talking about this, we've talked about this a number of times, about how containers and storage and data are going to come together. How do you see this announcement supporting those emerging and evolving need for container-based applications in the enterprise. >> So, first of all, it's often tied to hybrid multi-cloudness. Many of the hybrid cloud configurations are configured on a container based environment. We support Red Hat OpenShift. We support Kubernetes environments. We can provide on these systems at no charge, persistent storage for those configurations. We also, although it does require a backup package, Spectrum Protect, the capability of backing up that persistent storage in an OpenShift or Kubernetes environment. So really it's critical. Part of our simplicity is this FlashSystem platform with this technology, can support bare metal workloads, virtualised workloads, VMware, HyperV, KVM, OVM, and now container workloads. And we do see, for the next coming years, think about bare metal. Bare metal is as old as I am. That's pretty old. Well we got tons of customers still got bare metal applications, but everyone's also gone virtualized. So it's not, are we going to have one? It's you're going to have all three. So with the FlashSystems family, and what we have with Spectrum Virtualized software, what we have with our container support, we need with bare metal support, incredible performance, whatever you need, VMware integration, HyperV integration, everything you need for a virtualized environment, and for a container environment, we have everything too. And we do think the, especially the mid to big accounts, are going to try run all three, at least for the next couple of years. This gives you a platform that can do that, at the entry point, up to the high end, and then out to a hybrid multi-cloud environment. >> With that common software and APIs across. Now, every year that you and I have talked, you've been especially passionate about the need for turning the crank, and evolving and improving the nature of automation, which is another one of the absolute necessities, as we start thinking about cloud. How is this announcement helping to take that next step, turn the crank in automation? >> So a couple of things. One is our support now for Ansible, so offering that Ansible support, integrates into the container management frameworks. Second thing is, we have a ton of AI-type specific based technology built into the FlashSystem platform. First is our cloud based storage and management predictive analytics package, Storage Insights. The base version comes for free across our whole portfolio, whether it be entry, mid-range or high-end, across the whole FlashSystems family. It gives you predictive analytics. If you really do have a support problem, it eases the support issues. For example, instead of me saying, "Peter send me those log files." Guess what? We can see the log files. And we can do it right there while you're on the phone. You've got a problem? Let's make it easier for you to get it solved. So Storage Insights across AI based, predictive analytics, performance, configuration issues, all predicatively done, so AI based. Secondly, we've integrated AI in to our Spectrum Virtualize product. So as exemplar, easier to your technology, can allow you to tier data from storage class memory to Flash, as an example, and guess what it does? It automatically knows based on usage patterns, where the data should go. Should it be on the storage class memory? Should it be on Flash core modules? And in fact, we can create a configuration, we have Flash core modules and introduce standard SSDs, which are both Flash, but our Flash core modules are substantially faster, much better latency, like I said, 30% better than the next nearest competition, up to 17.2 million IOPS. The next closest is 15. And in fact, it's interesting, one of our competitors has used storage class memory as a read cache. It dramatically helps them. But they go from 250 publicly stated mites of latency, to 125. With this product, the FlashSystem, anything that uses our Flash core modules, our FlashSystems semi 200, our FlashSystem 9200 product, and the 9200-R product. We can do 70 mites of latency, so almost twice as fast, without using storage class memory. So think what that storage class memory will offer. So we can create hybrid configurations, with StorageClass and Flash, you could have our Flash core modules, and introduce standard SSDs if you want, but it's all AI based. So we have AI based in our Storage Insights, predictive analytics, management and support infrastructure. And we have predictive analytics in things like our Easy Tier. So not only do we think storage is a critical foundation for the AI application workload and use case, which it is, but you need to imbue your storage, which we've done across FlashSystems, including what we've done with our cloud edition, because Spectrum Virtualize has a cloud edition, and an on-prem edition, seamless transparency, but AI in across that entire platform, using Spectrum Virtualize. >> All right, so let me summarize. We've got an absolute requirement from enterprise, to make storage simpler, which requires simple product families with more commonality, where that commonality delivers great value, and at the same time the option to innovate, where that innovation's going to create value. We have a lot simpler set of interfaces and technologies, as you said they're common, but they are more focused on the hybrid cloud, the multi-cloud world, that we're working in right now, that brings more automation and more high-quality storage services to bear wherever you are in the enterprise. So I've got to ask you one more question. I'm a storage administrator, or a person who is administering data, inside the infrastructure. I used to think of doing things this way, what is the one or two things that I'm going to do differently as a consequence of this kind of an announcement? >> So I think the first one, it's going to reduce your operational expenses and your operational man power, because you have a common API, a common software platform, a common foundation for data management and data movement, it's not going to be as complex for you to pull your storage configurations. Second thing, you don't have to make as many choices between high-end workloads, mid-range workloads, and entry workloads. Six lines across the board. Enterprise class data services across the board. So when you think simple, don't think simple as simplistic, low-end. This is a simple to use, simple deploy, simple to manage product, with extensive innovation and a price that's- >> So simple to secure? >> And simple to secure. Data rest encryption across the portfolio. And in fact those that use our FlashCore Modules, no performance hit on encryption, and no performance hit on data compression. So it can help you shrink the actual amount you need to buy from us, which sounds sort of crazy, that a storage company would do that, but with our data reduction technologies, compression being one of them, there's no performance hits, you can compress compressable workloads, and now, anything with a FlashCore Module, which by the way, happens to be FIPS 140-2 certified, there's no excuse not to encrypt, because encryption, as you know, has had a performance hit in the past. Now, our 7200, our 5100 FlashSystem, and our FlashSystem 9200 and 9200R, there's no performance on encrypting, so it gives you that extra resiliency, that you need in a storage world, and you don't get a non-compression, which helps you shrink how much you end up buying from IBM. So that's the type of innovation we deliver, in a simple to use, easy to deploy, easy to manage but incredible innovative value, brought into a very innovative solution, across the board, not just let's innovate at the high end or you know what I mean? Trying to make that innovation spread, which, by the way, makes it easier for the storage guy. >> Well, look, in a world, even inside a single enterprise, you're going to have branch offices, you're going to have local this, the edge, you can't let the bad guys in on a lesser platform that then can hit data on a higher end platform. So the days of presuming that there's this great differentiation in the tier are slowly coming to an end as everything becomes increasingly integrated. >> Well as you've pointed out many times, data is the asset. Not the most valuable one. It is the asset of today's digital enterprise and it doesn't matter whether you're a global Fortune 500, or you're a (mumble). Everybody is a digital enterprise these days, big, medium or small. So cyber resiliency is important, cutting costs is important, being able to modernize and optimize your infrastructure, simply and easily. The small guys don't have a storage guy, and a network guy and a server guy, they have the IT guy. And even the big guys, who used to have hundreds of storage admins in some cases, don't have hundreds any more. They've got a lot of IT people, but they cut back so these storage admins and infrastructure admins in these global enterprise, they're managing 10, 20 times the amount of storage they managed even two or three years ago. So, simple, across the board, and of course hyper multicloud is critical to these configurations. >> Eric, it's a great annoucement, congratulations to IBM to actually delivering on what your promises are. Once again, great to have you on theCUBE. >> Great, thank you very much Peter. >> And thanks to you, again, for participating in this CUBE conversation, I'm Peter Burris, see you next time. (upbeat, jazz music)

from our studios in the heart of Silicon Valley Palo Alto California this is a cute conversation hi and welcome to the cube Studios for another cube conversation where we go in-depth with thought leaders driving innovation across the tech industry I'm your host Peter Burris one of the dominant considerations that every business faces today is how do they work through the complex outcomes associated with cybersecurity as they find new ways to use their data and apply it to new classes of customer and market problems this is not a small problem especially given that so many bad actors out there are now also seeing a company's data as a potential enormous source of value now to see what businesses are doing to try to achieve those complex outcomes while at the same time lowering their overall security risk we've got a great conversation first off welcoming back Eric Herzog who's the chief marketing officer and vice president of worldwide storage channels from IBM storage Eric welcome back to the queue yeah thank you love to come and Eric you bought with you a really distinguished individual kaeleen Sanchez as vice president of IBM worldwide Systems lab service and some technical universities Colleen welcome back to the cube thank you so let's get the quick update where are we in this world of the outcomes of businesses seeking let's start with you what what our business is trying to do with cybersecurity today protect data and ensure that we provide a certain level of security levels to enable the overall end-to-end protection holistically so it's really important that we enable a full stack hence the strong partnership with Eric and I too and also the global team to pull together solutions then enable data protection so let's talk about the reasons why it's becomes that much more acute or that needs to become that much more acute because we've got we've got the reality that everybody's going to get penetrated in the next year of any size that it takes a long time often to figure out that you have been penetrated you've got new types of attacks the old ones of just kind of know phishing and whatnot while still prevalent so a problem now we've got ransomware and we've got a lot of new types of actions that bad people are taking what are some of the things that we're trying to protect ourselves from these days so the B's thing is you mentioned ransomware it's like this idea that we want to protect and also act as a worm so to speak to provide an abstraction layer to enable protection holistically of any given solution because data can be everywhere nowhere so yeah there's discussions about it's the new oil it's not the new oil necessarily it's pervasive it's everywhere so our data from our perspective can be in any device any media type and we need to figure out how to protect it at its core and so you see it as a full stack that just means we have to go lower in layers in order to protect the overall data so kind of what you're saying is that the more the security is closer to the data the more the data itself is secure the less reliant we are on policy which can lead to human error or human mistakes which could allow folks come in I got that right you're correct it's smart data it's this idea that it's multiple pieces and multiple owners of a maker checker policy that keeps the overall solution accountable that doesn't diminish the need for policy but Eric it certainly raises the specter or the spectrum of the fact that increasingly the smart folks within a business that are insuring or trying to diminish risk and ensuring assurance of the data need to start looking at how storage or the role that storage plays in this overall security framework I got that right yeah if you think about a traditional company their approach is we need to get security software to keep the bad guys out and they mean it's the Chiricahua for when we are breached to track them down talking to several CIOs at even midsize companies let alone the fortune 500 is sometimes it takes them days even weeks as you said to know they've even been training penetrated yet track it down while they're doing that imagine someone coming into your house and the police don't show up for 10 minutes even though your alarm went off and by the time the police go your house is totally empty and IBM stores you make sure that that doesn't happen it's as if everything is bolted down everything is locked and if they do steal something for example it's say write once read many technology they can't really use it right because it's wormed they can't change it so it's almost as if your TV required a fingerprint and even if they stole it they couldn't use your TV and that's the kind of thing I want to do is be pervasive and get enterprises as well as even small and mean courts to realize an overall cyber resiliency and security strategy involves keeping the bad guys out email will track them down but when they are in the house making sure everything is secure and essentially nothing can be stolen or utilized of your incredibly valuable data so using your metaphor of making sure the TV is bolted down or whatever is is bolted down that's however doesn't diminish the business's ability to move the TV if they want to if they have the rights and privileges to do so so let's talk about how the new tooling of storage is being bought together with some of the new services approaches to achieve these complex outcomes how is IBM looking at storage and storage related technologies as a as a foundation for achieving the new outcomes that the businesses want so for my services perspective we go in and partner with our core technologies within the storage portfolio to enable like something like bare metal to enable the armor around the overall solution we work to with the client to understand their pain points etc and how we optimize the solution to substantiate that we provide highly resilient flexible access to data but at the same time it's protected now this is a fast changing world and it's there's there's an enormous expertise both on the good side and the bad side obviously you've got you've got a development background talk a little bit about how IBM is relying on customers relying on universities other sources of deep knowledge about security issues and then translating that into IP that then finds itself into places like Eric storage portfolio so so we have processes like for instance the technical universities so we have discussions with an extended set of worldwide engineers and scientists to talk about specific important pain points related to cyber security so when we obtain that data we provide the training we collect information and then we provide or funnel that back into Eric's portfolio from an IBM storage perspective so Eric look you've you're an old man for an act as amaya as am i and so that is one area where security has not been an afterthought it's not been that separate how to what degree has that relationship between security and data and storage of permeated the way that you think about solutions solution directions and engaging your customers with your value propositions so one of the big things we've done is make sure that our security is across the entire portfolio primary data flash disk secondary data disk or tape and in fact as you know IBM is known for its hybrid multi cloud storage technology capable of easily and transparently tearing out to multiple public cloud providers when that data is in flight sure site better be encrypted so we've made sure that where this ransom where malware protection data encryption rest across the entire portfolio right once read many technology things like FIPS 140 - - which is a very important federal specification around security malware and ransomware protection with air gapping both to tape but also to cloud so we've made sure that the security aspect of storage is pervasive primary storage secondary storage cloud storage whatever you're doing your storage will always be secure so when they do breach the wall and they track the bad guy down as they're rooting around your file your block your object storage it's secure and they can't get anybody from the data you still can but they can't steal that data from you and that's a critical capability of spreading it beyond just the mainframe we have great technology with our new safeguard copy product we brought out last year that does incredible things to secure data but in fact we make sure that all sorts of security and resiliency technologies from an IBM perspective are spread even into our lowest end product our store wise 50 10 e has full data rest encryption encryption and flight so all those technologies everyone from the very entry products all the way up to our high-end product the DES family and everything in between yeah well one of the things about digital business is we're discovering new ways of leveraging data and unanticipated avenues to try to generate additional business and one of the things we've seen as we talk to customers is that increasingly that means that the weakest link in your security chain is going to be it's going to be instrumental at defining your overall security policy so treating security is an option is because you can secure something over here is increasingly difficult as you find new ways of integrating data so how is IBM helping to get customers to see that so I would say two points from lab services perspective as well as our business partners we we take on a consultative discussion or partnership so we learn from our clients and partners and users as much as they learn from us and we provide offerings to really explore that full stack to make that data smarter as we discussed before so digital business is happening it's transforming very rapidly IBM talks about the rise of the incumbents as they bring some of these digital native capabilities into their business I'm going to ask each of you for the one thing that you think is going to be most important for customers to think about this relationship between data storage and security Eric I'll start with you what do you think is the one thing that people need to start thinking more about over the course next year storage is not an afterthought in your secure strategy killing how about you co-create with our end users to enable the full and and prediction as you mentioned before and as you co-create don't forget that storage is intrinsic to whether or not it's secure or not great conversation thank you both for being here Eric Herzog's the chief marketing officer and vice president worldwide storage channels at IBM storage Colleen Sanchez is the vice president IBM worldwide Systems lab services and technical universities once again thank you both for being here and talking about this crucially important area thank you for having us thank you alright and once again I'm Peter Burroughs and until next time this has been a cube conversation [Music] you

>> Presenter: Live from San Francisco, celebrating 10 years of high tech coverage, it's the Cube. Covering vmworld 2019. Brought to you by vmware and its ecosystem partners. >> So good to have you here with us on the first day of three days of live coverage here in San Francisco as The Cube continues its 10th year of coverage at vmworld 2019. Along with John Troyer, I'm John Walls, glad to have you with us. We're joined now by Bina Hallman who is the vice president of storage at IBM. Bina good to have you with us with this afternoon. >> Thanks for having me. >> You bet. You know, your everyday assignment is keeping so many people up at night and that's how do we defend ourselves, cyber. How do we develop these resilient networks, resilient services. Let's take a step back for a second and try to paint the scope of the problem in terms of what you're seeing at IBM in terms of cyber intrusions, the nature of those attacks and the areas where those are happening. >> I'll tell you from a client industry perspective, right touch on that a little bit. But cyber resiliency, cyber security it's a huge topic. This is something that every business is thinking about, is talking about. It's not just a discussion in the different departments, it's at the C Suite level, the board level. Because if you think about it, cyber crimes as frequent as they are and as impactful as they are, they can really affect the overall company's revenue generation. The cost of recovering from them can be very expensive. >> We're talking about more than just breeches here. Every week we hear ransomware is very interesting, it's very prevalent, it's here. I honestly hear a lot of government small town governments, or state governments, municipal governments maybe because they have reporting requirements. I don't know what goes on underneath in the private sector, but does it seem like that is one things? >> That's right that's right. We hear it in the news a lot. We hear about ransomware quite a bit as data breeches, as other types of things. When you look at some of the analyst statistics and what they say about the frequency of these types of events, and the likelihood of a business getting affected, the likelihood of a business getting affected by a cyber event is 1 in 3. It used to be 1 in 4 a couple years ago, now 1 in 3 over the next two years. Ransomware itself is increasing frequency. I think it was like every 14 seconds there is a ransomware attack somewhere in the world. The cost of this is tremendous. It's in the trillions of dollars. Both from recovering from that attack, the loss in business and revenue generation and actually the impact to the company's reputation. Again, not just ransomware, it's happening in many industries. You talked about government, it's in manufacturing, it's in financial, it's in health, it's in transportation. When you step back and say, how is it so broad, when you think about every organization to some extent is going through some level of transformation. There's digital transformation. They're leveraging capabilities like hybrid multi cloud, having resources on prim, workloads on prim some services in the cloud. They've got team members that are using mobile devices. Some companies depending on their business might have IOT. So when you look at all of those entry points, these are new ways that the bad guys can get into an organization. That creates the scale and complexity, just gets very large. It used to be that you have a backup. The traditional way for business resiliency used to be you do a backup, you have the data on an external system, you restore it if something happened. And then there was the business continuity. You would have a secondary infrastructure that in the case of an accident or some kind of a natural disaster, which didn't happen very often, you would have somewhere, a secondary infrastructure. All of those were designed with the likelihood being very low of happening. Then the recovery times and the disruption to business was somewhat tolerable. These days, with all of the dynamics we're talking about, and the potential areas of entry you need more of an end to end solution. That's a cyber resiliency strategy that is really comprehensive and that's what a lot of the businesses are thinking about today. How do I make sure I have a complete solution and a strategy that allows me to survive through and come up very quickly after an attack happens. I think most people recognize that they're going to get impacted at some point. It's not if, but it's when and when it does how do I quickly recover. >> You said it with the statistic, that 1 in 3 every two years. So my math tells me in six years time, I'm going to get hit by that standard. But it tells me that it's not if, it is when. So in terms of the strategies that companies are adopting, what do you recommend? What do you suggest now? You paint a realistically grim picture that there's so many different avenues, different opportunities and it's hard to put your fingers in all those holes. >> There's a lot happening in this space and I think that, you know, there are different standards, a lot of regulations but one that has been accepted and being leveraged in the US is around a framework and some guidance the NIST organization, National Institute of Standards in Technology. It's a framework that they put in place, a guidance on how do you plan for, how do you detect and then recover from these types of situations. I'll talk about it a little bit, but it's a very good approach. It starts with an organization needs to start by identifying what are some of the critical business services that their business is dependent on. What are they, what are the systems, what are the workloads, what are the applications. They identify and then what's the tolerance level. How quickly do you need to come up. What's the RPO, RTF. Based on that, develop and prioritize a plan. That plan has to be holistic. It involves from the CIO to the CSA, security office to the operations to the business continuity, to the data owners, the line of business. And then in this environment, you've got partners, you've got services you're leveraging. All of that has to be encompassing for those key services that you identify and prioritize as a client that you need up and running. And up and running very quickly. One of the examples of a client, financial institution. They determined they had 300 services they needed up and running within 24 hours in case there was an attack or in case something happened to their data or their environment. That they defined as what their requirement was. Then you go about working with them to do a few things. You identify and then there are other phases around that I can talk about that as well. >> I was going to go over to IBM a little bit in that obviously, you're with IBM and we're talking about storage, people may not realize how integral storage is now in security, but IBM brings to the table a lot more than just storage. >> Absolutely. >> So can you talk a little bit about that portfolio and IBM's approach? >> Sure, so when I talk about the NIST framework and I talk about the identify stage, there's also things around protection, protecting the environment and those services and those systems. The infrastructure, we do a lot in that space. It's around detection. So now that you've got the protection, and protection might include things like having identity management, having access control, just making sure that the applications are at the latest code levels. Often times that's when the vulnerability comes in when you don't have those security patches installed. Data protection and when it comes to that segment, we've got a very rich portfolio of data protection capabilities with our Spectrum Protect offerings. From a protection perspective, going into an encryption, having capabilities where the infrastructure is designed to have multiple types. You can have physical separation, so you can have an air gap, things like tape are ideal for that because it's physically separated. Tiering to the cloud. You can have technologies like write once read many where they're immutable, you can't change those. You can read them but you can't change them. We've done a lot of work in innovation around what we call safeguarded copies. This is making snapshots, but those snapshots are not deletable, they're access controlled, they're read-only. That allows you to very quickly bring up an environment. >> I think people don't realize that, I see some patterns of, sometimes these things hide. They'll be in there and they will be innocuous so you can't just restore the last backup. >> That's right. >> They may try to rewrite the backup so you may have to go back and find a good one. >> Absolutely, and detection is very important. Detecting that as early as possible is the best way to reduce the cost of recovering from these kinds of events. But like you said, I think I want to say 160 days, your environment might be exposed for 160 days before you detect it. So having capabilities in a portfolio in our offerings, and we do a lot working with a research team our security team on things like our data protection where we have algorithms built in where we look for patterns and we look for anomalies. As soon as we see the patterns for malware, ransomware, we alert the operator so you don't allow it to be resident for that period of time. You quickly try to identify it. Another example is in our infrastructure management software. You can see your whole heterogeneous storage environment. You typically start out by base lining a normal environment, similar to the backup piece but then it looks for anomalies, and are there certain things happening in the network, the storage that warns the operator. >> I almost get the feeling that sometimes it's almost like termites. You don't realize you have a problem until it's too late because they haven't been visible. In a 160 day window, whatever it might be, you might be passed that but because whatever that attack was, it was malicious and as clandestine enough that you didn't find it and it does cause problems so as we're wrapping up here, what kind of confidence do you want to share with the end users with people to let them know that there are tools that they can deploy. That it's not all grim reaper. But it is difficult. >> It is difficult, it's very real. But it's absolutely something that every business can have under control, have a plan around. From an IBM perspective, we are number one leader in security, we're the leader in security. Our focus is not just at a software level, it's starting from the chips we design to the servers we deliver to the storage, the flash core modules, FIPS 140 compliance, the storage software, the data protection, the storage management software all the way through the stack. All the way through our cloud infrastructure. Having that comprehensive end to end security and we have those capabilities, we also have services. Our services and security organization work with clients to establish these, evaluate the environment, establish these strategies and interim plans. It's really about creating the plan, prioritizing it and implementing it, making sure the whole organization is aware and educated on it. >> You got to prepare no doubt about that. Thanks for the time Bina, we appreciate that. And it's not all doom and gloom but it is tough. Tough work and very necessary work. Back with more here on The Cube. You're watching our coverage from vmworld 2019, Here in San Francisco.

>> Live from Miami Beach, Florida, it's the CUBE, covering VeeamON2019. Brought to you by Veeam. >> Welcome back to Miami everybody. This is Dave Vellate with Peter Burris here. Day One of VeeamOn2019, at the Fontainebleau Hotel in Miami. Rat Pack used to hang out here Which is kind of the big theme of the reception last night. Dale Hoffman is here. He's the Director of Offering Management for VMWare Solutions at IBM. Dale, thanks for coming to the group. >> Thanks, David. It's a pleasure to be here and Peter, nice to meet you. >> Okay, yeah, pleasure to meet you as well. So lets unpack the sort of notion of Offering Management that sort of people generally refer to as Product Management. IBM calls it Offering Management. So you are focused on the public cloud, but specific to the VMWare swimlane. Is that right? >> Yeah, that is correct. So, if you think about it I own the VMWare Offering Solutions on our cloud. So, that is everything associated with the whole VMWare software defined data center stack, but also a lot of our partner solutions. Many solutions in the security space. Many solutions in the business resiliency space. And that's kind of where Veeam had came in on that aspect. >> So the first public cloud deal that VMWare did, correct me if I'm wrong, was with IBM, was it not? >> Yeah, so if you just go back a little bit in time, IBM itself is probably the largest, if not the largest, provider of VMWare workloads. And mainly that's due to a lot of our GTS services business. But back in 2016, this looked like a great opportunity to actually go on the public cloud and actually stand up a software defined data center stack from VMWare. So, we started on that in that partnership with VMware and started to just basically grow that business. That business has been growing at about a 75% CAGR, and then that was kind of like step one, get the stack, and then step two was how do you get those security services in, and some of those business resiliency services in. And that's where we started to go in and do a real deep partnership with Veeam and happy to say that we started that in 2017 and we have about 12,000 plus VMs, both bare metal and also on virtualized VMWare on our cloud. Its been about 170% year to year growth rate. So Veeam's killing it on our cloud. They really are. >> And your scope is anything in the IBM cloud that's VMWare related so it could be >> That is correct. >> Data base services, it could be >> Absolutely. >> Object stores, obviously data protection with Veeam. What do you think is driving the Veeam-IBM momentum? >> Well, I think what's driving it is if you think about a lot of these, you know, critical customers, first thing they're going to want to do is take advantage of a lot of things that you get with the cloud. Whether its moving from a capex to an opex model with being able to get that capacity expansion. And there's a whole bunch of different use cases that you've got, but one of the key things to them is this whole business continuity. The ability to make sure that I can back it up, I can recover as quickly as I possibly can, and maybe more importantly, we have about 60 data centers worldwide. And being able to, essentially, have that geographic span is a huge advantage. And also the, fact that, just take backup as a simple example. When I back up I may be moving data back and forth in a particular region. I'm looking for some latency. And not to be able to be charged for that is a powerful value proposition for the customer. So, we don't charge for any type of data movement inside our cloud. And also, when you go outside, maybe for high availability, outside into the geographic reach, the same thing happens. So I think those are some very key things. That it's the security, the very fast backup and recovery, and knowing that you're not getting charged for that private secure network. It brings a real good value proposition to our customers that are leveraging Veeam and other services. >> So we think that we're now entering into a third era of cloud where the first one was basically makers, companies that created SAS companies, gaming companies, and then people moved analytics into there for a variety of reasons. Now the enterprise seems to be getting in it in a big way. Certainly at the large size. But that's starting to move down into the mid-range as well. Your advantage, IBM's advantage, has always been your ability to engage and bind with your customer base. How are you, how is IBM helping to move these customers forward, and what is the backup restore conversation in that process? Is it an afterthought? Is it something that's becoming more central to their thinking? How is it working? >> Yeah, so that's a great question, Peter. So, the way I think we in IBM cloud have thought about this is we've kind of divided the journey to cloud into two pieces. The 20% that are there, they weren't the real I'll call them business critical type of workloads that are going on, but that next 80% that's where we really see a huge advantage to us. Its out enterprise relationships. Its what we do from a security aspect on the cloud, and how easily we could help them, what we call lift and shift and migrate things over. And then once you're there, how can I help give you that assurance that we're going to give you the best backup, the best recovery in the event of a disaster, something that can, if you do see a failure, being able to have a very fast recovery point, you know, objective, and get you knowing that everything is secure and backed up and has this wide geographic spread. And even think about in the areas of compliance these days. GDPR. I mean, you have to have these data centers worldwide and sometimes they have to be you know, fixed. So, we provide that whole value proposition, I think, to those clients, in that essence. And I think the business critical, and, eventually, what we call mission critical workloads that will eventually move over, its probably the best choice to be able to have that trusted place to put workloads. >> So, the other, related to that, is you've got customers who are now moving and we're going to see them moving at varieties of speeds, but increasingly, the enterprises are going to move faster to do this than they've done in almost anything previously. And you've got Veeam, a very hard charging vendor, that has a reputation for great quality stuff, but a lot of innovation, moving very quickly. How is, how are you ensuring that there's no impedance mismatch between you, IBM, IBM customers, and Veeam and the technology vectors that it's on. >> Yeah, well first of all, its a very, very deep partnership. I mean very, very6 close relationship with them. This is not a vendor supplier relationship. This is a very, very deep partnership. And the other thing is, from a technology standpoint, one of our big differentiators on the cloud is, we actually provide that access all the way down to the hypervisor level. So, you have full freedom of action to do whatever you want to be able to do. So, from a Veeam standpoint, since its really based on a hypervisor type of technology, that gives us a real big advantage, because let's say, David, you're using Veeam on-prem. I give it the exact same look and feel as if you're off-prem, and I essentially make that data center look like an extension, like it was just in the next building and such. >> It's just another group, it's just another pool of VMs. >> Absolutely. And that whole, control and management of that gives you extreme flexibility that you really can't get in any other type of cloud. I like to say that You can come in and custom build your infrastructure, your VMWare software defined data center stack, your services such as Veeam. You custom build it any way that you want. It's like leasing a car. After you custom built that car, we hand you the keys. It's client managed. You go out and do whatever you want with that. And if you don't like it you can turn those keys back in, because we just do things not on a long term commitment, but on monthly commitments and such. >> And I want to, I want to maybe drill down on that a little bit, Dale. >> Sure. >> And try to better understand some of the flexibility that I'm inferring from your statement. So, you're a mainframer. You remember the days of SMS, and one of the things about it was that I could set policy for data protection, for backup, based upon the workload. I could say back this up once a week or back this up every day or back this up every hour or what is was. I had a granular level of capability. It was mainframe so it was, you know, big stuff. A lot of the challenges within, certainly the mid-size and smaller businesses, it's like one size fits all. This has been a, you know, a problem for everybody for years. Danny Allen, this morning, in the analyst and media session was talking about... >> This is the products guy here at VM. >> Yeah, yeah, yeah. Talking about the ability to sort of set granular levels, the pressures of RPO and RTO. And I want to sort of test how challenging it is to do that by workload or by application, and how IBM and Veeam are supporting that. How complicated is it? Are your clients doing it or is it still kind of a one size fits all world. >> I wouldn't say its one size fits all, but what I would say is by giving the clients full control and having the freedom and flexibility to do things that they want, the tight integration of this Veeam technology into the V-Center console and such, it gives them the ability, I like to say, do it at your own pace. Do it when you want to. Even something as simple as, lets say, managing VMWare and patching it, instead of having somebody else do it for you at their pace, we essentially allow you to do it at your pace when you want to. And its the same thing with the backup. You do it when you want to, at your frequency, what regions you want to go, or your whole geographic spread. And we try to provide the maximum flexibility and control to our mutual clients to enable that. >> And on the automation scale, or you know, the 9-inning game of automation, where are we? How, how automated can I make that, but more importantly, how fast are customers adopting that sort of automation scenario. >> Yeah, so you're experience when you come into our, our cloud, and essentially you click on "I want to go to the cloud," you click on the VMWare offering, its a very simple menu. You pick your infrastructure, compu... network storage. I'll keep it simple for now. You pick your software defined data center stack and we even enable a BYOL. A lot of people have their own Vsphere licenses. We enable them to go in and insert their key which is a cost advantage to them. Then you pick your partner services and such. So you pick your Veeam, and then you go in there and say "Well, where do I want to put it? Do I want to put it into Vsan? Do I want to put it into a file based storage?" And I think what we're really excited about is, we just recently announced being able to put this into IBM's cloud object storage. And that's huge, because, if you think about it, we all live in this area of regulatory and compliance and you can't throw anything away and the data is just exploding all over the place. So, having that ability to put it into a lower cost storage and all automated and essentially Veeam can essentially point to any of those multiple storage tiers. It gives our customers a big advantage so that they could essentially, I'll call it right-tune what they want to do and where they want to do their backups. So, they want something there quick or they say "Nah, you know, that could be a cold vault. I can keep that out there for a while and when I need it I'll go back and get it." So a lot of flexibility on storage options, a lot of flexibility on the pricing. But Veeam essentially is that powerhouse behind it that's actually interfacing that VMWare world as well as on the bare metal side over to those various levels of storage. >> So David, to answer your question, where are we in that 9 innings. I would have said bottom of the 1st, 1 out, 2 men on, 1 of them is Manny Ramirez. [Laughter] Because you just don't know what's going to happen next, and that's what I want to bring up. Veeam talked about... >> Is he a Boston fan? >> No, I'm not. [Laughter] I'm not. But Veeam talked about the "with Veeam" and I'm wondering how IBM sees it bringing its, this massive innovation, you still are one of the leading generators of patents in certainly the tech industry, but globally. How do you see IBM bringing IBM intellectual property, IBM invention, to this "with Veeam" platform to increase the degree to which it can serve a broader range of customers of different sizes, different geographies, and different workload forms. How do you see IBM participating in that process? >> Yeah, let me give you a couple examples. So, let me just take a non-Veeam example, just to talk about some IBM innovation. So, about a month ago we actually introduced something called hyperprotect cryptoservices. That's a big word there. Basically, it is, it's the same technology that we have in system Z, that's used by our large enterprise customers that gives you that, that FIPS 140-2, level 4. We are the only cloud in the world that has that technology that's on there. Basically, once you put your keys in there nobody's going to get to them at all. And it's an innovation of taking something that was done in a different division within IBM and now making that as an endpoint service within our cloud. Now, let me give you an example of doing a little bit of innovation even with Veeam. So, one of the things that we're trying to do is, you know, we started out hey, let's lay down the software data center stack, let's lay down partner services. Now, let's focus on what's that solution layer on top of it. How do we add more value into our clients? So, just take SAP, for example. We just recently announced both on a bare metal and also on our VMWare side, to be able to have a, we're the only cloud that has a certified SAP server in the cloud. And what we've just recently done is, we've integrated and put Veeam as that backup choice for that. So, now what that really enables everyone to do is leverage a lot of innovative work that Veeam was doing to make sure that you can back up SAP correctly. We married that with our infrastructure and our bare metal/VMWare stack with Veeam as that backup. And just a little bit of foreshadowing in the future, we're going to look at ways to further automate a lot of that SAP landscape so that our clients see, you know, a much better automated solution so that they essentially, using your baseball analogy, are going to see that full range of automation and say "Wow. I think we're at the end of the game here. This thing truly is automated, easy to consume, and I'll have the confidence of the security and the business resiliency knowing that it's got the trusted IBM name behind it. >> You know, give us the summary of 2019. Maybe some of the first half highlights and maybe show a little leg for the second half. >> Sure, sure. Why not? >> What can we expect leading up to IBM thing. >> So, I mentioned a few things about what we did in the security space already. So, we've enabled, besides our, what we've done with high trust, with data and key protection. We've also enabled IBM's key protect services. We brought the System Z hyperprotect services into the mix. We've enabled things like cavionics to bring the risk foresight. So, now, we can monitor a lot of compliance and keep things in compliance and monitor that for you. We brought some app modernization to essentially help people on their journey modernize their apps, leveraging both a tight integration of VMWare and what we call ICP-hosted or IBM Cloud Private hosted to get that tight integration and such. But moving forward I see a couple big things, and I'll try to maybe put them in the Veeam perspective and such. You heard me mention before about this 80% of that real key workload coming over to the cloud that, you know, business critical or mission critical. We announced last year something called mission critical VMWare, and basically what it is, it's two, two active, active type of sites with a witness site and you essentially are moving things back and forth so if you have a failure within a region you instantly can go in and switch over. And the idea is to give you the highest availability into the cloud. And Veeam is a very much integral part of that solution in the sense that it'll be our backup. And then since you said do a little bit of foreshadowing, say what's coming in the future. We have a very very strong single tenant VMWare offering on the cloud. Like I was saying, you know, it's client managed, the hypervisor access. You've got that extreme flexibility and control. But what we like to do is kind of look into a little bit more of that multi-tenant type of space. And we think it opens up a whole new market segment for us in that emerging market and commercial market space. Guess who's going to be our partner in that to make the backup happen? That's going to be Veeam. >> Cool. Dale Hoffman, thanks so much for coming to the CUBE and sharing. >> Oh, thank you for having me. >> Some of the ways in which IBM is differentiating, not doing infrastructure service and just racing to zero, but really trying to pick your spots and I really appreciate your insights and thanks again. >> Okay, thank you. >> Alright, keep it right there everybody. This is Dave Vellante with Peter Burris. Day one at VeeamON2019, and from Miami you're watching the CUBE. We'll be right back.

(epic music) >> Hi, I'm Peter Burris welcome to another Cube Conversation from our beautiful Palo Alto studios and today we're here with Clinton Wyckoff who is a senior global solutions engineer from Datrium. Welcome to the Cube Clinton. >> Well thanks for having us Peter, it's great to be here. >> So Clint there's a lot of things that we could talk about but specifically some of the things that we want to talk about today relate to how cloud use as it becomes more broad-based is now becoming more complex. Concerns about as we use more cloud we still have off-premise. How do we then sustain that we get more work done and that crucial role that automation and human beings are still going to play as we try to achieve our overall goals with data. So why don't you tell us a little bit about some of these themes of simplicity, scalability and reliability. >> Yeah definitely Peter. It's been a very interesting time over the last 12 months here at Datrium. We've been on a rapid release cycle. We've actually released DVX 4.0 of our software just a few weeks ago and maintaining focus around those three key talking points of simplicity, scalability and reliability that's really what the Datrium DVX platform is all about and it's about solving customer challenges that they have with their traditional on-premises workloads that they've virtualized and we're also seeing an increase in customers trying to leverage the public cloud for several different use cases. So kind of the the biggest takeaway from our perspective with relation to the latest release of our software is how can we integrate what the customers have grown to love on-premises with their Datrium DVX platform and how can we integrate that into the public cloud. So our first endeavor into that area is with cloud DVX and that integrates directly into their existing AWS subscription that they have. So now that they have on-premises Datrium running for all their mission-critical providing tier one systems of all the performance, cloud backup. All those capabilities that they've grown to love but how can I get my data off-site. That's been a huge challenge for customers. How can I get my data off-site in an efficient fashion? >> But in a way that doesn't look like an entirely different new or a completely independent set of activities associated with AWS. So talk to us a little bit about, you said something interesting. You said it integrates directly into AWS. What does that mean? Yes we've taken a direct port of our software so we have on premises customers run ESX hosts. In AWS terms that translates into EC2 instances. So the first thing that we do is we instantiate an EC2 instance outside in an AWS subscription. >> That means my billing, my management, my console everything now is the same. >> Exactly and then we're utilizing an S3 bucket to hold our cloud archive. So the first use case for cloud DVX and in its current iteration is for outside archives of Datrium snapshots. I run VMs on-premises, I want to take a snapshot of these, maybe send them over to a secondary location and then I want to get those off site for more long-term archival purposes. S3 is a great target for that and that's exactly what we're doing. So an existing customer can go into their Datrium console, say I want to add my AWS subscription, click next, next, next finish and it's literally that easy. We have automated lambda functions would that automatically spin up the necessary EC2 instances, S3 buckets all that stuff for the customers so they completely simplify the entire process. I like to think of it almost like if you look at your iPhone and you go into your iCloud backup, there's literally just a little slider button that says turning on. For us it's literally that simple as well. How can we help customers get their data off-site efficiently. That's a key kind of point for us here at Datrium and the fact that we have a global deduplication pool. That means the only data that's ever going to go over the wire is truly unique so we have built-in blockchain type crypto hashing that goes on so as data comes in we're going to do a comparison on-prem, off-prem and only send the unique data over the wire. That is truly game-changing from a customer perspective. That means I can now decrease my R-POS. I can get my data off-site faster but then whenever I want to recover or retrieve those block or other virtual machine snapshots, it's efficient as well so it's both ingress and egress so from a customer perspective it's a win-win. I can get my data off-site fast and I can get it back fast as well and it ultimately decreases their AWS charges as well. >> That's the point I was going to make. But it's within the envelope of how they want to manage their AWS resources right? >> Yep. >> So this is not something that's going to come along and just blow up how you spend AWS. If you're at the AWS person so we've heard what the Datrium console person can do. If you're an AWS person you're now seeing an application and certain characteristics, performance characteristics associated with it, cost characteristics associated with it and now you're seeing what you need to see. >> Exactly. We kind of abstract the AWS components out of it so if I'm an AWS console yes I see my EC2 instance, yes I see an S3 bucket but you can't make heads or tails of what it's kind of doing. You don't need to worry about all that stuff. We manage everything solely from a Datrium perspective going back to that simplicity model that the product was built upon is how can we make this as simple as possible. It's so simple that even an admin that has no experience with AWS can go in and stand this up very very easily. >> All right so you've got some great things going on with being able to use cloud as a target. What about being able to orchestrate resources across multiple different potential resources. How is that started? How does some of the new tooling facilitate that or make it more difficult? >> Well that's a really great question Peter. It's almost like you're looking into the crystal ball of the future because the way that Datrium, the product itself and the platform is architected, it's kind of building blocks on top of each other. We started off on premises. We've built that out to have a scale out architecture. Now we're going off premises out to the public cloud. Like I said the first use case just being able to leverage that for cloud archives. But what if I want to orchestrate that and bring workloads up inside of AWS? So I have a VMware snapshot that I've sent, or a Datrium snapshot that I've sent off-prem, I want to now make that an EC2 instance or I want to orchestrate that. That's the direction that we're going so there's definitely more to come there. So that's kind of the direction in what the platform is capable of. This is just the beginning. >> Now the hybrid verge concept very powerful and it's likely going to be a major feature of being able to put the work where it needs to be put based on where the data needs it. >> Sure. >> But hyper-converged has had some successes, it's had some weirdness associated with it. We won't get into all of it but the basic notion of hyper-converged is that you can bring resources together and run them as a single unit but it still tends to be more of a resource focus. You guys are looking at this from slightly differently. You're saying let's look at this as a problem of data and how the data is going to need resources so that you're not managing in the context of resources that are converged, you're managing in the context of the resources that the data needs to do what it needs to do for the business. Have I got that right? >> Yeah I mean the hyper-converged has done a lot of really good things. First and foremost that smooth flashed the host level. Removing a lot of the latency problems that traditional sand architecture has. We apply many of those same concepts to what Datrium is but we also bring a lot of what traditional sand has as well being durability, reliability on the backside of it so we're basically separating out my performance tier from my durability capacity tier on the bottom. >> Based on what the data needs. >> Exactly right so now that I've got these individuals stateless compute hosts where all of my performances for ultra-low latency, latency is a killer of any project. Most notably like VDI for instance or even sequel serve or Oracle. One of the other capabilities we actually just added to the product as well is now full support for Oracle RAC running on Datrium in a virtualized instance so latency as I mentioned has been a killer especially for mission-critical applications. For us we're enabling customers to be able to virtualize more and more high-performance applications and rely on the Datrium platform to have the intelligence and simplicity behind the scenes to make sure that things are going to run the way that they need to. >> Now as you think about what that means to an organization, so you've been at Datrium for a while now. How are companies actually facilitating the process of doing this differently? Are they doing a better job of actually converging the way that the work is applied to these resources or is that something that's still becoming difficult? How is the simplicity and the automation and reliability making it easy for customers to actually realize value of tools like these? >> It's actually it's truly amazing because once our customers get a feel for Datrium and get it into their environment, I mean we have customers all across the world from fortune 500 customers down to more small medium-sized businesses, financial, legal, all across the entire spectrum of verticals that are benefiting from the simplicity model. I don't have to worry about and you can go out to the Datrium website and we have a whole list of customer testimonials and the one resounding theme that goes across that is I no longer have to worry about managing this. The storage, the infrastructure, I'm now able to go back to my CIO or my CEO and I can provide business value to the business. I'm doing what I'm supposed to do. I don't have to worry about managing knobs and dials and hmm, do I want to turn compression on or maybe I want to turn it off or what size volume do I need, what queue depth. That's kind of mundane tasks. Let's focus on simplicity. Things are going to run the way that you need them to do, the way that you need them they run. They're going to be fast and it's going to be simple to operate. Well we'd like to talk about the difference between business and digital business as data. But digital business treats data as an asset and that has enormous implications how you think about how your work is institutionalized, what resources you buy, how you think about investing. Now it sounds as though you guys are thinking similarly. It's not the simple tasks you perform on the data that becomes important. It's the role the data plays in your business and how you turn that into a service for the business. Is that accurate? >> That is very accurate and you brought up a really good point there and the fact that the data is the business. That is a very key foundational component that we continue to build upon inside the product. So one of the kind of big capabilities and you've seen a lot of this in today's day and age with ransomware hacks and data breaches, I mean it's almost every other week you go on CNN or I'd pick your favorite news channel that you care to watch and you hear of breaches or data being stolen. So encryption, compliancy, HIPAA, sarbanes-oxley, all that type of stuff is very important and we've actually built into the product what we call blanket encryption. So data as it comes inbound is encrypted. We use FIPS 140-2 to either validated or approved mode and it is encrypted across the entire stack in use over the wire in flight and at rest. That's very different than the way that some of the other more traditional folks out there do it. If I look at sand, it does encryption at rest. Well that's great but what if while the data is in flight? What if I want to send it off premise, out to the public cloud? With Datrium, all that is built into the product. >> And that's presumably because Datrium has a greater visibility into the multiple levels that the data is being utilized-- >> Absolutely. >> Which is why you can apply in that way and so literally data becomes a service that applications and people call out of some Datrium managed store. >> Yeah absolutely. >> So think about what's next. If we think about, you mentioned for example that when we had arrays with sands that we had a certain architectural approach to how we did things but as we move to a world where we can literally look at data as an asset and we start thinking not as the task you performing on the data but the way you generate value out of your data. What types of things not just at Datrium, but what types of challenges is the industry going to take on next? >> So that's an interesting question. So in my opinion this is Clint's personal opinion that the way that the industry is changing in regular administrators, they're trying to orchestrate as much as they possibly can. I don't want to have to worry about the low-hanging fruit on the tree. How can I automate things so that whenever something happens or an action happens or a developer needs a virtual machine or I want to send this off-site to DR, what if I can orchestrate that, automate it, make it as simple to consume because traditionally IT is a bottleneck for moving the business forward. I need to go out and procure hardware and networks which is all that type of stuff that go along with it. So what if I was able to orchestrate all of those components leveraging API calls back to my infrastructure like a user has a webform that they're going to fill out. Those challenges are the types of things that organizations in my opinion are looking to overcome. >> Now I want to build on that for a second because a lot of folks immediately then go to oh, so we're going to use technology to replace labor and well some of that may happen the way I look at it and way we look at it is the real advantage is that new workloads are coming at these guys at an unprecedented rate and so it's not so much about getting rid of people. There may be an element of that but it's allowing people to be able to perform more work. With these new technologies. >> Well more work but focus on what you should be focusing on. Of all the senior executives that-- >> That's what I mean. >> All the senior executives that I talk to they're looking to make better use of IT resources. Those IT resources are not only what's running in the racks in the data center but it's also the gentleman or the lady sitting behind the keyboard. What if I want to make better use of their intellectual property that they have to provide value back to the business and that's what I see with pretty much everybody that I talk to. >> Clint this has been a great conversation so once again this has been Clinton Wyckoff. There's been a cute conversation with Clint Wyckoff who's a senior global solutions engineer at Datrium. Clint thank you very much for being on The Cube and we'll talk again. >> All right thanks Peter. Once again, thanks very much for sitting on this Cube Conversation. We'll talk to you again soon. (epic music)

>> Voiceover: Live from Washington D.C., it's theCube, covering AWS Public Sector Summit 2017, brought to you by Amazon Web Services and its partner Ecosystem. >> Good morning, welcome back here on theCube, the Silicon Valley or Siliconangle TV flagship broadcast, here as we continue our coverage live from the Nation's capital, Washington D.C., the AWS Public Sector Summit 2017. I'm John Walls, we're glad to have you hear on theCube along with John Furrier, good morning. >> Morning. >> Good night? >> Great night. I had two great meetings, learned some information, got some exclusive material for a story that has to do with government stuff. >> So you were kind of working then weren't you? >> I'm always working. We're in D.C. I want to put my ear to the ground and bring all these stories back to my show, Silicon Valley Friday Show, which has been on hiatus during the month of May and June for all theCube events. >> Slacker. >> I got some great metadata as they say. (laughter) >> Good about data. >> I went home and watched the Nat's game. That was my big night. Jeff McAllister is with us now, he is the GM of the Americas for Druva and Jeff, glad to have you on theCube, we appreciate the time. >> Oh gee, thank you for the opportunity and it's a pleasure to meet you. >> Alright so you guys are all data, all the time on the Cloud right? >> That's right. >> All about data protection and security, availability. Tell us a little big more just about Druva and then we'll get into maybe your relationship with AWS but first off about you, about Druva. >> I've been fortunate to be with Druva since we really embarked on our enterprise strategy. I've been part of the team that made the investment a couple of years ago to start to pursue FedRAMP and some of the specifications for the Federal Government. And as you know, we are Cloud native. We are for the Cloud and built on the Cloud. We've been a partner with AWS for over eight years now. So we've had a very strong working relationship with them and the opportunity to come and speak here today and with you gentlemen, has really been tremendously exciting and frankly they're absolutely wonderful partners to go to market with. >> Yeah, talk about a minute about how integral that obviously is to your business to have not just a relationship, but to have the relationship that you do with AWS. >> Well, AWS obviously provides a world-class platform on which to build a service like ours. For our customers, it means tremendous levels of security, tremendous data durability, a reliability and availability of that data, but also the idea that many of our customers are very mobile. They have great geographic dispersion among their employees. Their employees are engaging in other parts of the world. So availability of that Cloud and that Cloud infrastructure, in local areas is tremendously important. And for our Federal customers, the certification for ITAR and other things that are specific to that market, having a platform like GovCloud, built specifically to their specifications, to service them, creates great leverage for us and our customers. >> John F.: I mean, eight year relationship, and that's going back. >> Yes it is. >> And they're only 10 years old and they spent their 10th birthday going on their 11th year, just AWS. So, obviously they saw some federal action right away, or public sector action right away. Nature of the Cloud, very friendly to developers back then. But still it was building blocks foundational back then. >> That's right, exactly. >> What's changed? How would you chronicalize that change other than the massive growth we've seen in the market place which we've chronicalized as well but I mean, from your perspective in the public sector, this is on a nice trajectory. >> I've been in the business now for over 30 years. Started out at Data General through Sun Microsystems and I've seen much of the industry change. The one thing that has been very impressive with the public sector, is that the interval in product innovation would come to the public sector a year or two years behind what we saw in the commercial marketplace. That time and space is absolutely shrinking down to nothing. They are pursuing the same business continuity, data transformation issues the Cloud-first strategies that our commercial customers are. And frankly, the government worker today has become more mobile. And the requirements to protect that data and secure it, are at an all-time high. And the AWS platform in combination with what we do, really provides a level of security that is hard to do on your own. >> So yesterday, we talked about a term I coined, or phrase I coined, around the seminal moments in GovCloud's history and really in the Amazon public sector. Is called "the shot heard around the Cloud", and that was the CIA deal where AWS came in and beat IBM, which had a lock-in spec and they're old-school IBM, they know how to sell. The sponsorships, they had everything locked and loaded. Who knows what they were doing, wining and dining. You know how the Federal Government is? >> Jeff: That's right. >> Things were very much picked out, everything's buttoned up and then boom, Shadow IT is happening, Amazon wins. Since then, we've seen a lot of change in how people are securing, how people are deploying. >> Jeff: Right. >> No better example than data protection because there's no wall, there's no firewall. You're in the middle of it. Talk about that dynamic about how the no walls, no perimeter in the Cloud has changed the role of data and data protection. >> Sure. So, gone are the days where we can dictate the device, how somebody wants to work, what solutions they're going to use. Cloud applications like Office 365, Box, Slack, other, have really created an environment where the IT folks, want to stimulate innovation, stimulate the work in places where people want to get done. But then provide the same level of protection and governance that they would on a non-platform solution. So, watching that evolution take place, its really driven us to really have to be mindful that we're in the performance business and with that performance we have to be respectful of the requirements from a security and protection standpoint that our customers call for. FIP certification became fundamental for us being able to service the government. That led us into the pursuit now of FedRAMP, which we're now FedRAMP ready. But all of those things provide the infrastructure to allow them to embrace these new strategies and this digital transformation, be it in my Cloud-first strategy or my mobility strategy, and be able to extend that same level of security that I would need, and provide that flexibility for my users to get their jobs done. >> Yeah and honestly, Cloud native, as you know, we love Cloud native, we've covered it. >> We do too. >> Covered it from day one. (laughs) Cloud-first is kind of like a moniker that people use. >> Sure. >> Kind of an ethos. It's more of a manifesto, it's more agile. But really Amazon has never hidden the ball in the fact what they believe the future will be and that is API economy. And from day one it's all about APIs and they believe that you should have APIs everywhere. The Cloud has no perimeter so that changes the security game. But the one thing that's emerged out of all this, is a new SaaS business model for businesses and government, and federal, and education. So everything's as a service. >> Jeff: Correct. >> That is a huge deal and this is maybe nuanced a bit, but how does public sector turn into a service model with the Cloud? 'Cause that's something that everyone's kind of going at. You have Cloud natives great, we're going to be Cloud natives, check. But really what they're getting to is, everything's as a service. >> Right. It's created a lot of flexibility in the buying process. First of all, you're bringing that elasticity of demand, right? So they are able to embrace the idea that, I only pay for the services I actually consume. So, should I have a movement in employees, should I change in structure, should my usage suddenly spike, I have the ability to adjust on the fly. That's a big part of it. But the other piece of it is that we can deliver our service at a fixed price cost for a certain period of time within that government fiscal year. So not only does it become easy to manage technologically, but from a budget stand point, it makes it a very predictable cost. I'm no longer having an explosion of data that I have to manage and go off books to try and find data to provide those IOPS and storage on sight. I can simply continue to go at the same budget level that I've already set aside. >> One dynamic that has come up while you brought this up, 'cause I think it's relevant to what we were just talking about is, lock-in. Right? I mean the word lock-in has always been vendor lock-in but really that's on one side of the coin. The other side of the coin is user lock-in. So last night, one of my secret meetings I had last night was with a senior government official and we were talking about how, they're all pissed 'cause they got Microsoft Surfaces instead of Macs. They wanted Macs. So they were just handed a bunch of Microsoft Surfaces. No offense Microsoft, I love the Surface personally, but I've got a Mac here. The point is, they didn't want it. >> Jeff: Right. >> It was forced down their throat. >> Let's just shut that for a moment here. (laughs) >> This is the old way. We made a decision, we're going with this product. So this is really the flexibility point is, very interesting, 'cause now with the Cloud, you can actually do these really agile deployments. >> Jeff: Exactly. >> And give people more choice. >> That's right. The time to value on these products, we have a very large defense contractor inside the Beltway. We were able to deploy to 23,000 users worldwide in under six weeks. But we understand that we're in the performance business and the idea that our customers could leave us at any point in time when the term is up, keeps us very conscious of the specifications that they require. And frankly, it requires us to be innovative on their behalf. Certainly taking their feedback, but really starting to anticipate their requirements, so that we continue to earn that business year over year. And frankly, if you want to talk about lock-in, SaaS provides tremendous flexibility to switch when a contractor isn't performing to spec, versus a perpetual license where I'm locked in for the duration. >> And that's a fear obviously that they're going to use their dollars wisely. I want to get you to weigh in on Druva's digital transformation in back of the customer. Obviously you guys are doing well, you're in the sweet spot, data protection is a hot area. It's one of the hottest area no one really kind of looks at, but it's really hot with the Cloud. What impact are you having with customers and how are you rolling out your value proposition to the public sector? What are the key highlights? I mean, how do they work with you? Is it FedRAMP? Is it GovCloud? Just take us through your value proposition with respect to the- >> Our value proposition, I think is fairly unique. So first, we run on the most wildly accepted Cloud platform by the public sector, AWS GovCloud. Without question the market leader there. We bring all of our experience from the commercial marketplace into that same experience on GovCloud. With the added certifications of FIPS, certification 140-2 moderate. Our FedRAMP in process. We're also HIPPA certified so that we have the ability to address HHS and FDA as some of our customers. 'Cause they also process a lot of personal information that is unique to that particular agency. But at the end of the day, the piece that really is most interesting to our public sector customers is, one, this is a very easy service to bring to the Cloud at lower cost and frankly higher value. The plethora of features and the security, the ease of management that we bring, relieving them of having to manage hundreds of terrabytes of data and apps on behalf of this service, is tremendously beneficial. The predictability of the cost year over year, makes it very very easy to manage. But I think the biggest thing that people have come to embrace is that the innovation that takes place in the Cloud comes to market so much faster in the Cloud. Just think of the QA cycles and how they've been reduced 'cause we're QAing for one platform. Being able to consistently, quarter in, quarter out, deliver that additional feature set and additional value, at no additional cost to our customers, is really what they've really gelled around. >> How do you guys handle the certification processes that are going? I'm sure there'll be more. I mean, they're coming. With all the free-flowing data, I'm sure there's going to be a lot of regulations and policies and governance issues. But you've got to move fast. How do you guys move fast to certify? Is there a secret sauce? Is there a secret playbook? How do you guys stay on top of it? 'Cause automations, machine learning, what's the secret sauce? >> You know, I think it's interesting, part of the uniqueness that is Druva I think is, our ability to anticipate market demand. I think we have a very experienced team of individuals. Look at the choice to go to AWS eight years ago. It was unthinkable at that time, but its turned out to be a visionary sort of choice. We identified that FedRAMP and FIPs certification, three or four years ago, was an absolute mandate to play in this marketplace. So we went there way ahead of our success in the market but we saw a very unique opportunity to go there. So I think it's just a tremendously creative group of people. It's a very dynamic marketplace. And it's one that requires a little bravery and a little bit of thinking in advance of the marketplace. I don't know that we have any magic sauce, but so far it's worked pretty well. I think it's worked out alright. >> I always ask just to see. >> Although that's a good question. >> To that point though, eight years ago when you went, it was a leap right? >> It was. >> Big leap. And now here you are 2017, things are rolling along. I imagine your sale or your pitch has taken on a different tone because you have so much proof in the pudding now, right? >> Oh, it does. A long time ago it was strictly backup. We've now moved into governance, e-discovery, the idea of user behavior analysis so I can find anomalies that may occur so that I can avoid Cryptolocker or other sorts of viruses or things that may be able to affect the operation of my customers. All of those things have come into play that weren't there four years ago. So it's really been an advancement of the added services beyond what we just did in backup, that have really kind of driven the business and differentiated us from the market. But it's still kind of fundamentally that idea that I'm going to protect your data, make it available to you and separate now from your device and really help you manage your data wherever you're doing your work. >> I know we're running tight on time, I do want to get one more question in from your perspective because again, present and creation is really a benefit to Druva, congratulations on that. You get to ride the wave and now the wave is bigger and more sets coming in. That's to use the surfing analogy. But talk about the perspective from your personal standpoint, just the changes going on in this marketplace right now. Teresa Carlson, when we were commenting on our opening, how tenacious she's been. She's knocked on a lot of doors. Eight years ago, what the hell's cloud? No one even knew what it was right? And then the shot heard around the Cloud with the CIA deal and just more and more and more in them, this is just a great business opportunity for Amazon Web Services, not just the enterprise, which they're doing well in now. >> Right. >> They own the startup market. This could be, it could have a 90% market share of public sector. >> That's right, that's right. >> John F.: Talk about the change. What's going on? Is it the perfect storm? Is it like right now, what's the progress. >> Well you know, it seems like its a perfect storm but for somebody who's been banging at it for the last four or five years, it seems to be a little bit more evolutionary. But it's interesting, when I started at Druva, if I looked across our opportunities across the Americas. It was fairly evenly split between the idea that I'm going to do this on premise or I'm going to do it in the Cloud. Today, if I look across all o6f North America and all the commercial entities and public sector entities that we're dealing with, we're probably engaged in well over 500 opportunities at any one time, literally less than two, quarter over quarter, is now on premise. People have come to embrace the idea that this is a place where I can conduct business safely and securely. And frankly, for us, you look at that digital transformation or business transformation, we become two really compelling services to start and experiment with moving to the Cloud. So very often, we are the tip of that spear. Lets backup our endpoint devices to the Cloud, let's get out of that business, 'cause we can do it much more effectively with Druva than we can for ourselves at less cost. >> It's almost the reverse of what on prem was. I've had many opportunities where I've bumped into IT practitioners, friends and what not in the industry. "Oh, I forgot to do the backup plan. I got the procurement going on." It's kind of an afterthought, it's been kind of an afterthought. I am oversimplifying but generally, it's not the primary. When you go outside the walls of a company, into the Cloud where there's no perimeter, it's the first conversation. >> That's right. >> So I hear what you're saying and I totally agree. This is unique, it's a complete flip around. >> Well it's amazing. So often, we're backing up server data to the cloud. So now it used to be just backing up to the Cloud. Now it's, I have the application running in the Cloud and I want to back it up and secure it into another Cloud. It's completely morphing into all sorts of interesting places. But the part that's really interesting is that we will bring to our customers disaster recovery, for example. Well that's a service, we turn it on and if you never experience the disaster, you don't pay for it. It just creates a whole new mindset of how we're going to think and how we're going to approach the infrastructure that we're now building. >> No license fee. It's just if you need it, you get whacked on it and you deserve to get whacked on it because you need the service. >> Well, they know what the cost will be. We've set it up for a nominal fee but if you're fortunate enough that you never experience the problem, why should you pay for it. So literally cutting that price in half, removing the requirement of 2XL Servers and 430 tip. >> John F.: It's a new operating model. >> That's right. And the flexibility that it creates to change to your computing requirements is just phenomenal. >> Well, phenomenal, I think would be a way to describe your ascent as well. >> Oh thank you. >> So congratulations on that front. Glad you could be with us Jeff, at the show. Continued success and we hope to see you down the road on theCube. >> John, John, it was a real pleasure. >> John W.: First time right? >> It was, it was, thank you. >> John W.: You're a tour alum now or a Cube alum. (laughs) >> John F.: Cube alumni. >> Good to have you with us. >> Jeff: Thank you, thank you so much. >> Jeff McAllister with Druva. Back with more here from AWS Public Sector Summit 2017 on theCube. You're watching live in Washington D.C..

>> Announcer: Live, from Las Vegas, it's the Cube. Covering InterConnect 2017. Brought to you by, IBM. >> Okay welcome back everyone, we're here live in Las Vegas for IBM InterConnect 2017, this is the Cube coverage here, in Las Vegas for IBM's cloud and data shows. It turns out, I'm John Furrier, with my cohost Dave Vellante, next guess is Jamie Thomas, general manager of systems development and strategy at IBM, Cube Alum. Great to see you, welcome back. >> Thank you, great to see you guys as usual. >> So, huge crowds here. This is I think, the biggest show I've been to for IBM. It's got lines around the corner, just a ton of traffic online, great event. But it's the cloud show, but it's a little bit different. What's the twist here today at InterConnect? >> Well, if you saw the Keynote, I think we've definitely demonstrated that while we're focused on differentiating experience on the cloud through cloud native services, we're also interesting in bridging existing clients IT investments into that environment. So, supporting hybrid cloud scenarios, understanding how we can provide connective fabric solutions, if you will, to enable clients to run mobile applications on the cloud and take advantage of the investments they've made and their existing transactional infrastructure over a period of time. And so the Keynote really featured that combination of capabilities and what we're doing to bring those solution areas to clients and allow them to be productive. >> And the hybrid cloud is front and center, obviously. IOT on the data side, you've seen a lot of traction there. AI and machine learning, kind of powering and lifting this up, it's a systems world now, I mean this is the area that you're in. Cause you have the component pieces, the composibility of that. How are you guys facilitating the hybrid cloud journey for customers? Because now, it's not just all here it is, I might have a little bit of this and a little bit of that, so you have this component-isationer composobility that app developers are consistent with, yet the enterprises want that work load flexibility. What do you guys do to facilitate that? >> Well we absolutely believe that infrastructure innovation is critical on this hybrid cloud journey. And we're really focused on three main areas when we think about that innovation. So, integration, security, and supportive cognitive workloads. When we look at things like integration, we're focused on developers as key stake holders. We have to support the open communities and frameworks that they're leveraging, we have to support API's and allow them to tap into our infrastructure and those investments once again, and we also have to ensure that data and workload can be flexibly moved around in the future because these will allow better characteristics for developers in terms of how they're designing their applications as they move forward with this journey. >> And the insider threat, though, is a big thing too. >> Yes. >> I mean security is not only table stakes, it's a highly sensitive area. >> It's a given. And as you said, it's not just about protecting from the outside threats, it's about protecting from internal threats, even from those who may have privileged access to the systems, so that's why, with our systems infrastructure, we have protected from the chip, all the way through the levels of hardware into the software layer. You heard us talk about some of that today with the shipment of secure service containers that allow us to support the system both at install time and run time, and support the applications and the data appropriately. These systems that run Blockchain, our high security Blockchain services, LinuxONE, we have the highest certification in the industry, EAL five plus, and we're supporting FIPS 120-two, level four cryptology. So it's about protecting at all layers of the system, because our perspective is, there's not a traditional barrier, data is the new perimeter of security. So you've got to protect the data, at rest, in motion, and across the life cycle of the data. >> Let's go back to integration for a second. Give us an example of some of the integrations that you're doing that are high profile. >> Well one of the key integrations is that a lot of clients are creating new mobile applications. They're tapping back into the transactions that reside in the mainframe environment, so we've invested in ZOS Connect and this API set of capabilities to allow clients to do that. It's very prevalent in many different industries, whether it's retail banking, the retail sector, we have a lot of examples of that. It's allowing them to create new services as well. So it's not just about extending the system, but being able to create entirely new solutions. And the areas of credit card services is a good example. Some of the organizations are doing that. And it allows for developer productivity. >> And then, on the security side, where does encryption fit? You mentioned you're doing some stuff at the chip level, end to end encryption. >> Yeah it really, it's at all levels, right? From the chip level, through the firmware levels. Also, we've added encryption capability to ensure that data is encrypted at rest, as well as in motion, and we've done that in a way that encrypts these data sets that are heavily used in the main frame environment as an example, without impending on developer productivity. So that's another key aspect of how we look at this. How can we provide this data protection? But once again, not slow down the velocity of the developers. Cause if we slow down the velocity of the developers, they will be an inhibitor to achieving the end goal. >> How important is the ecosystem on that point? Because you have security, again, end to end, you guys have that fully, you're protecting the data as it moves around, so it's not just in storage, it's everywhere, moving around, in flight, as they say. But now you got ecosystem parties, cause you got API economy, you're dealing with no perimeter, but now also you have relationships as technology partners. >> Yes, well the ecosystem is really important. So if we think about it from a developer perspective, obviously supporting these open frameworks is critical. So supporting Linux and Docker and Spark and all of those things. But also, to be able to innovate at the rate and pace we need, particularly for things like cognitive workloads, that's why we created the Open Power Foundation. So we have more than 300 partners that we're able to innovate with, that allow us to create the solutions that we think we'll need for these cognitive workloads. >> What is a cognitive workload? >> So a cognitive workload is what I would call an extremely data hungry workload, the example that we can all think of is we're expecting, when we experience the world around us, we're expecting services to be brought to us, right, the digital economy understands our desires and wants and reacts immediately. So all of that is driving, that expectation is driving this growth and artificial intelligence, machine learning, deep learning type algorithms. Depending on what industry you're in, they take on a different persona, but there's so many different problems that can be solved by this, whether it's I need to have more insight into the retail offers I provide to an in consumer, to I need to be able to do fraud analytics because I'm in the financial services industry, there's so many examples of these cognitive applications. The key factors are just, tremendous amount of data, and a constrained amount of time to get business insight back to someone. >> When you do these integrations and you talk about the security investments that you're making, how do you balance the resource allocation between say, IBM platforms, mainframe, power, and the OS's, the power in those, and Linux, for example, which is such a mainstay of what you guys are doing. Are you doing those integrations on the open side as well in Linux and going deep into the core, or is it mostly focused on, sort of, IBM owned technology? >> So it really depends on what problem we're trying to solve. So, for instance, if we're trying to solve a problem where we're marrying data insight with a transaction, we're going to implement a lot of that capability on ZOS, cause we want to make sure that we're reducing data latency and how we execute the processing, if you will. If we're looking at things like new work loads and evolution of new work loads, and new things are being created, that's more naturally fit for purpose from a Linux perspective. So we have to use judgment, a lot of the new programming, the new applications, are naturally going to be done on a Linux platform, cause once again that's a platform of choice for the developer community. So, we have to think about whether we're trying to leverage existing transactions with speed, or whether we're allowing developers to create new assets, and that's a key factor in what we look at. >> Jamie, your role, is somewhat unique inside of IBM, the title of GM system's development and strategy. So what's your scope, specifically? >> So, I'm responsible for the systems development involved in our processor's mainframes, power systems, and storage. And of course, as a strategy person for a unit like that, I have responsibility for thinking about these hybrid scenarios and what do we need to do to make our clients successful on this journey? How do we take advantage of their tremendous investments they made with us over years. We have strong responsibility for those investments and making sure the clients get value. And also understanding where they need to go in the future and evolving our architecture and our strategic decisions, along those lines. >> So you influence development? >> Jamie: Yes. >> In a big way, obviously. It's a lot of roadmap work. >> Jamie: Yes. >> A lot of working with clients to figure out requirements? >> Well I have client support too, so I have to make sure things run. >> What about quantum computing? This has been a big topic, what's the road map look like? What's the evolution of that look like? Talk about that initiative. >> Well if I gave you the full road map they'd take me out of here with a hook out of this chair. >> You're too good for that, damn, almost got it from you. >> But we did announce the industries first commercial universal quantum computing project. A few weeks ago. It's called IBM Q, so we had some clever branding help, because Q makes me think of the personality in the James Bond movie who was always involved in the latest R&D research activity. And it really is the culmination of decades of research between IBM researchers and researchers around the world, to create this system that hopefully can solve problems to date, that are unsolvable today with classical computers. So, problems in areas like material science and chemistry. Last year we had announced quantum experience, which is an online access to a quantum capabilities in our Yorktown research laboratory. And over the last year, we've had more than 40,000 users access this capability. And they've actually executed a tremendous number of experiments. So we've learned from that, and now we're on this next leg of the journey. And we see a world where IBM Q could work together with our classical computers to solve really really tough problems. >> And that computing is driving a lot of the IOT, whether that's health care, to industrial, and everything in between. >> Well we're in the early stages of quantum, to be fair, but there's a lot of unique problems that we believe that it will solve. We do not believe that everything, of course, will move from classical to quantum. It will be a combination, an evolution, of the capabilities working together. But it's a very different system and it will have unique properties that allow us to do things differently. >> So, what are the basics? Why quantum computing? I presume it's performance, scale, cost, but it's not traditional, binary, computing, is that right? >> Yes. It's very, very different. In fact, if. >> Oh we just got the two minute sign. >> It's a very different computing model. It's a very different physical, computing model, right? It's built on this unit called a Q bit, and the interesting thing about a Q bit is it could be both a zero and a one at the same time. So it kind of twists our minds a little bit. But because of that, and those properties, it can solve very unique problems. But we're at the early part of the journey. So this year, our goal is to work with some organizations, learn from the commercialization of some of the first systems, which will be run in a cloud hosted model. And then we'll go from there. But, it's very promising. >> In the timeframe for commercial systems, have you guys released that? >> Well, this year, we'll start the commercial journey, but within the next few years we do plan to have a quantum computer that would then, basically, out strip the power of the largest super computers that we have today in the industry. But that's, you know, over the next few years we'll be evolving to that level. Because eventually, that's the goal, right? Is to solve the problems that we can't solve with today's classical computers. >> Talk about real quickly, in the last couple minutes, Blockchain, and where that's going, because you have a lot of banks and financial institutions looking at this as part of the messaging and the announcements here. >> Well, Blockchain is one of those workloads of course that we're optimizing with a lot that security work that I talked about earlier so. The target of our high security Blockchain services is LinuxONE, is driving a lot of encryption strategy. This week, in fact, we've seen a number of examples of Blockchain. One was talked about this morning, which was around diamond provenance, from the Everledger organization. Very clever implementation of Blockchain. We've had a number of financial institutions that are using Blockchain. And I also showed an interesting example today. Plastic Bank, which is an organization that's using Blockchain to allow ecosystem improvement, or improving our planet, if you will, by allowing communities to exchange plastic, recyclable plastic for currency. So it's really about enabling plastic to be turned into currency through the use of Blockchain. So a very novel example of a foundational research organization improving the environment and allowing communities to take advantage of that. >> Jamie thanks for stopping by the Cube, really appreciate giving the update and insight into the quantum, the Q project, and all the greatness around, all the hard work going to into the hybrid cloud, the security-osity is super important, thanks for sharing. >> It's good to see you. >> Okay we're live here, in Mandalay Bay, for IBM InterConnect 2017, stay with us for more live coverage, after this short break.