(upbeat music) >> From the SiliconANGLE media office, in Boston Massachusetts, it's theCUBE. (upbeat music) Now, here's your host, Dave Vellante. >> Hi everybody, welcome to this cube conversation. This is part of our CIO series and Jason Thomas is here, he's the CIO of Cole, Scott, and Kissane. CSK is Florida's largest civil defense law firm. Cube along Jason Thomas, great to see you again, thanks for coming on. >> Yeah, thanks for having me. >> So, let's talk a little bit about, the firm. largest firm in Florida, the focus is on Civil Defense, so you got lawyers, you got paralegals running around, you got demanding clients. What's the business like that's driving your technology strategy? >> so when I I'm new to legal, so this, I've been here about almost four years now, so I started January. a whole different world. I came from, from Startup Biotech, that line of business and a completely different animal. it's some of what you imagine, very always on the go, very busy, lot of business, we open dozens of cases a day, new cases, so a lot of things going on. >> Really event driven? >> Yeah very, very busy, so and you know technology's, you know the firm has taken stance that, technology is very important, to the firm and, we want to use the best technology possible, to make us as efficient as possible, so that's the chief driver, for tech at the law firm. >> So tech, you know, 15 years ago, whatever it was like, take an email to SaaS, right? So, but I would imagine you're focusing a lot on just attorney and employee productivity, maybe collaboration, document management, compliance. Are those some of the hot topics? And how are you applying technology to deal with those? >> Yep, so that is a big drive, efficiency, using technology to be efficient, and to make our folks productive. What we don't want to see, and that you see sometimes, you throw a whole bunch of technology at folks thinking that it's going to make them efficient and productive, and actually, it could be the greatest technology in the world for one place, and apply it, and you put it in another firm, and it makes us unproductive, so that's kind of the magic there. Kind of a trick to figuring out, what is it that actually is going to make us productive? >> Are there pretty clear swim lanes in your firm? Or is there a lot of shadow IT going on? Because I would imagine a lot of the frustration of, you know, IT folks is, you get the shadow IT, they bring in a point product, and that IT goes, "CIO's calling clean up this crime scene," and is that a problem in your firm specifically? Or even your industry? Or is it pretty much hey, let the tech folks figure out what the right tool for the job is? >> so in my mind the trick here is, it's not going to be any one person, or any practice group that's going to define what's the best option, what's the best tech. I mean thankfully for me, I do try and drive most of the tech out the firm, but the key is, you have to understand how the business runs. Just because it's cool tech, or it's working at one firm, doesn't mean it's going to apply or work in others. So, I spent a lot of time, in conversations with, a lot of the partners and associates. I try to make myself available as much, just to chat, see what they're doing. see what could make them more efficient. Sometimes if you don't ask, they don't even tell you, but if you ask the question, you can learn a lot in 20 minutes from somebody. And that kind of helps me decide, okay, what is going to make sense, or what's the next thing I should be looking at, to help folks out. >> So basically, Columbo questions, for those of you who remember Columbo, kind of ask your basic questions? What about work flow, how do you spend your time? What kinds of questions would you ask attorneys? >> honestly they could be calling about something completely unrelated to what, you know, what I'm thinking. It just could be as simple as, "Hey I'm this thing with this program where I'm trying to do X and this is the way we're doing now. Is there a better way to do it?" Or, it could be as simple as, we just kind of fall into the conversation based on other things. You know. They just want to talk to somebody sometimes. But they're not necessarily going to bring it up, or just don't have the time, they don't have the time. >> So a lot of times in theCUBE we get caught up, We love the tech, we talk about data science, and machine learning, and block chains and everything else, but then there's this basic blocking and tackling, that the CIO has to worry about. I wondered if you could share your perspectives based on your experience, just in terms of, some of the advice you might give to, organizations that are maybe growing, maybe haven't had the experience of a CIO that's been around the block, maybe in different industries? But some of the basic blocking and tackling that you see, that maybe doesn't happen in organizations, that really needs to happen. >> the expectation, or when you're thinking about, thinking about what the next thing is for the firm, or for your company, you also want to kind of think, you want to think long term as well. You want to think three to five years out. So, if we do this now and based on our current, growth projections, will this work for us in three years? Will this work for us in five years? Or what's our game plan? Maybe we start small, and, expand from there, but you don't want to just plan for the immediate you want to plan for the future. That's kind of, I think that's what CIO should be doing. It's not just about the tech, or is it going to work in our environment, but is it going to work for us down the road. Because we don't want, nobody, CFOs don't want to hear, and CEOs don't want to hear that, hey, yeah we just bought this thing last year, but, yeah we're going to have to buy something new now because it doesn't work anymore. >> But it does happen sometimes? >> It happens all the time, you know. >> Right, I remember, it goes a ways back now, but the federal rules of civil procedure, I think it was 2006, and everybody was rushing to plug holes because the courts ruled that electronic material was evidentiary, for whatever, seven years or something. So everybody was like okay, we need to have a system that allows us to comply. So, they went out and bought email archiving systems, which they knew they were going to have to throw away in three or four year. So how do you deal with it? Do you face that? Especially in a compliance oriented world, and you just try to sort of balance the cost and the throw away nature of that initiative with something more strategic? How do you deal with that? And how do you communicate that to the powers that be? >> Number one, no one likes to be held at gunpoint, number one, and especially my boss, so. I mean he gets it right, I mean there's regulations. But I will say, nothing happens as fast as everyone says it's going to happen. so there's always that idea. There's always this panic, oh we've got to put this in, and honestly I feel like tech folks use an excuse, and of course I do too. Say like, oh you all this is awesome. You know, we get to put something new in and, you know no one's going to say no and, it's not always the best approach, and again you kind of have to look at it long term, holistically for the business. You know, what is really going to happen in a few years? Is this technology going to even be a thing in a few years? Or is it just like, just to satisfy an immediate solution? Because again, I don't want, the last thing I hate doing is putting something in and telling my boss that it has to be replaced. He hates hearing that, and I don't want to tell him that either, quite frankly it's embarrassing. >> I don't blame your boss. >> Yeah it's embarrassing, it's just, let's do it right the first time. >> How do you do planning? I mean obviously there's a technology component, of planning, but I'm inferring from what you say that the end of technology is kind of the, the last thing you should be worrying about. You should be worried about the direction of the firm, the business, the growth plan, how do you do, as CIO, planning and how do you align that with the business? >> conversations, so lots of conversations. Lots of conversations with the attorneys. continued conversations with my boss, the CEO, and sometimes I'm not really great about it sometimes. And, you know, weeks will go by, you know, and I won't even have a conversation with him, about what's going on, and he wants to know what's going on. He doesn't understand all of it, but in those, you know, 15, 20 minute conversations, you'll be surprised what you'll learn. What's going on in the business that you didn't, or I didn't know about, and from there I can make decisions about, you know, six months from now, or next year, or during budgeting season, what it is that we need because, budgeting season is not really the time that you need to try and figure out what you want to do for next year. You want to have a plan months before that. You know, You already want to have kind of an idea of what you want to do, I mean, I've been talking to my CFO since, the beginning of summer about things we want to do for 2020. you know, six months, nine months, ahead of time, so. >> So, do you do basically annual planning? Do you try to look out further? Do you formally document that stuff? >> Every quarter, so we have, we kind of have most of the conversations with our, with my CFO and COO. every quarter we have kind of a list of projects/ what is it we want to do for the next couple quarters. We just kind of, track that and based on what we're seeing and how we do, then we, basically we plan each quarter, is how it comes down to. And we have a, we'll call it a white board, a virtual white board of what we're doing and what we want to do. >> But relatively near the midterm planning, you know doing like five year plannings though right? >> No. >> Waste of time to try to do that, or? At least in your business, maybe in pharmaceuticals? >> At least for us it was really, it's hard for us, to do that because of how quickly we grew over the last, again I've only been here almost four years, but even when I started, in 2015, I think we had somewhere around 300 plus attorneys. Now we're somewhere in the 475 range, I'm not saying no one saw that happening, but I don't think we expected that. I mean business has been great and we're happy, and we're fortunate to have it, but you can only plan so much. but do the best you can with the data you have. >> And for organization structure, you report to the CFO, is that correct? >> CEO. >> CEO? Okay so the, so you're a peer essentially of the CFO, is that right? >> Yeah. >> So you talk to the CFO about budgeting? >> Yeah. >> So you've got the CEO's >> More of the nitty gritty you know the details and numbers. >> What's that conversation like? Is it obviously you've got to justify, show a business case, or is it more sort of hate space? >> So here's the good news. I got lucky again. the CFO is very technology forward and so he understands that it drives a lot of efficiencies within the firm. So he gets it but he's been in the history long enough to get it and knows that we can, again he's efficiency a lot, but there's just a lot of efficiencies, and a lot of inefficiencies seen in a lot of what folks do in law firms that no one takes the time to sit down and say okay why do you do it like this? there's got to be a better way. Well this is the way I just do it, and so, we've been able to kind of adjust a lot of those work flows, or change those work flows to make it more cost effective for the business. Like even things simple as, just manage print service, you know, do we store 100 toners in the back somewhere and then wait for someone to, say that they're out of toners? That's not very efficient. and it's very expensive actually, so you put in a much more efficient process in place for toners. Because we're a paperless firm, but you know, I mean we still have to print, so. >> So, the joke about the paperless office was something like paperless bathroom. So, the other way around, I want to ask you about security. Are you the defacto Chief Information Security Officer, or do you have a CISO, or? >> I do not have a CISO that is me, so that'll be me. >> So, that is you. Alright so let's talk security. So, what is the state of security and as you see it? it's constantly evolving. Security practitioners tell us that they got so many tools, they got, they might have a SEC ops team, you may or may not, it may be something embedded in your team, but they've got to respond, they've got to respond, sometimes it's hard to figure out what they should respond to, prioritization, the data, keeping up with the bad guys, all that stuff. What's your state of security? >> so I think these days, it's not really, it's not really about having the best firewall, or the best, outside protection, so I think a lot of the attacks that are happening now, not that they don't happen form the outside, but a lot of it is a lot of social engineering, and a lot of everything. They're taking advantage of the the ignorance of the users, for lack of a better way to say it, so a lot of it's coming in through email, malicious links, and they're taking advantage of the inside, and bad practices, and bad policies, and/or lack of So, I think based on what we see in the news now, and what you read about, it seems like there's a breech every week somewhere. And when it comes down to it you find out that X company didn't, didn't use a strong hashing. For assaulting, on the hashes for their passwords. Like simple simple, just basic basic stuff. It's not like some massive operation like you see in a movie where you know, they're making this big plan to break in a building and it pans out and they're sneaking in you know, from the ceiling and all that kind of stuff. They're just basic stuff, they're just passwords. How can passwords, reused passwords, just databases of passwords everywhere, out in the dark where you can just buy, and they're just utilizing simple stuff like that. It's not even complicated anymore, it's just, it's a lot of social engineering. >> Often times I say that bad user behavior trumps good security every time, I wanted to ask you about the state of the self security in the industry. So you are reinforced, we were there, and Steven Schmidt stood up and he said, "Look at this narrative from the vendor community that says security is broken, isn't productive. It hurts the industry at the same time." I was at VM world recently a couple months ago, last month actually, Pat Kelsinger basically stood up and said security is broken and we're here to fix it, they bought, you know made a big acquisition of carbon black a local company, so you have these two different, you know, polarizing opinions, I don't necessarily feel like the state of security is great. I look back every year I say do I feel more secure or not, you know remember art cove yellow, every year RSA would write his letter. but what are your thoughts on that? Are you basically saying hey, it's, a lot of times it's user behavior, it's things that maybe, you know it's education, is security a do over? I guess is my question. >> A do over in the sense that I think it just comes out to basic education. I have, you'd be, we're in tech and we understand security and we have all these grand ideas and technologies and vendors and software that we use to do different things on all these fancy dashboards. But, if you ask the basic person off the street about, I think I saw a skit on Twitter the other day and you know there was this guy going around asking them, asking people, you know, what's your Facebook password, or you know how complex is it and they'll just give them their passwords and stuff you know, and I mean there's just a lack of basic education, so all us security buffs walk around, and they don't understand what we're talking about, but they don't need to understand what we're talking about. We just need to be able to look, to just have a basic security awareness and training with folks. I have a friend who works in industry, or in a nonprofit that does, that helps folks who've been you know kind of, harassed or abused online. And she's saying, she's telling me, she's like, "Look you guys are great you're really smart, but these folks, they don't know the basic stuff like hey you know someone keeps logging into my internet, and I keep seeing someone, you know, these weird things in my yard, like cameras in my yard and, can I do this with my phone, and oh well I can't use, like, my dogs name for my Facebook password? Like this is just basic stuff that nobody knows. It's not because they're stupid it's just, they just don't know." And so, like we're up here, and your average everyday person is just on this level. >> How about ransom ware? Obviously a hot topic in the business. what should people be, what should they know and what should they be doing? >> at a basic level security ware is training, it's very simple to do, there's a lot of, no that I'm, pushing products there's plenty of products out there. Secure great ones that kind of help your user, or teach them what not to do, or what to look for. we run a fishing campaign in our firm every once in a while and at this point no one clicks on anything without asking. I mean I get direct emails and I say hey, how's this look? Does it look like I should click it or, you know, does it look legit, I mean it's great. They ask now, they know not to do it. Whereas, I mean that's how they get you. That's how they get most of these places. Especially from we get a lot of, we constantly hear about small firms or smaller clients/companies getting hacked, we constantly get emails from them all the time. They'll get hacked and then we'll get the the emails with the links or whatever. that's one on the user side. On the IT side, we just really need to take it back to the basics, let's make sure we have, backups, and a backup policy, and a data protection policy, and an instant response plan. Let's have a plan here, let's not react when something happens, let's just have a plan. Honestly at our firm, we do have backups, we have layered strategy, but there's just some basic things that we don't do, like you know, IT folks, we don't, we don't keep things on our desktop. Let's start with us, you know we're supposed to be the leadership, in this regard, so let's not keep stuff on our desk let's keep stuff on the network. Let's keep it protected. Make sure it's part of the backup schedule. things like that, I think you just start there, because I was you know, I was just reading about, there's an article that came out yesterday, I think it was Washington Post, and it was talking about the ransomer incident in Baltimore a few months ago. They're just now finding out that the, even the IT folks had stuff on their local computers that couldn't be recovered, important documentation. So, this is just data protection 101. You know, we've got to take it back to the basics, take it back. >> Last question, is just kind of your career, so you mentioned before, you were in, I think you said health care, or? >> Yeah so I worked with MSP, so I worked with a lot of start ups. >> So, how'd you get here how'd you become a CIO? People out there may be, you know people in tech, they aspire perhaps to stay in tech, but they want maybe more of a management role. What was your path, and what kind of advice would you give them? >> what I would say is, so it worked out where, I was I was a lead at the company I was at here in Mass at the time, and so long story short my wife had an opportunity in Orlando, we moved, and I said I would never work for a law firm, ever. because I was, when my current boss found out I was coming we have a, a long relationship. When I was in, grew up in Florida and so part of that yeah, okay so I was in the right place at the right time and I knew somebody, that's why it's important to stay on top of networking. Always be networking, not for any other reason, just get to know people, you know. the tough thing that I had growing in the industry, I didn't get involved early on, which I should've. I should've gone to events, things like that. Get to know folks because if the people don't know you, why are they going to hire you? It's easier to get in somewhere, or get an opportunity, if they at least know you, or know your name, or know somebody that knows you. That's number one, so I'm big on that. as soon as I moved back here I've already started, I have quarterly lunches with some of the CIOs at different firms, I just put myself put there. Just hey I'm here, want to get together for lunch? It's that simple. number two make sure this is what you want to do, it's a lot of it, and you hear this all the time, a lot of it has to do with personalities and people. You're managing personalities and people half the time. You are not just doing the tech. If you think you're just going to be doing tech, or you're just going to be doing cool stuff, not the case. So, make sure you can, you know, make sure you know what you're getting into because it's, it's very challenging. >> Now that's great, great advice, so network, it's not, I like to say it's not who you know it's who knows you, so get out there. And then, Love it because, a lot of times I would imagine it's thankless. Right, you hear, >> Yep. >> You hear a lot of the chatter when something goes wrong, >> It's like a defense of a football team, you know, it's fine until, >> Until somebody scores. >> And someone gets sacked you know what I mean, otherwise no one cares. >> Alright Jason well thanks for the update, really appreciate you coming on theCUBE again. >> Thank you. >> Alright you're welcome, alright keep it right there buddy. We will be back with our next segment, right after this short break. (mood music)

[Announcer] From the SiliconANGLE Media office in Boston, Massachusetts. It's the CUBE. Now, here's your host Dave Vellante. >> Hi everybody, welcome to this CUBE conversation. We're here again with Jason Thomas who is the CIO of Cole, Scott and Kissane, CSK, Law Firm in Florida. And we're going to talk tech a little bit and specifically going to focus a little bit on the infrastructure, architecture, some of the tools and products that Jason is using. How he is applying technology. Good to see you again, Jason. Thank you for coming on. >> Thank you. >> So we know about your law firm. Largest civil defense law firm in Florida. Very fast growing. You know, I think you said 400 plus attorneys, right? So, growing for the last three or four years from about 300 or so, right? So very fast growing, dynamic. Doing awesome, that's great. Congratulations. I want to talk about your infrastructure. So, paint us a picture of what your shop looks like. And we'll get into it. >> Yup, so I am very big on centralization. So, when I first arrived at the firm we had a lot of data sprawl is the best way to put it. You know, just kind of servers everywhere. Different offices. And I said the first thing we need to do is take all of this. We need to get everything in the data center. That's just going to make life much easier, as much as possible. So, at this point all we really see in any given office is a main controller and a print server. That's it. And, other than that, everything else is in the data center where we use Pure Storage on the back end for our SAN, for our high performance type applications. For our document management where we've moved or in the process of moving all of that to the Cloud. That's much more efficient that way. Sitting on an all FlashArrays is not, does not make sense as far as PDFs and word documents go you are not going to see the crush or data reduction there. And so, we've got that there so, we've got kind of a multi-layer strategy. Not to say that I'm paranoid, but I'm kind of paranoid when it comes to data protection and data loss. And so we started as simple as our file servers, for example, we have shadow copies enabled. That's the simplest, it's free. So, if someone deletes a random file or something, rather than going to our, we don't even have to go to our backup system. We just take a look, some snapshots, go back and restore that. If it's, you know, something simple like that. That way, even if we wanted to let an end user restore a file, we could, but we handle that. >> So it's not self-serve. >> Yeah, it's not self-serve but we do it for them. But, it's a basic tech can do that. You don't have to call the system admin to handle that. Anything further than that, then yeah, we go to the backups and then part of our backup... Our next step in our backup strategy, we are a Rubrik shop, so we have a brick, a brick as they call it in our data, in our backup data center. We have another data center just for backups. So, that all gets stored. The Rubrik, it's completely immutable, and it's got decent retention on that. So... >> Did you bring in RubriK, or was it there? >> I brought in Rubrik, yeah. >> OK, why did you bring in Rubrik? >> We were using, and you had mentioned earlier in the segment, when we started out, we were much smaller than we were years ago. We were using a product that was probably geared more towards SMB, and we needed something a little more enterprise. So, we brought in Rubrik a couple of years ago. >> OK. >> And we've done some, we haven't had to use it, thankfully haven't had to use it much. It's there and we do obviously do testing on it on a regular basis. I have spun up a VM on it which is awesome that I might personally ruined a VM myself it wouldn't boot But luckily it was a test VM so I was able to spin one up there. So it works as advertised. It's awesome, very fast. And then we've also got another data center outside the state of Florida where we have another, basically, it's basically a replica or duplicate of what we have in our main data center and we replicate Pure to Pure. We have another Pure Storage unit in that data center and we use their replication technology and snap-shotting to put everything there as well. >> OK, and what about the network? What's that look like? >> So, we have, right now we have thirteen offices now and they're all on MPLS private network and we've got secondary and third internet connections for backup or internet in general. We're looking at some type of SD-WAN strategy, it means a lot of things to a lot of folks, but for us we like to kind of take advantage of those secondary and third connections and create our own kind of private network if we have an issue with the MPLS. >> And you're a VMware shop, right? >> Yup. >> And you're also, you put stuff in the Cloud. What's your Cloud provider? >> Yup, so, and then our kind of final layer in that, part of that strategy, is I did want to have the option and look in the future to put, to replicate to the Cloud, so I got in touch with Clumio, they're pretty new, new on the street, but the CEO and I know a few of the folks there from other industries and other places and I have a lot of trust in what they're doing. Basically, we are basically replicating all our servers to the AWS Cloud using Clumio, so it's... it integrates in the vCenter and basically sends all of the date up to the AWS cloud. And so, I get the same type of retention as a Rubrik. We get seven years retention, and it's immutable as well, so that's my, kind of my backup of the back up plan. In the future, who knows. We may not even need the DR site anymore. We may just go straight, if we need a failover, we just failover to AWS vCenter in the Cloud. We've got our Clumio backups there and we have the ability to spin up VMs there as well. >> So, okay. So you've got a VMware running on AWS. >> mm-hm >> And that's what you're using in Clumio to protect correct. And why Clumio and not Rubrik if you are a Rubrik shop? >> The management piece. The simplicity of the interface. It's...I like the way they manage everything for you, so you don't even need to have agents on the servers. You basically, it's under their account, you simply install a appliance locally in your environment, a virtual appliance, and they take care of the rest. And you're just presented with an interface, a GUI interface to do whatever, whether it is to do restores, or monitor, or check up on the indexing of the data. That's all, it's pretty simple. There's really not much to do. It's the simplicity of the solution that was really attractive and it's in my mind, it's a no brainer as far as cost and effectiveness. >> And, it's Pure SaaS model is my understanding, >> Pure SaaS. >> Correct? So you're not installing any hardware or >> Nope, no hardware. No agents. It's simply an integration into vCenter and you just let it do it's thing. And that's it. >> It's interesting, I mean you look at the history of SaaS. It kind of started with CRM, kind of went from CBL, to Salesforce, you had Exchange, went to Gmail, and then eventually Office 365. You saw ServiceNow actually took a while, they kind of disrupted BMC, but that took about, you know a decade. Workday was much faster, right? Workday took, who was it... PeopleSoft I guess was the main HR product. So do you feel like a backup is next, or sort of this hybrid world, this mix of sort of on-prem backup folks, and traditional backup and SaaS, or do you think like many of these other, not that these other companies go away, I mean Teradata's going to be doing still well. You have Snowflake disrupting them. But do you see the SaaS backup as something that's going to have legs? >> Yeah, because when you talk about Cloud, it's still, depending on what you want to do, putting your entire infrastructure on the Cloud, it, I mean, it's expensive. You, everyone is preaching Cloud, Cloud, Cloud, but you kind of have to look at it and say, okay, does it really make, from a cost perspective, it doesn't always make sense. It's very expensive to spend above the Azure or AWS. You know once, once you put all the storage and compute costs. But, things like backup, it totally makes sense, and honestly it's been going on at least a decade right, between Carbonite and Mozy and all these players >> Sure, right, and Endpoint. >> You know, so people have been doing it, I mean, Clumio, what they have done has just taken it to the Enterprise and they're taking advantage of different storage tiers in Amazon. I mean, it's not, there's nothing, there's nothing complex I would say, or they didn't come up with something amazing. They just figured, they took something and made... >> Don't tell that to the engineers (jovial laughter) >> I'm sure, listen guys, I'm sure there's a lot of complexity to the engineering behind it, but basically all they've done is put a nice interface on top of something, and they've taken all the complexity out of, you know, setting up your own AWS account. And managing all your buckets. And all that, you know. They're handling, taking care of all of that and doing it for you, basically. And how they do it, you know, I don't know. But definitely different storage tiers and mixes of that to make all of that happen. But they just make it super simple and super affordable, is the other piece. It's very affordable in my mind as opposed to other directions I could go with Cloud backup. >> Yeah, you've mentioned that a couple of times. First, it's amazing to me how, it's like you're compressing the innovation cycles and backup. I mean it was. It just feels like recently you were Cohesity, Rubrik, and raised hundreds of millions of dollars, and it was all about simplicity... >> Yup. >> And they, each of those companies, as I'm sure Veritas and Dell EMC, and Commvault. They all have Cloud plays, right, so I'm still trying to understand what's different about Clumio. It sounds like it's Pure SaaS, that's a different.. I mean you've mentioned cost a few times. Maybe add some color to that. >> They basically done, what they've done they've taken what Rubrik has done. So I'll back up to when I first look at Rubrik. Basically, the phone call that I got was "Hey man, I'm telling you this is like totally disruptive and it's going to blow you away." And I'm like "Dude. It's backups. You're not going to blow my mind. Give me a break." And he's like, "Just give me a chance." And I was like, "All right, all right. Come in and blow my mind." And literally I was like man, why didn't I think of this. >> It blew your mind. >> It blew my mind. (laughter) And I was like literally like... You put a web interface on top of the entire thing and you basically have to do nothing. It does all the indexing. It's like a search. If I want to search for a file, I just simply type the name of the file like I would in Google, and it just searches across. I don't have to know where it exists. I just need to know that it's there. And basically, what Clumio has done, they've just taken that and just put it into the Cloud. They've done this similar thing: they index all of your VMs, and then if I need to restore a file or search for something, I just type the name of the file and it says here's all of the hits that I got, what do you want to restore? You know, where as, I remember back in the day, or more like two years ago, if you needed to restore something, you kind of, okay, where was it? What was the location? What was the exact path? And you got to go D drive, and this folder and this folder. There's none of that anymore even. It's just they've even taken the work out of that so you don't even need... the same reason we went with Pure is you don't need a storage admin and you don't really need a backup admin, per se. You don't need a person spending a lot of time, or devoting a lot of time to the process. It just works. You don't need a babysitter is what it comes down to. So where as, you have one of these legacy type storage arrays or backup systems, you have to babysit it. Nobody has time to babysit that. >> So they've abstracted all of that complexity away and it's going to be interesting to see how the industry responds. It's like the NFL, this industry is a copycat industry, and so at the same time they have a big install base. And people don't generally like to migrate, right, off of something to something else. >> So here's, so what I'll say to that is, and that part stinks, no one likes to migrate off of anything but you're not really migrating off of anything. You don't really have to do much. You just pop something in, you just pop an appliance in, and it really takes care of the rest, like even with Rubrik and Clumio, once you pop that appliance in your environment, hardware or virtual, it integrates integrating into your vCenter environment and it knows what's in there and just asks you, "Hey, which of these do you want to back up; What kind of policy do you want on; how often do you want to backup?" And you just check a box, check boxes. >> So Clumio is not physical hardware? >> No, it's virtual. >> Virtual appliance. >> I think it's like does the management on-prem, it's kind of like a data mover of sorts. >> Today, it's just narrow, right? It's VMware on AWS. >> Correct. >> Presumably there's a road map there. >> I believe there's a road map for my understanding. I would have to think so. I'm not, I'm kind of Cloud agnostic as far as who the player is. Whether it's AWS, Azure, or TCP. But I have colleagues who, they're an Azure shop and that's what we do. And I get that, and so I would imagine, I understand that they probably have Azure and TCP on the road map. >> Well they raised a bunch of dough so I'm sure they've got a road map. >> They've got to do something with it, right. (jovial laughter) Because the backup is so simple, so there's not a lot of engineering. >> Okay. So you don't have a dedicated storage admin or backup admin. >> No. >> Did you used to? >> Before I got there, there was no SAN actually, so there was no storage, but yes, there was a lot of time spent on the backup piece. Managing the backups. Just monitoring it, make sure things were... a lot of time devoted to that. Now there's not a lot of time spent on that. >> And was it qualified people doing it or was it lawyers and paralegals doing the backup? >> Definitely lawyers. (jovial laughter) So yeah, it was our sys-admins. Now they worry about other stuff that's important. >> What do they worry about? How have you shifted that resource? >> A lot of our focus now is moving to exchange in the Cloud. Office 365. So there's quite a bit of work that goes into that, especially given our, some integrations that we have with our case management software and all that. So there's a lot time being devoted to that right now. So our plan is to move next year. >> Okay. So a lot of tactical stuff that you have to get done. >> Yup. >> Last question. I always love to ask this. Things that vendors do that drive you crazy, that you want to tell them "stop doing this?" >> There is not, everyone has a solution for something, and not everybody needs that solution for your one niche. I mean, you go to some of these conferences now and there's billions of vendors, well not billions, but there's just dozens and dozens of vendors and it's almost like some of them are just kind of monetizing that one little thing that I don't really need. So, backups. I need Cloud backups. Storage. I need storage. Outside of that, there's just... and the best way to put it is that I've talked to some colleagues and they're just going through what we like to call vendor fatigue. It's just continuous. It's just all of the time. Someone always has a solution for something. It's not that I don't want anybody to do something, but your solutions are just not for everybody. And it just doesn't work. >> Well the thing is that you're getting pitched all the time and you're experienced. So look at, tell me what it is, what it does, what it costs, and give me five minutes and I'll tell you if it fits my business or not. If it does, I'm going to want to know more. If it doesn't, hey, respect my time. >> Yeah. Usually it's for me, I'm approaching them, I'm approaching a vendor for a solution, not the other way around. If you're approaching me, I'm probably, yeah, I don't have time to answer every call or email. I try to. But usually it's me saying, "hey, we need something for this." And then every once in a while you'll get a Rubrik or Clumio or a Pure come around and well that looks cool. >> Now, is that going to blow your mind? >> Yeah, yeah. >> Yeah, sure. >> But then you find out. >> If it doesn't, then I owe you dinner. All right, all right. >> Then they blow your mind. And that happens. Remember, I'm not saying that doesn't happen. It's just very rare. >> Well a big part of this is that so much venture capital has poured into the tech business in the last ten years. And what do they do with that VC: they promote. They hire sales people. >> Yup. >> They hire go to market so they're under a lot of pressure and are churning through those guys. So they're calling guys like you, trying to get you in a headlock to buy something. It sounds like sometimes it's counter-productive. >> Yeah, I get it, and that's their job that they have to do. I have a policy, I try to answer every email, at least, "I can't" or "I'm not interested." At least that much. I try not to ignore folks, but sometimes it just doesn't work out. >> Good, well thank you for sharing all that insight, Jason. It's great to have you back on. >> Yeah, thank you. >> All right, welcome. All right, thank you for watching everybody. This is Dave Vellante from the CUBE. See you next time. (upbeat music)

>> from Austin, Texas. It's Theo Cube covering your storage accelerate 2019. Brought to you by pure storage. How >> do you all how to do Dave Great Legal garden with you? Yes, I am Lisa Martin with David Lantana. And can you guess we're in Texas were at pure Accelerate 2019 Day one of our coverage here and the Buzzy Expo Hall. Pleased to welcome one of Pierre's customers to the Q B of Jason Thomas, the CEO of Coal, Scott Hussein or C. S K Legal Jason. Welcome to the program. So talk to us a little bit about si es que legal. You're based out of Florida. You're CEO. Give us a little bit of a picture of the law firm, your I T environment and your role. ISS leader of information >> So cold, Scott is saying, >> has been around >> 20 plus years. I joined about three and 1/2 years ago, Um, and we have now this one. We have 13 officers. We just opened up 13th office. We're the largest law firm in Florida currently, and only in Florida. Interestingly enough, I actually live and work out of Boston, but you know, these days there's no reason why you can't work remote. I go, they're off enoughto needed. >> You can avoid the hurricanes by living in >> a snowstorm over >> hurting any >> day because I've been a >> good pro sports in Boston. Better, better college sports in Florida. >> Yeah, No one cares about college sports. >> Best of both worlds. All right, so we're here Appear. You guys have been appear customer for a while. But give us this This picture of the legal landscape from a data volume perspective, I could imagine tons of documentation. I think you guys have hundreds of attorneys. What were some of the challenges three years ago when you were looking for the ideal long? You know, storage service is that you were really looking to four companies like your help eliminate and allow you to really deliver on the business needs. >> So we're heavy, heavy volume, business tons and tons of documents. Um, And when I came on board 39 years ago, the ever start of iron was basically a lot of physical servers, a lot of local storage which, quite frankly, scared me. I came from my previous company. I was that I came from a nap shop And that was when my first initiatives was bringing in a sand into the firm and centralizing all the storage on also setting up D r a cz. Well, along with that. So it started evaluation process pretty much within a few months, coming on board the firm. >> So you knew Netapp. Sorry, Dave. You knew Net up your pure customer perspective. Of what? For some of those things that you were looking for that when you found pure was, like, checks all the boxes. >> I can tell you what I wasn't looking for. It was I wasn't looking to hire a storage admin. So I want to find something super simple demand something that I could manage or any of the guys could manage any this this admits, could manage. So that was like starting point of the evaluation. >> So you had a bunch of sounds like discreet Dad asked direct access storage, and he said that concern you, presumably because it was hard to manage to get a handle on. So you wanted to consolidate >> way had if we had our sequel No sequel box go down down for a day, and, uh, do you ever stole from backups in previous night. Not really a good set up at the time >> in our most of your attorneys century, located in one location. Are they distributed there? >> They're spread out all across up and down floors. So we have 13 offices. So between there, they're all over the place. But a lot of work remote down, too. So that's becoming a big thing as well. So the >> reason I asked you to get the pendulum swinging right, you had almost ass, and then you went to a sin. And now this. You got the head you get cloud. I don't know if you're taking advantage of cloud, are you? >> Uh, we are actually we a lot of our software now that we've slowly start to move a lot of our main main line products to the cloud or a cloud edition of this product. So I would say we're probably 50 to 60% cloud now. >> Yes. So you were tied up in the keynotes this morning, but one of the things we heard in the key notice you could have the pure management experience. No matter where your data lives, bring the the pure cloud experience to your date on Prim and the public cloud hybrid. Is that something that's appealing to you? Is that resonate? Yeah. >> Absolutely. Absolutely. It makes it. Look, I can I can actually blogging appear one of my phone if I want to, you know, and check the room. Not that I ever do. Quite. I'll say I never really need to look at >> it. Well, your c i o. Right. I mean, you got other things to worry about. Get my I would like >> to be involved with fingers in it. >> It's interesting. So I mean, you know, a lot of time CEOs, they don't they let, but your tech I love your technical. See a lot of that. A lot of technical CEOs as well, but But also, you don't want to hire a storage admin. Correct. So you want general is to be able to deal this stuff. Okay, so you know your question. Why? Why pure? What would you look at? And >> so we looked at, um, way looked at HP street power. Big name. Um, we looked at fewer and we looked at 10 tree and I pretty much especially with three part I knew that would be management heavy so that when I toss that one out pretty quickly, not that it's not a great product. But it just wasn't for me or what I was >> the right fit. >> You're not right for us. So we came down the pier and 10 tree. I had a had a buddy who worked at another law firm, and he's like and he was like, Look, just don't even waste time just go pure And it's a phrase that I use Sometimes I stole from him, but he he's like, Dude, this is like storage crack. You'll love it. >> Storage crack. Wow, They need a T shirt. That first >> first hit's free. Okay, so that was the right fit for you. It was your peer was appear that that enticed you. That's obviously take a bit. I presume you take a lot of hair advice. >> Lot appeared, but we didn't even do a POC. >> Wow, this is this is a good period that you obviously trust. >> All right, how to >> see was the interface yet you showed me the interface on a phone call one time, and he's like, this is it. I'm like, That's it. >> What did you actually bring in. What are you using? >> I'm sorry, >> What products That you're actually using, What? Or with pure >> Oh, so I'm sorry. Um Exchange sequel. Um, that our main line, our bookkeeping time, time and building. All that that that's that's the meaning of >> all the legal absent all the legal dated the data stores. Which product from pure is that? Do you know a fan? Is it? Uh, it's the all flash array. Yeah. >> I'm sorry. Yes, it's the FBI. >> Yeah. Okay. And so, thinking about before and after hell kind of a as is and the to be how would you compare and contrast two when you brought it in the pre in the post >> your environment. >> Oh, for your business. >> That's Ah, good question. I felt more comfortable sleeping at night. You know why? Just the reliability of the ease of management. You know, if we need to bring up a volume or expanded volume, we could do it very quickly. It doesn't. It doesn't take a rocket science to do it. And from everyone I spoke to I mean, I can't I'm not I can't speak to it, but I can't. I don't I don't believe I've ever talked anybody that's had an outage or whether you raise gone down. In fact, it seems that they tell me before we even know if there's, you know, an issue. Andi. They jump on it right away. So we've never had never had now has never had an issue, never had an issue with an upgrade. It's been fantastic. That supports awesome. >> No need for a rocket scientist or a storage admin, >> and you're sleeping better. This is very, very good thing so far this interview. So in terms of the traditional storage model that you're well familiar with, as you said, you know, being very familiar with netapp it a previous role, the whole every three years. Allies like it. We've got to switch things out, disrupting operations here, comes along with the Evergreen model, and we go, How much of that is marketing and how much of that really actually means? And I know you're a big >> you're in my mind. So yeah, I was like, Oh, so I'm pre paying for support or, you know, But you know what? One side. Once I understood what it really waas and the advantages of of it inmate sentence. We didn't. We didn't I didn't think we would upgrade as much as we have already. We've already gone through to storage up, raising two controller upgrades. So that's really where where it really makes sense is when you're doing storage controller upgrade. So if you want to start our small, which we do is start a little bit small in the beginning. And then then our business grew like crazy and our storage needs expanded. So we went through at least two upgrades for years. >> So you you bring in a rare you paying basically perpetual license up front boom. And then and then you're doing the evergreen model. And then now you're on a subscription in perpetuity, is that correct? Okay, so you you essentially go from cap Ex Op X over the life cycle, and then when you add capacity, you're paying for that capacity, and then >> you just like you return the equipment, you get your money back, and then, uh, you get new equipment >> is truly non disruptive. >> We've been through to upgrades and to control operates with your major upgrades and, um, both of them we did at 5 p.m. Just not that the firm close. If I were anything but, you know, just to feel comfortable. I don't know how you do it at five, and it's okay because you know, if anything goes down from five and if no one's working right, so But here, obviously, we're always attorneys are always on and know they're really smooth. No problems. Every I mean, they got a great strategy and method to the upgrades way stayed up the entire time. >> I mean, it is a big issue for practitioners. We we've done some quantification over the years, and it was like the minimum to migrate. Honore was $50,000. When you add it all in people's time, the cost of the array, the complexity and you're saying first of all, sound reasonable, right kind of number, right? I mean, that's probably gonna make room for the conservative right. Is that essentially been eliminated? I mean, it gives you some planning, I guess are >> pretty much. And as far as the planning goes, you know, these these guys take care of all that. So when we're ready to make the switch, they just log in and do their thing, and then it's done, >> and in terms of training for yourself or your team. When you've done these two upgrades that what's that process been like? >> Log in and figure it out. I mean, >> it sounds pretty simple. >> There's not much to it. Yeah. >> So what's on the C I ose mind these days? Obviously, you don't stay awake at night now thinking about story. >> I stay awake for security, for >> talk about that data >> breach security seems like every every week. Now it it seems I'm on my Twitter feed and this is there's a new breech home. It just it's It's almost got to the point where, you know, it's just another thing that happens. >> So what's your challenge there? Is it managing all these tools? Is it knowing what to respond to it? Is it the skill sets all of the above? My >> biggest thing is, I believe in lots of redundancy. So, um, so one. Starting with the pure we have, we have a second array in another data center outside the state, so we replicate the to raise between each other. That's that's what we started with that side. We also running, you know, regular backups. We run rubric for that. And we also now have just oh, establishing cloud strategy for backups. Immutable. Um, long, long retention. So we also send our backup to the cloud as well. So now I'm feeling like I can sleep. Probably can sleep late now. I just gotta wait for somebody for something to happen, I guess, and makes sure, and hopefully your strategy is pretty solid here. >> Okay, so D r and backup are part of that overall data protection and security strategy that extends obviously into the perimeter device, etcetera, etcetera. So you have a SEC ops team. How do you weigh? >> Don't have a dedicated no. See. So, >> Well, you're the C cell. >> I'm exactly exactly so. Sher Sher bulls with a small group of us that are also the security team. And we've got a pretty I think we've got at this point a pretty solid security sack. Always room for improvement. Always looking at the new stuff. What's out there? I mean, there's all kinds of cool tech out there. Sometimes I get a little overboard with the team, gets a little upset with me because, you know, I just want to see I want to do another POC, and they're like we have three running. >> Okay, Like you guys have a pretty solid foundation running on pure that you stone to me, like, kind of appear customer for life. So they should at least give you a T shirt. Um, Adam, >> give me atleast >> a T shirt. >> I'll tell you one what really sold me within the first year was we had a We had a B m that wouldn't wouldn't boot up and we couldn't figure out what was going on. So we thought initially thought was a V m where issue and so we call support and you can really figure out. They said it was a pure issue. We call so decide to call Pure. One night I was 89 o'clock at night and decide to give it a shot, and the guy got on the phone and come to find. Now there was some issue with the data stores of'em where it was crossed, her data stores and one was deleted. Oh, apparently maybe me had deleted a small data store that had nothing on it, but apparently it was linked to the data store. This b m for some unknown reason known. Behold, bmr issue. But the guy on the line actually knew of resource within pure. That was That was a big bm weren't guy and he came in. He actually logged in and help us unlinked to data stores. So totally not appear issue. But, you know, he went the extra mile to help us recover that GM gotta back up the same night. >> You know, we got to go, But I ask you a question. You work. You have a lot of vendors you've experienced. What, Avengers do that really tick you off? That they should stop doing? How's your chance? >> I don't like the term road map. >> Really? >> Any time I hear road map, it means, you know >> we don't have it. You >> don't have >> yet, >> But we're gonna look into that so don't do business with people that have no road. >> Jason, thank you so much for share your candor with David. Me on the key. We appreciate it. Congratulations on all your success. >> Thank you >> for David. Dante. I'm Lisa Martin. You're watching the Cube at pure accelerate 19. Thanks for watching

>> Announcer: Live, from Las Vegas, it's the Cube. Covering ServiceNow Knowledge 2018. Brought to you by ServiceNow. >> Welcome back to ServiceNow Knowledge18 the Cube's live coverage. We are the Cube, the leader in live tech coverage. I'm your host, Rebecca Knight, along with my co-host, Dave Vellante. We're joined by Jason Scott-Taggart. He is the head of Business Technology Support at WorldPay. He's in direct from London. So welcome, Jason, to the show. >> Thank you, it's good to be here. >> So first lay the scene for our viewers. Tell us a little bit about what WorldPay is and what you do. >> So WorldPay is the largest payments company in the world. So it's a hidden gem that not a lot of people know about. So recently we merged with Vantiv, which is huge in domestic US. And WorldPay is very large in the rest of the world. So a marriage made in heaven. We're what's technically known as a merchant acquirer, which is a fancy way of saying that we take credit card payments. And we do that for both online or in the store, putting your card in a machine. So billions of transactions a year. >> And what's your relationship with the banking infrastructure around the world? How does that all work? >> Sure, so the banks issue credit cards and your relationship as an individual is with the bank. So you pay your bills to the bank and have that transaction. We look after the merchants. So we're the ones that do the services for the, we quaintly call the merchants still, so for the shops and the traders, we have that relationship. And basically the transactions then go between the two. So individuals to the bank, bank to us, us to the merchants. And we just aggregate that because if you're, even if you're a large company like Costco or Google, you don't want to have to have a relationship with every one of the credit cards let alone every one of the banks. So we aggregate that. >> So tell us about your ServiceNow journey. When did you start using the platform? >> So ServiceNow, we're on our third year now I think with ServiceNow. And it's been explosive. It was a quite seamless transition. We were really pleased with the previous platform we were on, how we moved over. And we slowly added to it. We slowly turned on other modules, other functionality. And it's just become ingrained in our day-to-day IT operations. >> It was simpler because you had had other processes in place? You didn't have to rip and replace those processes and skill sets? >> We took it as an opportunity to do best-of-breed. So there were some things that we carried over. But we took the opportunity for a clean start as well. Even before a lot of the buzz here is back to basics and staying out of the box, and we did that for a lot of it, and that was quite refreshing, and it was quite cathartic in a way that we could make that change. But then there were some bits that weren't really well and were ingrained in our business process so we had to carry those over. But we found it easy to do a mixture of both. >> And you carried those over in the form of custom modifications? >> Some, not a lot. We tried to stay as much out of the box as possible. >> So how does that having some custom mods affect your ability to go to subsequent releases? >> I think it's fair to say that ServiceNow is one of the easier platforms to upgrade. I probably shouldn't say that. They should be doing more work to make it easier for me. (laughing) >> Dave: Do a better job of upgrades. >> But compared to some other platforms we have even Cloud ones, it's not the hardest. It's not the worst. However, we've tried to stay close to the box to make it even easier. We want to stay N plus one no more, and when you're coming out with a major upgrade twice a year, that means we've got to factor that into our road map. But we do. We make sure that we try and stay up to date. >> So where are you now? You're in, are you? >> We're in Jakarta. >> Jakarta, okay. >> Yeah. >> So you're pretty current. >> Yeah, only just though, so. >> Okay, but we heard a lot about Madrid today. >> Yeah. >> Which is Q119. And a lot about DevOps. So talk about, it was very good that the DevOps 101 that Pat Casey gave. I'll give my version of DevOps 101 if I can. (laughs) Back in the day, the developers would write some code, maybe on their laptop or whatever, they'd throw it over the fence to the ops guys, and say, here, deploy this. And the ops guys would go to deploy, and they say, ah, this thing doesn't meet up to our enterprise standards. It doesn't have the security and the governance. So they go in and they hack the code, invariably break it, and then they go to deploy it, and it doesn't work. And they go back to the developers and your code doesn't work. And the developers say, well it worked when I gave it to you. And you get this back and forth, back and forth, back and forth. So DevOps consolidates that into a single programming environment. >> That's good, I appreciate this. >> Infrastructure is code. And so that's my version. Pat Casey gave a much more eloquent description, but what is DevOps to you guys and how are you applying it? >> So we've got two major competitive drivers in the market. One is scale. So we're the largest payments company in the world so we need to leverage that. We can operate in most countries of the world, take most currencies, so that's a scale thing that we try and leverage. Scale tends to lend itself more to waterfall kind of traditional projects. (laughs) The other competitive pressure that we face is from small fintech startups that are nibbling away at our ankles for niche products and new services or disrupting the whole way we do payments. Will there be banks tomorrow? Who knows. The whole way could be disrupted. That innovation lends itself more to a DevOps kind of, or at least an agile form of development. You want rapid prototyping, trying things, seeing what works. So one of the things we've been struggling with at WorldPay is how can we foster more of the DevOps whilst not endangering the traditional kind of waterfall that we need to do. The vast majority of our development is done agile, but hardly any of it is DevOps. And a lot of people confuse agile for being DevOps. And agile is just the dev part of it, it isn't the ops bit of it. So where's the ops in DevOps? What we did, you just outlined classic reasons why people might want to do that, and having a single team owning something all the way through the life cycle. What we've done is we've tried to separate out different layers and kinds of services to allow that to happen. So with scale, you have to have one level one. You have to have a front door for IT that everybody comes to. Whether you're a squidgy resource, a human needing to phone someone or your tin and wires, there's got a problem and alerting an event. So you have one front door. What you need to do is you need to try and have a high first-time fix. That's cheapest and that's most best experience for the end user. So we aim for 60, 70% of issues to just be killed at that front door. That's the aim. After that, we then put a lot of work and effort to make sure that we had a business-oriented, service-oriented CMDB. So we worked with the lines of business to describe WorldPay and what we do in a way that they understood and the IT understood, and then we translated that into a service management language in the CMDB. Once you go past that level one, the level one know they can't fix it, they know what's broken, or they're pretty certain what's broken, they will put it into the right service line. That level two is still run only. So we split, the dev and the run at that level two. You're aiming for 25% of things to stop there. That leaves only about 5% of things that would ever go wrong needing to go to a third line. That third line we refer to as technical services. So you've got business services in the middle of that level two, that the business would recognize and they consume or our merchants would. The technical services at the third line are the components. They're the building blocks that we use to make those business services. And those are where we start doing the DevOps. Another word for it is microservices. So microservices, we have components, sensors of excellence, in both infrastructure, so a virtualized platform, or applications. So a fraud module or a billing module, or a authorization module. And those teams, because they're only getting 5% of things coming through to them that are wrong, they can cope with being small teams that do both the dev and the ops. And that makes it feasible, and we're fostering that. And we're starting to get live services that are being supplied in that DevOps manner, and that means that that can grow as it succeeds or fail as it doesn't, and it's not endangering the huge machine that is the rest of the organization. >> So the huge machine, the core piece of your systems, you still apply waterfall, is that right? >> Jason: Yes. >> And then in the new stuff where you don't mind breaking things, you're applying agile and DevOps. >> Exactly. And that's what we're seeing is that that then what succeeds and what the ways of working or the particular needs that that microservices is addressing, if they're successful it feeds it, awards it, and they do more. So the teams that are going live with some of these microservices, if they put enough effort into making it resilient, doing the non-functional as well as the functional requirements, which is a DevOps thing as well, so you make something and you get it right first time, so it's not breaking all the time, they can then have spare cycles to go and do other sprints where they're building the next thing. And what we hope to see over time is that we will have a larger and larger proportion of the components that make those business services being supplied in the DevOps way. And that is also complementary with going to Cloud services 'cause they're just other building blocks. They're just components that you use to put together something. >> You saw Pat Casey and C. J. Desai, they showed a little leg today on Madrid. They basically developed a DevOps capability for their own purposes and they're going to release it in Madrid. The problem they're trying to solve if I understood it was you've got 500 DevOps tools out there and there's complexity, did that resonate with you? Is that something you'll adopt? Or are you comfortable with your DevOps tools? >> No we're keen and eager to adopt. Well, I'm an IT ops guy by trade. That's what I've been doing for the last 20, 30 years, but I'm not afraid of DevOps. I love DevOps. DevOps means faster delivery with more control. It's automated ITIL. And what the ServiceNow road map is giving me is a way that I can continue to be the air traffic control for IT. I want people to come to me and my team and say, where are we at? What's moving where? And if we get the hooks into ServiceNow into all of those DevOps tools, the names are up there, the Jenkins, the Chef, the Puppets, if we get the hooks in, then it expands more of the PMO work that we almost do as well. So instead of talking about just a single change ticket or a release that's happening here, we can go, that train in the safe framework or this, that sprint over there, they've got to this point. They're in testing. They're about to release this. Actually I can tell you the features that they're proposing will come with this. Because that's hooked in. So that's the dream. That's where we want to get. Because we want to facilitate more of this happening within our development community. >> So from a legacy talent standpoint, are you more DevOps or are you OpsDev? (laughs) >> Rebecca: Oh, I like that. >> Me personally I'm OpsDev. >> Well right, but I mean for your organization was it kind of retraining the ops guys to think more like devs or was it kind of jamming the ops piece into-- >> We've got challenged with both. And the real success that we've had so far has mainly been greenfield. We've set up teams from scratch with the purpose of testing out DevOps as a theory. And it's worked brilliantly. Now though, the bigger struggle is how do you get existing teams? We've got hundreds of developers in our own squad, so working on agile, but they do pure dev. They build it and they hand it over and then they're off, they're onto the next thing. How do we mix those teams? How do you get multi-disciplinary teams that have both the operational knowledge as well as the development? And that's a cultural thing as well as the tooling. Tooling helps. If you get nice tooling that makes it easier for them to operate in a particular way, that's a big important thing, but it's only half the battle. You've got to get people thinking in a slightly different way. And that's true of the ops people have got to think more of the life cycle. How do they feed back what's working and what's not into the next development cycle. And the development people have got to think about what happens once they let it go. And they've got skin in the game now. It's going to come back and bite them. If they didn't do it well, if they didn't put the dashboards for the support people to see how well it's working, then the support people are going to be banging on their door to get it. So it's a cultural thing as well. >> It's a cultural thing. >> So I'm going to ask you a business question. You referred a little bit to disruption before. You talked about banks and the future of banks. Do you think, and you're very tied into the banks, obviously, do you think, and I wonder if this is a discussion inside the organization that banks, traditional banks will lose control of today's payment systems? >> Well, arguably they're not fully in control of it today anyway. (laughs) And so that's not to mean that they're not in control of what they are to do, but they don't own the payment process end-to-end. >> But they own the consumer. >> They own the consumer relationship, yeah. And that's going to be disrupted in the same way the way that we take payments at the other end of the life cycle is disrupted as well. Contactless, block chain, these kind of things mean that it's not going to be the same. However, you're not going to get rid of large organizations overnight. Because what is also increasing day-by-day, is regulation, security requirements. You want to know that your card's going to be safe. You don't want, if you're going to use Apple Pay, or a new contactless technology, you're only going to do that if you know there's no danger of you losing money by doing it. To have that certainty and to meet the regulators' requirements you need organizations like WorldPay looking after the merchants' interests, you need organizations like banks looking after the individual's interests. So I think, unfortunately, it's not as sexy an answer, but I'm afraid that they're not going to disappear overnight. They're adding valuable service. >> A lot of barriers to entry to those Fintech startups that are nibbling at your ankle. >> However though, it's changed dramatically in the last five years, 10 years, so what on earth it's going to look like in the next five or 10 years, bringing it back, that's why I think innovation is so important. We need to be trying to stay ahead of the curve. We need to meet the needs of our merchants so that they can get as many transactions as possible successfully. And we need to do that at the lowest cost possible. So that's all about innovation. Innovation is hard to do top-down. You've got to find ways of fostering it bottom-up. We have have great leadership top-down. This is where we're going. But actually the way that we're going to get there is down to the troops. It's down to the people on the coal face, so. >> When did you buy your first Bitcoin? >> My first Bitcoin? I bought Bitcoin about four years ago. >> Awesome. >> So yeah, I've done all right. It's paid for a holiday. >> There you go. (laughing) That's good for you. That's great. >> Well, Jason, thanks so much for coming on the show. >> Jason: Thank you. >> It's great talking to you. I'm Rebecca Knight for Dave Vellante. We will have more from ServiceNow Knowledge18 just after this. (upbeat music)