(soft music) >> There are many constants in the storage business, relentlessly declining cost per bit, innovations that perpetually battled the laws of physics, a seemingly endless flow of venture capital, despite the intense competition. And there's one other constant in the storage business, Eric Hertzog, and he joins us today in this CUBE video exclusive to talk about IBM's recent storage announcements. Eric, welcome back to theCUBE. >> Great, Dave, thanks very much, we love being on theCUBE and you guys do a great job of informing the industry about what's going on in storage and IT in general. >> Well, thank you for that. >> Great job. >> We're going to cover a lot of ground today. IBM Storage, made a number of announcements the past month around data resilience, a new as-a-service model, which a lot of folks are doing in the industry, you've made performance enhancements. Can you give us the top line summary of the hard news, Eric? >> Sure, the top line summary is of course cyber security is on top of mind for everybody in the recent Fortune 500 list that came out, you probably saw, there was a survey of CEOs of Fortune 500 companies, they named cybersecurity as their number one concern, not war, not pandemic, but cybersecurity. So we've got an announcement around data resilience and cyber resiliency built on our FlashSystem family with our new offering, Safeguarded Copy. And the second thing is the move to a new method of storage consumption. Storage-as-a-Service, a pay-as-you-go model, cloud-like the way people buy cloud storage, that's what you can do now from IBM Storage with our Storage-as-a-Service. Those are the key, two takeaways, Dave. >> Yeah and I want to stay on the trends that we're seeing in cyber for a moment, the work from home pivot in the hybrid work approach has really created a new exposures, people aren't as secure outside of the walled garden of the offices and we've seen a dramatic escalation in the adversaries capabilities and techniques, another least of which is island hopping, in other words, putting code fragments in the digital supply chain, they reform once they're inside the company and it's almost like this organic creepy thing that occurs. They're also living as you know, stealthily for many, many months, sometimes years, exfiltrating data, and then just waiting and then when companies respond, the incidents response trigger a ransomware incident. So they escalate the cyber crime and it's just a really, really bad situation for victims. What are you seeing in that regard and the trends? >> Well, one of the key things we see as everyone is very concerned about cybersecurity. The Biden administration has issued (indistinct) not only to the government sector, but to the private sector, cyber security is a big issue. Other governments across the world have done the same thing. So at IBM Storage, what we see is taking a comprehensive view. Many people think that cybersecurity is moat with the alligators, the castle wall and then of course the sheriff of Nottingham to catch the bad guys. And we know the sheriff of Nottingham doesn't do a good job of catching Robin Hood. So it takes a while as you just pointed out, sitting there for months or even longer. So one of the key things you need to do in an overall cybersecurity strategy is don't forget storage. Now our announcement around Safeguarded Copy is very much about rapid recovery after an attack for malware or ransomware. We have a much broader set of cyber security technology inside of IBM Storage. For example, with our FlashSystem family, we can encrypt data at rest with no performance penalty. So if someone steals that data, guess what? It's encrypted. We can do anomalous pattern detection with our backup product, Spectrum Protect Plus, why would you care? Well, if theCUBE's backup was taking two hours on particular datasets and all of a sudden it was taking four hours, Hmm maybe someone is encrypting those backup data sets. And so we notify. So what we believe at IBM is that an overarching cybersecurity strategy has to keep the bad guys out, threat detection, anomalous pattern behavior on the network, on the servers, on the storage and all of that, chasing the bad guy down once they breach the wall, 'cause that does happen, but if you don't have cyber and data resilience built into your storage technology, you are leaving a gap that the bad guys can explain, whether that be the malware ransomware guys oh by the way, Dave, there still is internal IT theft that there was a case about 10 years ago now where 10 IT guys stole $175 million. I kid you not, $175 million from a bunch of large banks across the country, and that was an internal IT theft. So between the internal IT issues that could approach you malware and ransomware, a comprehensive cybersecurity strategy, must include storage. >> So I want to ask you about come back to Safeguarded Copy and you mentioned some features and capabilities, encrypting data at rest, your anomalous pattern recognition inferring, you're taking a holistic approach, but of course you've got a storage centricity, what's different about your cyber solution? What's your unique value probability to your (indistinct) . >> Well, when you look at Safeguarded Copy, what it does is it creates immutable copies that are logically air-gapped, but logically air-gapped locally. So what that means is if you have a malware or ransomware attack and you need to do a recovery, whether it be a surgical recovery or a full-on recovery, because they attacked everything, then we can do recovery in a couple hours versus a couple of days or a couple of weeks. Now, in addition to the logical local air-gapping with Safeguarded Copy, you also could do remote logical air-gapping by snapping out to the cloud, which we also have on our FlashSystem products and you also of course, could take our FlashSystem products and back up to tape, giving you a physical air gap. In short, we give our customers three different ways to help with malware and ransomware. >> Let me ask you- >> Are air-gapped locally. >> Yeah, please continue, I'm sorry. >> So our air-gapping locally for rapid recovery, air-gapping remotely, which again, then puts it on the cloud provider network, so hopefully they can't breach that. And then clearly a physical air gap going out to tape all three and on the mainframe, we have Safeguarded Copy already, Dave and several of our mainframe customers actually do two of those things, they'll do Safeguarded Copy or rapid recovery locally, but they'll also take that Safeguarded Copy and either put it out to tape or put it out to a cloud provider with a remote logical air-gap using a snapshot. >> I want to ask you a question about management 'cause when you ask CSOs, what's your number one challenge, they'll say lack of talent, We've got all these tools and all this lack of skills to really do all this stuff. Can't hire people fast enough and they don't have the skills. So when you think about it, and so what you do is you bring a lot of automation into the orchestration and management. My question is this, when you set up air gaps, do you recommend, or what do you see in terms of not, of logically and physically not only physically separating the data, but also the management and orchestration and automation does that have to be logically air-gapped as well or can you use the same management system? What's best practice there? >> Ah, so what we do is we work with our copy management software, which will manage regular copies as well, but Safeguarded Copies are immutable. You can't write to them, you can't get rid of them and they're logically air-gapped from the local hosts. So the hosts, for the Safeguarded Copies that immutable copy, you just made, the hosts don't even know that it's there. So you manage that with our copy management software, which by the way, we'll manage regular snapshots and replicas as well, but what that allows you to do is allows you to automate, for example, you can automate recovery across multiple FlashSystem arrays, the copy services manager will allow you to set different parameters for different Safeguarded Copies. So a certain Safeguarded Copy, you could say, make me a copy every four hours. And then on another volume on a different data set, you could say, make me a copy every 12 hours. Once you set all that stuff update, it's completely automated, completely automated. >> So, I want to come back to something you mentioned about anomalous pattern recognition and how you help with threat detection. So a couple of a couple of quick multi-part question here. First of all, the backup corpus is an obvious target. So that's an area that you have to protect. And so can, and you're saying, you've used the example if your backups taking too long, but so how do you do that? What's the technology behind that? And then can you go beyond, should you go beyond just the backup corpus, with primary data or copies on-prem, et cetera? Two part questions. >> So when we look at it, the anomalous pattern detection is part of our backup software, say Spectrum Protect and what it does it uses AI-based technology, it recognizes a pattern. So it knows that the backup dataset for the queue takes two hours and it recognizes that, and it sees that as the normal state of events. So if all of a sudden that backup that theCUBE was doing used to take two hours and starts taking four, what it does is that's an anomalous pattern, it's not a normal pattern. It'll send a note to the backup admin, the storage admin, whoever you designate it to and say the backup data set for theCUBE that used to take two hours, it's taken four hours, you probably ought to check that. So when we view cyber resiliency from a storage perspective, it's broad. We just talked about anomalous pattern detection in Spectrum Protect. We were talking most of the conversation about our Safeguarded Copy, which is available on the mainframe for several years and is now available on FlashSystems, making immutable local air-gap copies, that can be rapidly recovered and are immutable and can help you recover for a malware or ransomware attack. Our data at rest encryption happens to be with no performance penalty. So when you look at it, you need to create an overarching strategy for cybersecurity and then when you look at your storage estate, you need to look at your secondary storage, backup, replicas, snaps, archive, and have a strategy there to protect that and then you need a strategy to protect your primary storage, which would be things like Safeguarded Copy and encryption. So then you put it all together and in fact, Dave, one of the things we offer is a free cyber resilience assessment. It's not only for IBM Storage, but it happens to be a cyber resilience assessment that conforms to the NIST Framework and it's heterogeneous. So if you're a big company, you've got IBM EMC and HP Storage, guess what? It's all about the data sets not about the storage. So we say, you said these 10 data sets are critical, why are you not encrypting them? These data sets are XYZ, why are you not air-gapping them? So we come up based on the NIST Framework, a set of recommendations that are not IBM specific, but they are storage specific. Here's how you make your storage more resilient, both your secondary storage and your primary storage. That's how we see the big thing and Safeguarded Copy of course fits in on the primary storage side, A on the mainframe, which we've had for several years now and B in the Linux world, the Unix world and the Windows Server world on our FlashSystem portfolio with the announcement we did on July 20th. >> Great, thank you for painting that picture. Eric, are you seeing any use case patterns emerge in this space? >> Well, we see a couple of things. First of all, is A most resellers and most end-users, don't see storage an overarching part of the cybersecurity strategy, and that's starting to change. Second thing we're seeing is more and more storage companies are trying to get into this bailiwick of offering cyber and data resilience. The value IBM brings of course is much longer experience to that and we even integrate with other products. So for example, IBM offers a product called QRadar from the security divisions not a storage product, a security product, and it helps you with early data breach recognition. So it looks at servers, network access, it looks at the storage and it actually integrates now with our Safeguarded Copy. So, part of the value that we bring is this overarching strategy of a comprehensive data and cyber resilience across our whole portfolio, including Safeguarded Copy our July 20th announcement. But also integration beyond storage now with our QRadar product from IBM security division. And there will be future announcements coming in both Q4 and Q1 of additional integration with other security technologies, so you can see how storage can be a vital COD in the corporate cybersecurity strategy. >> Got it, thank you. Let's pivot to the, as-a-service it's, cloud obviously is brought in that as-a-service. Now, it seems like everybody has one now. You guys have announced obviously HPE, Dell, Lenovo, Cisco, Pure, everybody's gotten out there as-a-service model, what do we need to know about your as-a-service solution and why is it different from the others? >> Sure. Well, one of the big differences is we actually go on actual storage, not effective. So when you look at effective storage, which most of them do that includes creating the (indistinct) data sets and other things, so you're basically paying for that. Second thing we do is we have a bigger margin. So for example, if theCUBE says we want SLA-3 and we sell it by the SLA, Dave, SLA-1, two and three. So let's say theCUBE needs SLA-3 and the minimum capacity is a 100 terabytes, but let's say you think you need 300 terabytes. No problem. You also have a variable. One of the key differences is unlike many of our competitors, the rate for the base and the rate for the variable are identical. Several of our competitors, when you're in the base, you pay a certain amount, when you go into the variable, they charge you a premium. The other key differentiator is around data reduction. Some of our competitors and all storage companies have data reduction technology. Block-level D do thin provisioning, compression, we all offer those features. The difference is with IBM's pay-as-you-grow, Storage-as-a-Service model, if you have certain data sets that are not very deducible, not very compressible, we absorbed that with our competitors, most of them, if the dataset is not easily deducible, compressible, and they don't see the value, they actually charge you a premium for that. So that is a huge difference. And then the last big difference is our a 100% availability guarantee. We have that on our FlashSystem product line, we're the only one offering 100% availability guarantee. We also against many of the competitors offer a better base nines, as you know, availability characteristics. We offer six nines of availability, which is five minutes and 26 seconds of downtime and a 100% availability of offering. Some of our competitors only offer four nines of availability and if you want five or six, they charge you extra. We give you six nines base in which has only five minutes and change of downtime in a year. So those are the key difference between us and the other as-a-service models out there. >> So, the basic concept I think, is if you commit to more and buy more, you pay less per. I mean, that's the basic philosophy of these things, right? So, if- >> Yes. >> I commit to you X, let's say, I want to just sort of start small and I commit to you to X and great. I'm in now in, maybe I sign up for a multi-year term, I commit this much, whatever, a 100 terabytes or whatever the minimum is. And then I can say, Hey, you know what? This is working for me. The CFO likes it and the IT guys can provision more seamlessly, we got our chargeback or showback model goes, I want to now make a bigger commitment and I can, and I want to sort of, can I break my three-year term and come back and then renegotiate, kind of like reserved instances, maybe bigger and pay less? How do you approach that? >> Well, what you do is we do a couple of things. First of all, you could always add additional capacity, and you just call up. We assign a technical account manager to every account. So in addition to what you get from the regular sales team and what you get from our value business partners, by the way, we did factor in the business partners, Dave, into this, so business partners will have a great pay-as-you-go Storage-as-a-Service solution, that includes partners and their ability to leverage. In fact, several of our partners that do have both MSP and MHP businesses are working right now to leverage our Storage-as-a-Service, and then add on their own value with their own MSP and MHP capability. >> And they can white label that? Is that right or? >> Well, you'd still have Storage-as-a-Service from IBM. They would resell that to theCUBE and then they'd add in their own MHP or MSP. >> Got it. >> That said partners interested in doing a white label, we would certainly entertain that capability. >> Got it. I interrupted you, carry on please. >> Yeah, you can go ahead and add more capacity, not a problem. You also can change the SLA. So theCUBE, one of the leading an industry analyst firms, you bought every analyst firm in the world, and you're using IBM Storage-as-a-Service, pay-as-you-go cloud-like model. So what you do is you call up the technical account manager and say, Eric, we bought all these other companies they're using on-prem storage, we'd like to move to Storage-as-a-Service for all the companies we acquire. We can do that, so that would up your capacity. And then you could say, now we've been at SLA-2, but because we're adding all these new applications of workloads from our acquired companies, we want some of it to be at SLA-1. So we can have some of your workloads on SLA-2, others on SLA-1, you could switch everything to SLA-1, and you just call your technical account manager and they'll make that happen for you or your business partner, obviously, if you bought through the channel. >> I get it, the hard question is what if all those other companies theCUBE acquired are also IBM Storage-as-a-Service customers? Can I, what's that discussion like? Hey, can I consolidate those and get a better deal? >> Yeah, there are all Storage-as-a-Service customers and Dave I love that thought, we would just figure out a way to consolidate the agreement. The agreements are one through five years. What I think also that's very unique is let's say for whatever reason, and we all love finance people. Let's say the IT guys have called the finance and say, we did a one-year contract, we now like to do a three-year contract. The one year is coming up and guess what? Finance's delayed for whatever reason, the PO doesn't go through. So the ITI calls up the technical account manager, we love your service, it's delayed in finance. We will let them stay on their Storage-as-a-Service, even though they don't have a contract. Now, of course they've told us they want to do one, but if they exceed the contract by a quarter or two, because they can't get the finance guys are messing with the IT guys, that's fine. What the key differentiators? Exactly the same price. Several of our competitors will also extend without a contract, but until you do a contract, they charge you a premium, we do not, whatever, if you're an SLA-3, you're SLA-3, we'll extend you and no big deal. And then you do your contract, when the finance guys get their act together and you're ready to go. So that is something we can do and we'll do on a continual basis. >> Last question. Let's go way out. So, we're not doing any time, near-term forecasts, I'm trying to understand how popular you think as-a-service is going to be. I mean, if you think about the end of the decade, let's think industry total, IBM specific, how popular do you think as-a-service models will be? Do you think it will be the majority of the transacted business or it's kind of more of a, just one of many? >> So I think there will be many, some people will still have bare metal on-premises. Some people will still do virtualization on-premises or in a hybrid cloud configuration. What I do think though is Storage-as-a-Service will be over 50% by the end. Remember, we're sitting at 2021. So we're talking now 2029. >> Right. >> So I think Storage-as-a-Service will be over 50%. I think most of that Storage-as-a-Service will be in a hybrid cloud model. I think the days of a 100% cloud, which is the way it started. I think a lot of people realize that a 100% cloud actually is more expensive than a hybrid cloud or fully on-prem. I was at a major university in New York, they are in the healthcare space and I know their CIO from one of my past lives. I was talking to him, they did a full on analysis of all the cloud providers going a 100% cloud. And their analysis showed that a 100% cloud, particularly for highly transactional workloads was 50% more expensive than buying it, paying the maintenance and paying their employees. So we did an all in view. So what I think it's going to be is Storage-as-a-Service will be over 50%. I think most of that Storage-as-a-Service will be in a hybrid cloud configuration with storage on-prem or in a colo, like what our IBM pay-as-you-go service will do and then it will be accessed and available through a hybrid cloud configuration with IBM Cloud, Google, Amazon as or whoever the cloud provider is. So I do think that you're looking at over 50% of the storage being as-a-service, but I do think the bulk of that as-a-service will be as-a-service through someone like IBM or our competitors and then part of it will be from the cloud providers. But I do think you're going to see a mix because right now the expense of going a 100% cloud cloud storage is dramatically understated and when someone does an analysis like that major university in New York did, they had a guy from finance, help them do the analysis and it was 50% more expensive than doing on-premise either on-prem or on-prem as-a-service, both were way cheaper. >> But you own the asset, right? >> Yes. >> As-a-service model. >> We, right, we own the asset. >> And I would bet, >> I would bet that over the lifetime value of the spend and it as-a-service model, just like the cloud, if you do this with IBM or any of your competitors, I would bet that overall you're going to spend more just like you've seen in the cloud, but you get the benefit is the flexibility that you get. >> Yeah, yeah. If you compare it to the, so obviously the number one model would be to buy. That's probably going to be the least expensive. >> Right. >> But it's also the least flexible. Then you also have leasing, more flexibility, but leasing usually is more expensive. Just like when you lease your car, if you add up all the lease payments and then you, at the end, pay that balloon payment to buy, it's cheaper to buy the car up front than it is to lease a car. Same thing with any IT asset, now storage network servers, all are available on leasing, the net is at the bottom line, that's more than buying it upfront. And then Storage-as-a-Service will also be more expensive than buying it, my friend, but ultimate capability, altering SLAs, adding new capacity, being able to handle an app very quickly. We can provision the storage, as you mentioned, the IT guys can easily provision. We provision, the storage in 10 minutes, if you bought from IBM Storage or any competitor you bought and you need more storage, A you got to put a PO through your system and if you're not theCUBE, but you're a giant global Fortune 500, sometimes it takes weeks to get the PO done. Then the PO has to go to the business partner, the business partner has got to give a PO to the distributor and a PO to IBM. So it can take you weeks to actually get the additional storage that you need. With Storage-as-a-Service from IBM with our pay-as-you-go, cloud-like model, all you have to do is provision and you're done. And by the way, we provide a 50% overage for free. So if they end up needing more storage, that 50% is actually sitting on-prem already and if they get to 75% utilization of the total amount of storage, we then call them up, the technical account manager would call them up and their business partner and say, Dave, do you know that you guys are at 75% full? We'd like to come add some additional storage to get you back down to a 50% margin. And by the way, most of our competitors only do a 25% margin. So again, another differentiator for IBM Storage-as-a-Service. >> What about, I said, last question, but I have another question. What about day one? Like how long does it take, if I want to start fresh with as-a-service? >> Get it. >> How long does it take to get up and running? >> Basically you put the PO through, whatever it takes on your side or through your business partner, we then we'll sign the technical account manager, will call you up because you need to tell us, do you want to, in a colo facility that you're working with or do you want to put it on on-prem? And then once we do that, we just schedule a time for your IT guys do the install. So, probably two weeks. >> Yeah. >> It all depends because you've got to call back and say, Eric, we'd like it at our colo partner, our colo partners, ABC, we got to call ABC and then get back to you or on-prem , we're going to have guys in the office, a good day when it's not going to be too busy. Could you come two weeks from Thursday? Which now would be three weeks for sake of argument. But that would be, we interface with the customer, with the technical account manager to do it on your schedule on your time, whether you do it in your own facility or use a colo provider. >> Yeah, but once you tell, once I tell you, once we get through all that stuff, it's two weeks from when that's all agreed. >> Yeah. >> It's like the Xerox copier salesman, (Dave chuckles) Where are you going to put it? Once you decide where you're going to put it, then it's a couple of weeks. It's not a month or two months or yeah. >> Yeah, it's not. And we need additional capacity, remember there's a 50% margin sitting there. So if you need to go into the variable and use it, and when we hit a 75%, we actually track it with our storage insights pro. So we'll call you up and say, Dave, you're at 76%. We'd like to add more storage to give you better margin of extra storage and you would say, great, when can we do it? So, yeah, we're proactive about that to make sure that you stay at that 50% margin. Again, our competitors, all do only have 25% margin. So we're giving you that better margin, a larger margin in case you really have a high capacity demand for that quarter and we proactively will call you up, if we think you need more based on monitoring your storage usage. >> Great. Eric got to go, thank you so much for taking us through that great detail, I really appreciate it. Always good to see you. >> Great, thanks Dave, really appreciate it. >> Alright, thank you for watching this CUBE conversation, this is Dave Vellante and we'll see you next time. (soft music)