>> Announcer: From Miami Beach, Florida, it's theCUBE, covering Acronis Global Cyber Summit 2019. Brought to you by Acronis. >> Hey, welcome back everyone. It's theCUBE's coverage here in Miami Beach, Florida at the Fontainebleau Hotel for Acronis' Global Cyber Summit 2019's inaugural event with cyber protection, the new category that's emerging. It's been really exciting, it's a platform to really protect the data, protect cyber. Data protection's evolving to cyber protection. This is part of the Cloud 2.0 coverage that we've been covering on SiliconANGLE and theCUBE. Over the past year we're seeing more and more modernization of IT and systems. We're here with Ryan Davis, director of enterprise sales for Acronis. He's out on the front lines. This company has a great platform and a great field team out pushing the envelope, educating customers, having great success. I thought it would be great to have you on. Ryan, welcome to theCUBE. >> Ryan: Thank you for having me. >> So one of the things that I've observed and noticed with you guys is that you have a very strong field customer presence, you guys do a great job across the board on a direct touch basis, but also a huge channel operation, so you guys sell a lot through the channel, which is all good stuff, but you still got to talk to the big companies, still got to go to the large enterprises where you're having success. So you're doing that. What are some of the things that you're seeing when you're out pitching clients on Acronis, what are some of the concerns that you're hearing, what are the patterns, what's going on in the general broader market that's teasing out the Acronis value proposition? >> Sure, absolutely. So really where a lot of the focus and a lot of the attention is is on the edge. Five years ago, all the data was generated, produced, and analyzed in the core, in the data centers, whereas now, with the IoT devices, the proliferation of smart devices generating the data, they can't send it all to one central location. So networks are springing up out there in a distributed manner, and they have to be able to secure those smart devices and those edge networks. And that's where Acronis has a really compelling story, especially for enterprise. Because while they have a lot of consistency in the core, there's a lot of diversity on the edge. So it creates challenges for their IT teams to be able to manage it. So we can work with their field teams to provide a platform that can actually secure the devices in place and then protect them as well. >> So what's the pitch? Give us the pitch on that problem that you've just addressed, because that is legit. The edge is springing up, you're seen more and more edge cases and there's the outer edges, wearables, right? But the industrial edge, the company's edge, where you guys have a solution, that's challenging. The surface area for attacks are high, you have data as a challenge, you move compute to the data, you move data across the network, these are all costs, so costs are going up too. So with that problem, what is the pitch? >> Sure, well it really depends on who you're talking to, but there's two levels to it, right? So when you're talking industrial networks, the cost of downtime is huge, you know? You have 1,200 employees, at an automotive plant and you have a key industrial controller goes down, and that plant stops production, the cost is enormous. So at the plant level, they feel that pain, so they recognize the need for disaster recovery and business continuity capabilities. But when you start moving up a level at the executive level, it's what's really compelling and what's sexy for them. And that's really enabling digital transformation. And so I mentioned the concept of diversity a little bit earlier today. It's really hard for IT teams to do things on the edge when they may have 20,000, 40,000 edge devices that are going to run from NT, XP up to the most modern operating systems. It's difficult to implement a solution that's going to touch all of those devices. And backup and disaster recovery is critical for that, because if you're going to touch that many devices, you need the rollback capability. So being able to communicate a path forward to digital transformation on the edge is what is really exciting a lot of our executive customers. >> All right, so pretend I'm a customer for a minute, I'm like, hey Ryan, so hey, love the pitch, but I had XYZ data recovery company just came in earlier, they said they got an amazing platform. Why are you different, why should I not go with them? Why should I go with you? >> Sure, absolutely. Well all the competing vendors, all they know is the data center, right? So Acronis, part of our unique value proposition is not just the technology, it's really people, processes, and technology. So our experience working with industrial companies, pharmaceutical companies, working in compliant GXP, NERC CIP, this allowed us to develop expertise to come in not just with our product and the tech, but with people that know their environments and processes for successful implementation that other vendors can't bring. And our relationship with key automation vendors, we have our partners Honeywell, Emerson that embed our product, these are leading automation vendors that touch thousands of enterprises, and again, those experiences give us an understanding of these environments that other companies don't have. >> All right, so now I can come back and say, okay, well Ryan, you know, I like what you're saying, but I don't want to boil the ocean over. I don't see a path from what you're saying to execution. How can you help me figure this out? What do you offer me, as a client, if I'm the client, how do I get started? Is there a methodology, land, adopt, expand, how do you guys do that? >> Absolutely. Well, again, every customer's going to be different, right? But we don't like to boil the ocean either. What we're talking about is a path to digital transformation. We're not talking about the end result, right? So the first piece, the land, is always backup, right? When you backup the system, that provides a rollback mechanism so that provides an opportunity for you to do a lot more things with the computer. But the first piece is always just an assessment. You have to do an assessment, take stock of what you have, and Acronis is building technologies around discovery to help customers wrap their arms around these environments to make decisions on what they should do. >> So what's in it for me when I hear a platform, I hear about maybe complexity, is the platform really going to be the silver bullet? How do you manage that concern? >> Sure, sure. Well, most enterprises have at least five to seven different data protection solutions out there. So when you start talking about platform, you start talking kind of jargon words like unifying, consolidating their data protection suite. And that's really what Acronis is trying to do but not just in backup, but also offering more services through a single platform, so reducing the overall stack of tools that they're using to manage these environments. And again, going back to the edge, they don't have their big IT team that is versed in managing complex applications, right? You have controls engineers, plant engineers, scientists, that are interacting with these devices just enough to be dangerous. Think of it like a mechanic, so he's been working on cars his whole life, is very familiar with carburetors and brakes but now he gets a Tesla that's got sensors all over the place, and infotainment systems that run diagnostics, that doesn't make him an expert in that computer. So what Acronis is trying to do is provide you an easy-to-use platform that can solve multiple problems so that way a non-IT expert can service their compute infrastructure on the edge. >> So you guys have a good story for the edge. Also one story that's coming up here is ransomware. >> Correct. >> Ransomware is one of those disruptions that wasn't factored into the design of, you know, old-school legacy data protection and recovery systems. Those disruptions were hurricane, floods, some sort of mechanical failure, not a logical vector, in this case, security, which is going up high frequency. More and more every day, ransomware, malware, ZeroDay, others, incidents are on the rise. So more disruption. >> Correct. >> You guys are coming from that angle. >> Well, we're building security first into the platform. And that's a pivot that we made over the last 12 to 24 months. The first piece of that has already been released, which is called Active Protection, which is a module that actually monitors for changes and can prevent unauthorized changes to the file system like encryption. And so we're the only backup application that creates that proactive layer of protection. Everybody else is only going to be able to recover and be reactive. So we're trying to create a layered approach there and improve our customer security posture through an agent that's-- They would need to do the backup anyways. >> All right, so final track I want to chat with you about is take us through the real-life use case of an ideal sales process motion that encapsulates this modern era challenges and opportunities. You don't have to name the customer's name, you can use an anonymized case, but take use through what is a typical motion for you guys where you're successful, and what does it look like? >> Sure, absolutely. So it's pretty consistent, and I would say a pretty simple sales motion. The first piece is you have to do an assessment and a basic inventory in terms of what platforms are you going to have out there, and then, you're going to assess the sites that you have 'cause you need to create a deployment plan. And edge environments, it's not like the data center where you're just going to login to SCCM and push this out to your thousands of devices. They got to go to 40, 60 different plants. So you have to build, typically, a 12-month deployment plan where you're going to hit all of these different sites, build change windows, build maintenance windows. But before you can get to that, we do a POC on-site, where you touch, make sure that you have compatibility with the automation vendors, make sure you have compatibility with these networks, which are, again, very diverse and customized at each plant. Once you have a validated deployment process, you build out a timeline where you go site to site to site to deploy it. >> Take us through a POC. What does that look like, what's a typical POC for you guys? >> Sure, it's very simple based on what the ultimate objectives are. Most of our customers on the edge are primarily interested in business continuity, which would be backup, system recovery, application restore, right? On the edge it's not as much about the data, it's about securing the application that's performing the work, and so we protect the system, allow them to roll it back, once you validate that on the different platforms that they have, they're ready to move forward. >> And workloads are key criteria in all of this, that's a key factor. >> Absolutely, distributed control systems, R and D systems, lab systems, they have a lot of different types of applications you're not going to see in the data center, and we just want to get validated. >> John: So you hit your number? >> Absolutely, every year! (laughs) >> Over quota? >> Every year! >> All right. Ryan, thanks for coming on and sharing stories from the field, really appreciate it. >> Appreciate it, have a great one. >> CUBE Coverage here in Miami Beach, not a bad venue for a conference. This is the first conference that Acronis is putting on around cyber protection, Acronis' Global Cyber Summit 2019. Cyber protection new category emerging from the data protection world, this is the big story here. TheCUBE's covering two days, we'll be back with more after this short break. (electronic music)

(upbeat music) >> From our studios in the heart of Silicon Valley, Palo Alto, California, this is a CUBE conversation. >> Hi, and welcome to theCUBE Studios, for another CUBE Conversation, where we go in-depth with thought leaders driving innovation across the tech industry. I'm your host, Peter Burris. One of the banes of every enterprise is complexity, especially in the security world. The more devices, the more things, the greater the surface attack areas. One of the biggest or best approaches to reducing the challenges of security is to try to increase the overall simplicity of what it is you're trying to secure and the practices that you use. Now, today to talk about that, we're here with Ken Athanasiou, who is the VP and CISO of AutoNation. Ken, welcome to theCUBE! >> Thanks, thanks for having me. >> So I said up front that challenges of complexity and simplicity are very real, we're going to get into that, but let's start with AutoNation. Tell us a little bit about AutoNation, tell us a little bit about yourself. >> Sure, so AutoNation is the nation's largest new car dealership, we have about 300 dealerships across the country, we're all North American-based. We sell thousands of cars a year and we're about a $22 billion a year business. >> Well that's pretty sizable, and as a company that has to actually deliver something physical, it means you have a pretty broad network of locations where AutoNation has to operate. Have I got that right? >> Yeah that's correct. We have, as I said, about 300 different locations across the country. We also have about seven parts distribution centers, we have collision centers where we actually repair vehicles that have been involved in accidents as well, so it's an extensive network. >> So AutoNation is a company that requires a fair amount of security, you're taking a lot of personal and private information from your customers, you're enacting or effecting pretty significant transactions, at least in their lives, tell us a little bit about some of the challenges that AutoNation was facing and what you had to do to reduce the complexity of your overall security stance. >> Sure, so I've been with the organization about not quite five years now, I'm actually the first CSO that the organization has had, and I was brought in because they had a small breach of a third-party company that was handling some of their customer information. That obviously is enough to raise the awareness of the executives, the general counsel, et cetera. So the focus was to ensure that they were being as diligent as necessary, so they, at the recommendation of an outside party, hired in me to build a cybersecurity program. One of the first things I noticed when I got here was that each of the independent locations, the store locations, had an Internet point of presence as well as a circuit back to our data centers. Those Internet points of presence were protected with fairly antiquated software techniques, so that was kind of exposing some significant risk to the organization. That was one of the main problems that I had to solve the first few months. >> So you had Internet in, you had points of presence and then you had connections back to the data center which meant that someone could, if they breached one of those POPs, one of those dealerships, could actually effect a fair amount of chaos within your overall corporate network and application infrastructure, have I got that right? >> Yeah, absolutely, and obviously as a car dealership we take credit applications from folks on a daily basis. Those applications contain pretty significant privacy information, and basically have most everything you need to be able to compromise someone's identity, steal their identity, and/or commit all sorts of different fraud activities. So we take that very seriously, and while we do treat our stores' environment not as untrusted but we do segment our stores' environment from our back-end systems. That lack of adequate perimeter protection in the stores was a significant risk. >> So you come in, you look at the situation, a fair amount of locations where problems could arise, a fair amount of personal data that, if compromised, would affect your brand. Ken, how did you think through the way forward? >> Sure, so the traditional approach to an Internet point of presence is to put a firewall in place. And then of course, you put a web proxy in place, and then you put an SSL interceptor in place and then you put some network-based malware detection engine in place, and then your layer on these controls, until you get to the point where, hey, we think we're okay. The cost associated with doing that sort of thing at 300 different locations, not just the cost of purchasing and implementing a small stack of iron at every one of those locations, but then the ongoing costs of trying to manage it, most of these devices, you're not intended to actually run 300 of these devices across the country, so managing them, replacing them when they fail, it was something that was a pretty significant challenge, so we decided it was time to think outside the box, and look for something that was cloud-based, that we could leverage across the entire enterprise, with much less investment in resources. >> So, what you looked at was this large number of devices, the inability to put talent close to them, which would have led to both a lot of cost in the actual devices and a lot of uncertainty in their operation. You looked at using the Internet as a way of securing the points of presence themselves. What direction did you take? >> So we started looking at cloud-based services. I'd been in discussions with a couple of these folks while I was at my previous engagement. I was at American Eagle Outfitters as their CSO for about seven years. But that organization was very much a hub-and-spoke environment, and we were backhauling all of the traffic from the stores to the data center and then out to the Internet. The environment at AutoNation is significantly different, that I think a much more modern approach of having local breakouts at the stores, taking advantage of the capacity of the Internet, that sort of thing, but to do that, your privacy requires that you still control those, so we started looking at cloud-based services. We looked at Zscaler, we looked at Blue Coat, we looked at Websense, we looked at Cisco stuff, and we also looked at some of the hardware-based solutions, such as SonicWall and some of the Palo Alto devices. We didn't immediately discount the idea that, hey maybe hardware in each of these stores like a sub-host, small home-office device, would work for us, but it became quickly apparent that an Internet-based cloud solution was the right way to go. >> And you chose Zscaler. >> We did, we did. When we were going through the evaluation and looking at the various products, Zscaler definitely had the most complete solution. Most of the other products were not truly a full protocol next generation firewall in-the-cloud solution. Some of the solutions were quote unquote cloud-based, but they basically were talking about putting a virtual instance or multiple virtual instances of a firewall in the cloud, right, which was actually just somebody else's data center, and then pumping that traffic through those virtual instances. That would have reduced the number of instances that we would had to have managed significantly, but it would still be a traditional hardware-based firewall approach just stuck into someone else's data center, as a quote unquote cloud solution. So Zscaler really had the most comprehensive of all the solutions that we looked at. We started to pilot it and roll things out and it was working very very well. >> So right now you've got Zscaler to handle your endpoint security from a cloud-based solution. How's that changed your security posture? Let's start there. >> As soon as we started rolling Zscaler out, as a prophylactic around the environment, it gave us some pretty excellent visibility. We were running McAfee Antivirus at the time, we were using Microsoft SCCM to do patching, we were doing a number of other things in the environment. As soon as we rolled Zscaler out, we started getting the visibility into the traffic, we started really seeing what was actually happening in our environment. It was very clear that those solutions were significantly deficient. We were seeing commodity malware infections happen on a fairly regular basis. We were seeing bot traffic originating from our systems. It was obvious that our internal controls were not where they needed to be. Using that as empirical evidence, right, and taking that to my executives and my risk committee, it was very easy to justify additional investments in other security tools to really clean up the environment. We deployed a brand-new endpoint protection solution, we deployed a brand-new solution for management and patching of the endpoints. We made a lot of very significant changes in the environment, and all of that was generated out of the visibility we got from pumping all that client traffic through Zscaler. >> Well it sounds like Zscaler has had a significant impact on the overall security posture of AutoNation. How's made your CSO feel? >> Yeah well I can sleep at night for the most part. Whenever you get into a new organization, you get a perspective on the level of risk that you're subjected to. Your reaction is along a spectrum, and it's either complete panic to oh, okay, this isn't so bad. I will say that I wasn't in complete panic when I got down here and fully understood the situation, but I will say that I wasn't on the oh, it's not too bad side of the spectrum either. There's a significant amount of work that needed to be done, and again, I can't stress how much that visibility actually helped us drive new controls into the environment. >> Ken Athanasiou talking about the impact of Zscaler and how it simplified the security posture of AutoNation. Thanks very much for being on theCUBE! >> Thanks very much for having me. >> Once again I'm Peter Burris. This has been another CUBE Conversation, see you next time! (upbeat music)

>> Live for London, England, it's theCUBE, covering .NEXT Conference Europe 2018, brought to you by Nutanix. >> Welcome back to the theCUBE here in London, England for Nutanix .NEXT 2018. I'm Stu Miniman, my cohost, Joep Piscaer. Happy to welcome you to the program, first time guest. Simon Townsend was the chief marketing officer of EMEA for IGEL. Thanks so much for joining us. No, thanks very much for having me. All right, so I see your team has a booth here and it's the end-user computing space, the EUC, as we look at it... We look at... The VDI marketplace is one that's been around for quite a while, but EUC has been heating up quite a bit. Maybe help set the stage for us as to what you're seeing in the marketplace, what's so important now. >> Yeah, I mean, the EUC market's served me very well across my career. I've been in it for probably near on 20 years and for the majority of that, I've seen Citrix dominate that market. When we talk about EUC, we typically are talking about desktop virtualization or terminal services, as it has been for many years. EUC, to me, interestingly enough, probably extends out to these types of devices that you've got in front of you as well now, right? We shouldn't think EUC is just desktop virtualization or desktop as a service. It's how we deliver the workspace, how we deliver applications and data to our users. But yeah, in the last couple of years, we've really started to see a few new, big players come into the market. And I think as we look forward now to 2019, we're now starting to see even more technology and new vendors come into this space as well. >> I actually had a friend of the program, Christian Riley, who is actually now with Citrix, had him on the program two years ago at the Nutanix European show in Vienna. He actually had educated me early on, back when he was at Bechtel, and he said, "We did a disservice to the market calling it "desktop virtualization." Because it's really not about the desktop. It's about the applications and how I get them. And therefore, if I can make that experience on a tablet or on a phone, get it to the mobile workforce, as it were, we're breaking down it into pieces and just enabling the workforce. And therefore, that end-user computing was a better nomenclature. And therefore, architecture's changed greatly from what we called VDI back in the day. >> You're exactly right. And I think as we move forward, at the moment, end user computing... A lot of organizations who historically have had separate VDI teams and separate Windows desktop teams, those two parts of the organization within IT, have actually come together now. And now we have Windows engineering or end user compute teams. But what's interesting is not just the new technology and, perhaps, new organizations, vendors that are coming into the market, but also what's going on on the endpoint at the moment with regard to to Windows. Right? Microsoft is moving very much to this Windows as a service. Lots of organizations are still considering how they're gonna get to Windows 10, but more importantly, how they're gonna deal with Windows 10 once they get there. And IT, to be frank, has been used to building a machine, putting an operating system on it, putting applications on it, giving it to a user, and saying, "Hey, come back in four years time "when it breaks." And Microsoft is changing that. They want to deliver updates significantly quicker as I'm sure everybody's that's watching knows. And I think, actually, that alone coupled with security, which tends to be a key priority for the CIO at the moment as well, that is actually driving some of this change and this fact that this market is heating up again. Because people are saying, "Well, how can I challenge how I deliver applications again? "How can I overcome some of the challenges that Windows 10 "and desktop endpoint management presents me? "And how can I deal with it differently?" >> Yeah, gosh, I think back to... I used to read Bryden Madden when I wanted to learn about VDI He said, "All I need is Microsoft to flip the switch." Because Microsoft Licensing was one of the major things holding us back >> Yes, it was. >> I give Microsoft great kudos as to the push that they've done to sass-ify the world. They not only gave the green light, but they're pushing customers to move to Office 365. And therefore, it's moving to a sass world And so, it sounds like that same floodgate is helping in the EUC space. >> 100%. I mean, if you roll the clock back to Ignite, they announced their Windows Virtual Desktop service that sits on Azure, and about how organizations can (mumbles) for a much lower price point. And then only last week, they did the acquisition of FSLogix, who again, enhance how things like Office 365 are being delivered on those types of non persistent platforms. So Microsoft are putting some investment and some time into desktop as a service or what we would know as VDI, which to be fair, in my opinion, is probably the first time we've seen that in the 20 years I've been working in the EUC space. For many, many years, Microsoft sort of sat back and said, "Well, we've got this terminal services technology, "but somebody else, and A and other vendors "can build that market and sell that product." And now, obviously, Microsoft (mumbles) service. So, things are gonna get interesting. Are they suddenly gonna take over the world? Probably not. People are still gonna wanna deploy things on-prem. People are still gonna want to utilize technologies like Nutanix to deliver a scalable performant desktop at a known price point. It's gonna be a hybrid, but I think it definitely validates the market, and it makes sure that when we're talking about end user compute, VDI or desktop as a service, and virtualized (mumbles) is a serious and key consideration. Yeah. >> But it does move the goal post from it being a problem of hardware, a problem of the operating system, towards solving problems around the applications so that you deliver, solving problems around security or latency. So how does that changing market affect IGEL? >> How does it affect us as (mumbles) organization? IGEL have been around for over 20 years producing... Let's not beat around the bush, it's thin client technology. But as you scratch the surface and you look into what this organization is actually built on, it's actually a operating system organization. The fact that we've got some hardware, the fact that it's German engineered hardware and that we ship hundreds of thousands of these units every year, that's great. And those thin clients, if you like, are provided a way in which organizations can access those virtual desktops, whether that be Citrix, VMware or whatever else the market might offer. But the strength of what we're now doing is in this operating system. And whether that's an operating system that we are delivering via SCCM or an endpoint management tool or whether it's on a USB key, it's the operating system. And the simplicity and the security about Linux space operating system that is changing how people think about the endpoint. And so when I couple what's going on in the virtualization, desktop as a service space, and then also the challenges that people are facing with security and endpoint management, all of a sudden, we have a very unique proposition. It's slightly disruptive because, ultimately, you're saying, "Well, does Windows belong on the endpoint anymore?" Right? There's a strong argument to say that, Microsoft now validating it, saying that Windows probably deserves to belong in the data canter where it's a lot easier to manage, it's a lot easier to patch and deploy applications to, and what you actually need is something that is simple and secure on the endpoint that you're not wasting weeks' worth of time on to try and keep it up to date or to patch it. And it's that operating system that IGEL is providing our customers with that extends the life of the endpoint, but also offers significantly lower operational costs. >> All right, so Simon, Nutanix did a good job of simplifying a good chunk of the stack here. Update us on the relationship, where you see the joint customers, where that's leading in the marketplace. >> Yeah, I've really enjoyed yesterday and today, by the way, at this event. And one of the key reasons for that is not just the joint customers that I get to talk to, but more importantly, the joint partners that we get to talk to. I think there's three words I would use, simple, scalable, and performant. And I think when you're delivering a desktop or applications and data services (mumbles) a user, you want something that's easy and simple to do. You want something that is easily scalable, both up and down. But also something that is performant. And I think when you combine... Particularly historic, when you look at combining Nutanix, Citrix, and IGEl, all of a sudden, you've got all the right ingredients there to provide a very simple, secure and performant environment. As I said, a lot of the people that are here today, joint customers that are using our technologies, we're worry about how we can simplify and secure the EDGE. They're worrying about... Nutanix is really looking at how we simplify and scale the data center and how those desktops are delivered. We've got a whole host of joint activity in the market that goes on, lots of joint customer case studies. But more importantly, I think... And kudos to a lot of the partners that are here. It's the partners that tend to pull a lot of these things together. It's very easy for IGEL and Citrix and Nutanix to say, "Let's work together, do some joint marketing, "et cetera, and go to market." But it's the partners, the valuated reseller, the systems integrators, they're the brains that are pulling these together. And actually, they're removing the complexity of what the products are and the technologies underneath, and providing a solution to their customers. >> All right, Simon Townsend, really appreciate the updates on IGEL, for Joep Piscaer. I'm Stu Miniman, we'll be back with more coverage here from Nutanix 2018 in London. Thanks for watching theCUBE. (slick electronic music)