(lighthearted music) >> We're here now with Manoj Nair, who's the general manager of Metallic and Dave Totten CTO with Microsoft. And we're going to talk about some of the announcements that we heard earlier today and what Metallic and Microsoft are doing to meet customer needs around cyber threats and ensuring secure cloud data management. Gentlemen, welcome to theCUBE. Good to see you. >> Thanks Dave. >> Thank you. >> Hey Manoj, let me start with you. We heard early this morning, Dave Totten was here, David Noe, talk a lot about security. Has the conversation changed, how has it changed when you talk to customers, Manoj? What's top of mind. >> Yeah, thank you, Dave. And thank you, Dave Totten. You know, great conversation earlier. Dave, you and I have talked about this in the past, right? Security long a big passion of mine. You know, having lived through nation state attacks in the past and all that. We're seeing those kinds of techniques really just getting mainstream, right? Ransomware has become a mainstream problem in the scourge in our lives. Now, when you look at it from a lens of data and data management, data protection, backup, all of this was very much a passive you know, compliance centric use case. It was pretty static you know, put it in tapes, haul it all over. And what has really changed with this ransomware and cybercrime change rate is data, which is now your most precious asset, is under attack. So now you see security teams, just like you talked with Dave Martin, from ADP earlier, they are looking for that bridge between SecurityOps and ITOps. That data management solution needs to do more. It needs to be part of an active conversation, you know? Not just, you know, recovery readiness. Can you ensure that, are you testing that, is it recoverable? That is your last mile of defense. So then you get questions like that from security teams. You get you know, the need for doing more, signals. Can I get better signals from my data management stack to tell me I might be under attack? So what we're seeing in the conversation is the need to have more active conversations around data management and the bridge between ITOps and SecurityOps is really becoming paramount for our customers. >> Yeah, Dave Totten I mean, I often say that I think data protection used to be this bolt on. Now it's a fundamental component of the digital business stack. Anything you would add to what Manoj just said. >> Yeah, I would just say exactly that. Data is an asset, right? We talked about it a lot about the competitive advantage that customers are now realizing that no longer is IT considered sort of this cost center element. We need to be able to leverage our interactions with customers, with partners, with supply chains, with manufacturers, we need to be able to leverage that to sort of create differentiation and competitive advantage in the marketplace. And so if you think about it, as that way as the fuel for economic profitability and business growth, you would do everything in your power to secure it, to support it, to make sure you had access to it, to make sure that you didn't have you know, bad intent users accessing it. And I think we're seeing that shift with customers as they think more about how to be more efficient with their investments in information technology and then how just to make sure that they protect the lifeblood of their businesses. >> Yeah, and that just makes it harder because the adversary is very capable. They're coming in through the digital supply chain. So it's complicated. And so Dave and maybe Manoj, you can comment as well after, Microsoft and Commvault, you guys have been working together for decades and so you've seen a lot of the changes, a lot of the waves. So I'm curious as to how the partnership has evolved. You've got a recent strategic announcement around Azure with Metallic. Dave, take us through that. >> Yeah, I mean you know, Commvault and Microsoft aren't newlyweds, we've been together now for 25 plus years. We send each other anniversary gifts, all that good stuff. And you know, listen, there's a couple things that are key to our relationship. One, we started believing in each other's engineering organizations, right? We hire the best, we train and retain the best. And we both put a lot of investment behind our infrastructure and the ability to work together to really innovate at real time, rapid speeds. Two, we use Commvault products so you know, there's no greater I think, advantage that if a major supplier or platform partner like Microsoft uses your products. We've used it for years in our Xbox group to support and store the data for a hundred million XBox live users. And we're very avid with it with our data centers, our access to Azure data centers, our Microsoft office products. And so we use Commvault services as well. And through that mutual relationship you know, obviously Commvault has seen the ins and outs of what's great about our services and where we're continuing to build and invest. And so they've been able to really you know, dedicate a team of engineers and architects to support all that Azure as a platform, as a service can provide. And then how to take the best of those features and build it into their own first party products. I think when you get close enough to somebody for so many years right, 25 plus years, you figure out what they're great at and you learn to take those advantages like Commvault has with Microsoft and Azure and use it to your advantage, right? To build the best in class product that Metallic actually is. And you're right, the announcement this week it feels culminating, it feels like it's a major milestone in first off, industry innovation but also in our relationship. But it's really not that big of a step change from what we've been doing and building and innovating on for the past you know, 25 years. >> Yeah so Manoj, that's got to be music to your ears. Because you come at it with this rich data protection stack, Microsoft there's so many capabilities. One of the courses, which is Azure. It's like the secret weapon, it's become the secret weapon. How do you think about that relationship, Manoj? >> Absolutely Dave said it right. We are strong partners, 25 years, founding in Western Commvault, mutual customers, partnership. You know, really when you look at it from a customer lens, what our customers have appreciated, over the last year of that strengthening of that partnership basically the two pillars of Commvault the leader of data protection, or you know, for the last 25 years, 10 out of 10 in the Gartner MQ comes together with Azure, the enterprise secure cloud leader in creating Metallic. Metallic, now with 1,000 plus customers around the world, there's a reason they trust it. It's now become part of how they protect their Office 365. No workload left behind, which is very unique, you know? So what we have architected together and now we're taking it to the next phase, our joint partners, right? Our joint customers, that those are some of the things that are really changing in terms of how we're accelerating the partnership. >> Manoj, you and I have talked about ransomware a lot, we did a special segment a while back on that. The adversary is very capable. And you know, I put in the chat this morning, at Commvault Connections, you don't even need a high school diploma to be a ransomwarist. You can go on the dark web, you can buy ransomware as a service. All you need is access to a server and you can stick you know, some malware on it. So you know, it's very, very dangerous times. What is it about data management as a service that makes it a good fit right now from a customer perspective to solve this problem? >> Absolutely. Bad guys, real life, or in the cyber world, they have some techniques. First thing they do in a ransomware is you go after the exits. What are the exit doors? Now you back up data, they know that that backup data can be used to recover. So they go and try to defeat the backup products in that environment. That's number one game that changes with data management as a service. Your data management data protection environment is not inside your environment. Chances to do two simultaneous penetrations to try and anything is possible. But now you've got an additional layer of recovery readiness because that control plane secured on top of Microsoft, Azure, 3,500 security professionals, FedRAMP high standard only data management and service entity to get it. As one of our customers said, "A unicorn in the wild", that is what you have as your data management environment. So if something bad happens, worst case, this environment is ready. Our enterprise customers are starting to understand that this is becoming a big reason to shift to this model. You know, then it's okay if you're not ready to shift the entire model, you're given the easy button of just air gapping of your data. So if you're an existing Commvault customer, appliance, software, anything, secure air gap Metallic cloud storage on hardened Azure Blob protected jointly by us, start there. And finally things like active directory. Talk about shutting the exit path, right? Take that down, your entire environment is not accessible. We make it easy for you to recover that. And because of our partnership, we're able to get it for free to every one of our customers. Go protect your active directory environment using (speaks faintly) kind of three big reasons that we're seeing that entire conversation shift in the minds of our customers. >> Yeah, thank you for that. That's a no brainer. Dave, how do Metallic and Microsoft fit together? Where's the you know, kind of value chain if you will, when it comes to dealing with cyber protection or ransomware recovery, how are your customers thinking about that? >> Yeah well, first it's a shared responsibility model, right? When you've got the best in class platform like Azure with built in protections, scalable data centers all over the global footprint. But then also we spend 10 plus billion dollars a year in security and defense and our own data center environments, right? And so I always find it inspiring when companies believe that their investments in security and platform protection is going to do the job. That's true, that used to be true. Now with Azure, you can take advantage of this global scale and secure you know, footprint of investment that a company like Microsoft has done to really set your heart at ease. Now, what do you do with your actual applications and who has access to it, and how do you actually integrate like Manoj was talking about down to the individual or the individual account that's trying to get access to your environment? Well, that's where Commvault comes in at that point of attack or at that point of an actual data element. So if you've got that environment within Commvault system backed by the umbrella of the Azure security infrastructure, that's how the two sort of compliment each other. And again, it's about shared responsibility, right? We want every customer that leverages Azure to make sure that they know it's secure, it's protected. We've got a mechanism to protect your best interests. Commvault has that exact same mission statement, right? To make sure that every single element that comes into contact with their products is protected, is secure, is trustworthy. You know, I got a long lesson, long, long time ago, early in my career that says you can goof up a product feature, you can goof up the color scheme on a website but if you lose a customer's data or somebody trust, you never get it back. And so we don't take our relationships with customers very lightly. And I think our committed and joint responsibility to delight and support our customers is what has led to this partnership being so successful over the past couple of decades. >> Great, thank you, Dave. And so Manoj, I was saying earlier that data protection has become a fundamental component of your digital business stack. So that sounds good but what should customers be doing to make data protection and data management, a business value driver versus just a liability or exposure or cost factor that has to be managed? What do you think about that? >> No, and then David added earlier, right? It's no longer a liability. In fact it is you know, someone said data is the new oil, right? It is your crown jewels. You got to to start with thinking about an active data protection strategy, not you know, thinking about passive tools and looking at it in terms of a compliance or I need to keep the data around. So that's the number one part is like, how do I have something that protects all my workloads and everyone has a different pace of transformation. So unless you know, you're a company that just got created, you have environments that are on-prem, on the edge, in CoLOS, public cloud. You got you know, SaaS applications, all of those have a critical data that needs to come together. Look for breadth of data protection, something that doesn't leave your workloads behind. Siloed solutions, create a Swiss cheese that create light for the attackers to go after those gaps. You don't want to look for that, you know? And then finally trust. I mean you know, what are the pillars of trust that the solution is built on? You got to figure out how your teams can get to doing more productive things rather than patching systems. You know, making sure that the infrastructure is up. As Dave said you know, we invest a ton jointly in securing this infrastructure. Trust that and leverage that as a differentiator rather than trying to duplicate all of that. So those are some of the you know, key things. And you know, look for players who understand that hybrid is here, give you different entry points. Don't force you know, the single single mode of operation. Those are the things we have built to make it easier for our customers to have a more active data management strategy. >> Dave, Todd, I'll give you the last word we got to go but I want to hit on this notion of zero trust. It used to be a buzz word now it's mainstream. There's so much that this discussion, is it Prudentialist access? Every access is treated maybe as privileged but what does zero trust mean to you in less than a minute? >> Yeah you know, trust but verify, right? Every interaction you have with your infrastructure, with your data, with your applications and you do it at the identity level. We care about identity and we know that that's the core of how people are going to try and access infrastructure. Used to be protect the perimeter. The analogy I always use is we have locks on our houses. Now the bad guys are everywhere. They're getting inside our houses and they're not immediately taking things, they're hiding in the closet and they're popping out three weeks later before anybody knows it. And so being able to actually manage, measure, protect every interaction you have with your infrastructure and do it at the individual or application level, that's what zero trust is all about. So don't trust any interaction, make sure that you pass that authorization through with every ask. And then make sure you protect it from the inside out. >> Great stuff. Okay guys, we've got to leave it there. Thanks so much for the time today. All right next, right after a short break, we're headed into the CXL Power Panel to hear what's on the minds of the executives as it relates to data management in the digital era. Keep it right there, you're watching theCUBE. (lighthearted music)