>> Is and who we are today as as a country, as a universe. >> Narrator: Congratulations Reggie Jackson, (inspirational music) you are a CUBE alumni. (upbeat music) >> Announcer: Live from Las Vegas it's theCUBE covering Splunk.Conf19. Brought to you by Splunk. >> Okay, welcome back everyone it's theCUBE's live coverage here in Las Vegas for Splunk.Conf19. I am John Furrier host of theCUBE. It's the 10th Anniversary of Splunk's .Conf user conference. Our 7th year covering it. It's been quite a ride, what a wave. Splunk keeps getting stronger and better, adding more features, and has really become a powerhouse from a third party security standpoint. We got a C-SO in theCUBE on theCUBE today. Chief Information Security, John Frushour Deputy Chief (mumbles) New York-Presbyterian The Award Winner from the Data to Everywhere Award winner, welcome by theCube. >> Thank you, thank you. >> So first of all, what is the award that you won? I missed the keynotes, I was working on a story this morning. >> Frushour: Sure, sure. >> What's the award? >> Yeah, the Data Everything award is really celebrating using Splunk kind of outside its traditional use case, you know I'm a security professional. We use Splunk. We're a Splunk Enterprise Security customer. That's kind of our daily duty. That's our primary use case for Splunk, but you know, New York Presbyterian developed the system to track narcotic diversion. We call it our medication analytics platform and we're using Splunk to track opioid diversion, slash narcotic diversions, same term, across our enterprise. So, looking for improper prescription usage, over prescription, under prescription, prescribing for deceased patients, prescribing for patients that you've never seen before, superman problems like taking one pill out of the drawer every time for the last thirty times to build up a stash. You know, not resupplying a cabinet when you should have thirty pills and you only see fifteen. What happened there? Everything's data. It's data everything. And so we use this data to try to solve this problem. >> So that's (mumbles) that's great usage we'll find the drugs, I'm going to work hard for it. But that's just an insider threat kind of concept. >> Frushour: Absolutely. >> As a C-SO, you know, security's obviously paramount. What's changed the most? 'Cause look at, I mean, just looking at Splunk over the past seven years, log files, now you got cloud native tracing, all the KPI's, >> Frushour: Sure. >> You now have massive volumes of data coming in. You got core business operations with IOT things all instrumental. >> Sure, sure. >> As a security offer, that's a pretty big surface area. >> Yeah. >> How do you look at that? What's your philosophy on that? >> You know, a lot of what we do, and my boss, the C-SO (mumbles) we look at is endpoint protection and really driving down to that smaller element of what we complete and control. I mean, ten, fifteen years ago information security was all about perimeter control, so you've got firewalls, defense and depth models. I have a firewall, I have a proxy, I have an endpoint solution, I have an AV, I have some type of data redaction capability, data masking, data labeling capability, and I think we've seen.. I don't think security's changed. I hear a lot of people say, "Oh, well, information security's so much different nowadays." No, you know, I'm a military guy. I don't think anything's changed, I think the target changed. And I think the target moved from the perimeter to the endpoint. And so we're very focused on user behavior. We're very focused on endpoint agents and what people are doing on their individual machines that could cause a risk. We're entitling and providing privilege to end users today that twenty years ago we would've never granted. You know, there was a few people with the keys to the kingdom, and inside the castle keep. Nowadays everybody's got an admin account and everybody's got some level of privilege. And it's the endpoint, it's the individual that we're most focused on, making sure that they're safe and they can operate effectively in hospitals. >> Interviewer: What are some of the tactical things that have changed? Obviously, the endpoint obviously shifted, so some tactics have to change probably again. Operationally, you still got to solve the same problem: attacks, insider threats, etc. >> Frushour: Yeah. >> What are the tactics? What new tactics have emerged that are critical to you guys? >> Yeah, that's a tough question, I mean has really anything changed? Is the game really the game? Is the con really the same con? You look at, you know, titans of security and think about guys like Kevin Mitnick that pioneered, you know, social engineering and this sort of stuff, and really... It's really just convincing a human to do something that they shouldn't do, right? >> Interviewer: Yeah. >> I mean you can read all these books about phone freaking and going in and convincing the administrative assistant that you're just late for meeting and you need to get in through that special door to get in that special room, and bingo. Then you're in a Telco closet, and you know, you've got access. Nowadays, you don't have to walk into that same administrative assistant's desk and convince 'em that you're just late for the meeting. You can send a phishing email. So the tactics, I think, have changed to be more personal and more direct. The phishing emails, the spear phishing emails, I mean, we're a large healthcare institution. We get hit with those types of target attacks every day. They come via mobile device, They come via the phishing emails. Look at the Google Play store. Just, I think, in the last month has had two apps that have had some type of backdoor or malicious content in them that got through the app store and got onto people's phones. We had to pull that off people's phones, which wasn't pretty. >> Interviewer: Yeah. >> But I think it's the same game. It's the same kind to convince humans to do stuff that they're not supposed to do. But the delivery mechanism, the tactical delivery's changed. >> Interviewer: How is Splunk involved? Cause I've always been a big fan of Splunk. People who know me know that I've pretty much been a fan boy. The way they handle large amounts of data, log files, (mumbles) >> Frushour: Sure. >> and then expand out into other areas. People love to use Splunk to bring in their data, and to bring it into, I hate to use the word data leg but I mean, Just getting... >> Yeah >> the control of the data. How is data used now in your world? Because you got a lot of things going on. You got healthcare, IOT, people. >> Frushour: Sure, sure. >> I mean lives are on the line. >> Frushour: Lives are on the line, yeah. >> And there's things you got to be aware of and data's key. What is your approach? >> Well first I'm going to shamelessly plug a quote I heard from (mumbles) this week, who leads the security practice. She said that data is the oxygen of AI, and I just, I love that quote. I think that's just a fantastic line. Data's the oxygen of AI. I wish I'd come up with it myself, but now I owe her a royalty fee. I think you could probably extend that and say data is the lifeline of Splunk. So, if you think about a use case like our medication analytics platform, we're bringing in data sources from our time clock system, our multi-factor authentication system, our remote access desktop system. Logs from our electronic medical records system, Logs from the cabinets that hold the narcotics that every time you open the door, you know, a log then is created. So, we're bringing in kind of everything that you would need to see. Aside from doing something with actual video cameras and tracking people in some augmented reality matrix whatever, we've got all the data sources to really pin down all the data that we need to pin down, "Okay, Nurse Sally, you know, you opened that cabinet on that day on your shift after you authenticated and pulled out this much Oxy and distributed it to this patient." I mean, we have a full picture and chain of everything. >> Full supply chain of everything. >> We can see everything that happens and with every new data source that's out there, the beauty of Splunk is you just add it to Splunk. I mean, the Splunk handles structured and unstructured data. Splunk handles cis log fees and JSON fees, and there's, I mean there's just, it doesn't matter You can just add that stream to Splunk, enrich those events that were reported today. We have another solution which we call the privacy platform. Really built for our privacy team. And in that scenario, kind of the same data sets. We're looking at time cards, we're looking at authentication, we're looking at access and you visited this website via this proxy on this day, but the information from the EMR is very critical because we're watching for people that open patient records when they're not supposed to. We're the number five hospital in the country. We're the number one hospital in the state of New York. We have a large (mumbles) of very important people that are our patients and people want to see those records. And so the privacy platform is designed to get audit trails for looking at all that stuff and saying, "Hey, Nurse Sally, we just saw that you looked at patient Billy's record. That's not good. Let's investigate." We have about thirty use cases for privacy. >> Interviewer: So it's not in context of what she's doing, that's where the data come in? >> That's where the data come in, I mean, it's advanced. Nurse Sally opens up the EMR and looks at patient Billy's record, maybe patient Billy wasn't on the chart, or patient Billy is a VIP, or patient Billy is, for whatever reason, not supposed to be on that docket for that nurse, on that schedule for that nurse, we're going to get an alarm. The privacy team's going to go, "Oh, well, were they supposed to look at that record?" I'm just giving you, kind of, like two or three uses cases, but there's about thirty of them. >> Yeah, sure, I mean, celebrities whether it's Donald Trump who probably went there at some point. Everyone wants to get his taxes and records to just general patient care. >> Just general patient care. Yeah, exactly, and the privacy of our patients is paramount. I mean, especially in this digital age where, like we talked about earlier, everyone's going after making a human do something silly, right? We want to ensure that our humans, our nurses, our best in class patient care professionals are not doing something with your record that they're not supposed to. >> Interviewer: Well John, I want to hear your thoughts on this story I did a couple weeks ago called the Industrial IOT Apocalypse: Now or Later? And the provocative story was simply trying to raise awareness that malware and spear phishing is just tactics for that. Endpoint is critical, obviously. >> Sure. >> You pointed that out, everyone kind of knows that . >> Sure. >> But until someone dies, until there's a catastrophe where you can take over physical equipment, whether it's a self-driving bus, >> Frushour: Yeah. >> Or go into a hospital and not just do ransom ware, >> Frushour: Absolutely. >> Actually using industrial equipment to kill people. >> Sure. >> Interviewer: To cause a lot of harm. >> Right. >> This is an industrial, kind of the hacking kind of mindset. There's a lot of conversations going on, not enough mainstream conversations, but some of the top people are talking about this. This is kind of a concern. What's your view on this? Is it something that needs to be talked about more of? Is it just BS? Should it be... Is there any signal there that's worth talking about around protecting the physical things that are attached to them? >> Oh, absolutely, I mean this is a huge, huge area of interest for us. Medical device security at New York Presbyterian, we have anywhere from about eighty to ninety thousand endpoints across the enterprise. Every ICU room in our organization has about seven to ten connected devices in the ICU room. From infusion pumps to intubation machines to heart rate monitors and SPO2 monitors, all this stuff. >> Interviewer: All IP and connected. >> All connected, right. The policy or the medium in which they're connected changes. Some are ZP and Bluetooth and hard line and WiFi, and we've got all these different protocols that they use to connect. We buy biomedical devices at volume, right? And biomedical devices have a long path towards FDA certification, so a lot of the time they're designed years before they're fielded. And when they're fielded, they come out and the device manufacturer says, "Alright, we've got this new widget. It's going to, you know, save lives, it's a great widget. It uses this protocol called TLS 1.0." And as a security professional I'm sitting there going, "Really?" Like, I'm not buying that but that's kind of the only game, that's the only widget that I can buy because that's the only widget that does that particular function and, you know, it was made. So, this is a huge problem for us is endpoint device security, ensuring there's no vulnerabilities, ensuring we're not increasing our risk profile by adding these devices to our network and endangering our patients. So it's a huge area. >> And also compatible to what you guys are thinking. Like I could imagine, like, why would you want a multi-threaded processor on a light bulb? >> Frushour: Yeah. >> I mean, scope it down, turn it on, turn it off. >> Frushour: Scope it down for its intended purpose, yeah, I mean, FDA certification is all about if the device performs its intended function. But, so we've, you know, we really leaned forward, our CSO has really leaned forward with initiatives like the S bomb. He's working closely with the FDA to develop kind of a set of baseline standards. Ports and protocols, software and services. It uses these libraries, It talks to these servers in this country. And then we have this portfolio that a security professional would say, "Okay, I accept that risk. That's okay, I'll put that on my network moving on." But this is absolutely a huge area of concern for us, and as we get more connected we are very, very leaning forward on telehealth and delivering a great patient experience from a mobile device, a phone, a tablet. That type of delivery mechanism spawns all kinds of privacy concerns, and inter-operability concerns with protocol. >> What's protected. >> Exactly. >> That's good, I love to follow up with you on that. Something we can double down on. But while we're here this morning I want to get back to data. >> Frushour: Sure. >> Thank you, by the way, for sharing that insight. Something I think's really important, industrial IOT protection. Diverse data is really feeds a lot of great machine learning. You're only as good as your next blind spot, right? And when you're doing pattern recognition by using data. >> Frushour: Absolutely. >> So data is data, right? You know, telecraft, other data. Mixing data could actually be a good thing. >> Frushour: Sure, sure. >> Most professionals would agree to that. How do you look at diverse data? Because in healthcare there's two schools of thought. There's the old, HIPAA. "We don't share anything." That client privacy, you mentioned that, to full sharing to get the maximum out of the AI or machine learning. >> Sure. >> How are you guys looking at that data, diverse data, the sharing? Cause in security sharing's good too, right? >> Sure, sure, sure. >> What's your thoughts on sharing data? >> I mean sharing data across our institutions, which we have great relationships with, in New York is very fluid at New York Presbyterian. We're a large healthcare conglomerate with a lot of disparate hospitals that came as a result of partnership and acquisition. They don't all use the same electronic health record system. I think right now we have seven in play and we're converging down to one. But that's a lot of data sharing that we have to focus on between seven different HR's. A patient could move from one institution to the next for a specialty procedure, and you got to make sure that their data goes with them. >> Yeah. >> So I think we're pretty, we're pretty decent at sharing the data when it needs to be shared. It's the other part of your question about artificial intelligence, really I go back to like dedication analytics. A large part of the medication analytics platform that we designed does a lot of anomaly detections, anomaly detection on diversion. So if we see that, let's say you're, you know, a physician and you do knee surgeries. I'm just making this up. I am not a clinician, so we're going to hear a lot of stupidity here, but bare with me. So you do knee surgeries, and you do knee surgeries once a day, every day, Monday through Friday, right? And after that knee surgery, which you do every day in cyclical form, you prescribe two thousand milligrams of Vicodin. That's your standard. And doctors, you know, they're humans. Humans are built on patterns. That's your pattern. Two thousand milligrams. That's worked for you; that's what you prescribe. But all of the sudden on Saturday, a day that you've never done a knee surgery in your life for the last twenty years, you all of a sudden perform a very invasive knee surgery procedure that apparently had a lot of complications because the duration of the procedure was way outside the bounds of all the other procedures. And if you're kind of a math geek right now you're probably thinking, "I see where he's going with this." >> Interviewer: Yeah. >> Because you just become an anomaly. And then maybe you prescribe ten thousand milligrams of Vicodin on that day. A procedure outside of your schedule with a prescription history that we've never seen before, that's the beauty of funneling this data into Splunk's ML Toolkit. And then visualizing that. I love the 3D visualization, right? Because anybody can see like, "Okay, all this stuff, the school of phish here is safe, but these I've got to focus on." >> Interviewer: Yeah. >> Right? And so we put that into the ML Toolkit and then we can see, "Okay, Dr. X.." We have ten thousand, a little over ten thousand physicians across New York Presbyterian. Doctor X right over here, that does not look like a normal prescriptive scenario as the rest of their baseline. And we can tweak this and we can change precision and we can change accuracy. We can move all this stuff around and say, "Well, let's just look on medical record number, Let's just focus on procedure type, Let's focus on campus location. What did they prescribe from a different campus?" That's anomalous. So that is huge for us, using the ML Toolkit to look at those anomalies and then drive the privacy team, the risk teams, the pharmacy analytics teams to say, "Oh, I need to go investigate." >> So, that's a lot of heavy lifting for ya? Let you guys look at data that you need to look at. >> Absolutely. >> Give ya a (mumbles). Final question, Splunk, in general, you're happy with these guys? Obviously, they do a big part of your data. What should people know about Splunk 2019, this year? And are you happy with them? >> Oh, I mean Splunk has been a great partner to New York Presbyterian. We've done so much incredible development work with them, and really, what I like to talk about is Splunk for healthcare. You know, we've created, we saw some really important problems in our space, in this article. But, we're looking, we're leaning really far forward into things like risk based analysis, peri-op services. We've got a microbial stewardship program, that we're looking at developing into Splunk, so we can watch that. That's a huge, I wouldn't say as big of a crisis as the opioid epidemic, but an equally important crisis to medical professionals across this country. And, these are all solvable problems, this is just data. Right? These are just events that happen in different systems. If we can get that into Splunk, we can cease the archaic practice of looking at spreadsheets, and look up tables and people spending days to find one thing to investigate. Splunk's been a great partner to us. The tool it has been fantastic in helping us in our journey to provide best in-class patient care. >> Well, congratulations, John Frushour, Deputy Chief Information Security Officer, New York Presbyterian. Thanks for that insight. >> You're welcome. >> Great (mumbles) healthcare and your challenge and your opportunity. >> Congratulations for the award winner Data to Everything award winner, got to get that slogan. Get used to that, it's two everything. Getting things done, he's a doer. I'm John Furrier, here on theCube doing the Cube action all day for three days. We're on day two, we'll be back with more coverage, after this short break. (upbeat music)

from our studios in the heart of Silicon Valley Palo Alto California this is a cute conversation hey welcome back everybody Jeffrey here with the cube we're in our Palo Alto Studios here today for a cute conversation it's a little bit of a dog days of summer conference seasons a little bit slow so we're excited we can kind of take a step back and we're gonna look back actually in time we're excited to have a very special guest rich Kolbert he is the field CTO at Dell EMC but really what we're talking about today is this data domain is 10-year anniversary of the date domain acquisition so rich first off welcome to the to the cube thanks Jeff excited to be here thanks for the invitation appreciate it I can't believe we're talking before we turned the cameras on that you join in 2006 and yet it's been 10 years I'm like wait 2006 was more than 10 can that be we're just getting old I don't know things are changing too fast no it's like a trip down memory lane and it just seems so long ago and yes in a way it also seems like yesterday I think things have gone so quickly so we're also joined in this segment by our top data analyst also the founder of wiki bond and co-ceo of Silicon angle media and founder of that as well so Dave Villante is joining us all the way from Boston Dave good to see ya hey Jeff hi rich to talk to you guys hey Dave so let's take a quick trip back 10 years ago actually maybe 11 years ago things were starting to heat up there was a lot of different vendors out there a lot of different players and things started to consolidate so I wonder if you can give us a little bit of your perspective what what's going on rich and then we'll get Dave's perspective yeah it was an interesting time right before the data domain acquisition we actually went through some economic times in 2008 and the markets are changing and and and some companies are becoming more successful some companies were struggling through that time customers were also looking for ways to to you know save money and do some interesting things there so it was a mixed feeling set of you know through that times data domain had IPO in 2007 and we were kind of going through this this explosive period of growth but you know across the board we just saw so many things change all at once and we really were surprised I think when initially was NetApp that an that they had intentions to bias and I think that was due to some of the economic factors of play and then of course EMC stepped in and and started a bidding contest with NetApp for for the company right so I Dave wonder if you could share your perspective you're sitting as an analyst you got Jo TG The Godfather of storage back in Boston what were you seeing in terms of the kind of the market dynamics and was it a surprise wouldn't that app decided to make a move well if you know first first of all I had left the storage industry for quite some time and when I started wiki bond we looked at storage and nothing had changed except one thing which was David deduplication that was new until a new tape was finally I always hated the tape the tape was finally being attacked so it was it was amazing time and EMC at the time we had some obviously great management yet Frank Sluman running data domain yo Joe Tucci who always balanced out acquisitions with organic you know in how to R&D and when Tom Georgians and NetApp said they were gonna go by David domain emt's walk right in and said no way so it was somewhat of a defensive move but at the same time when you talk to the M&A guys they said no no it's not just defense we can actually make this a growth play and that's exactly what happened Dayna domain I think at the time rich was probably a couple of hundred million dollar company and then they they popped that at the EMC and scaled that to you know well over a billion dollars and it'll maintain the the franchise and then grew it quite dramatically beyond where all the expectations were for the market the market team at the time was probably around a billion and I think ID seen rich as a over three billion today yeah one of the things that's so don't quote me on all the numbers because I'm not like you know watching the market caps and stocks but I think we'd gotten up to about a 500 million dollar run rate in terms of sales and prior to the crash I think our market cap was actually significantly higher so so our price came down you know which is one of the things I think that attracted NetApp to the game so the interesting dynamic inside the company was that the NetApp offer was was kind of the first one so they were working with the data domain leadership and they were speaking with us EMC was more of a kind of unsolicited offer so there was less communication and I remember there was a morning I was at San Francisco Airport going out to meet a customer and Joe to Chi put out a full-page ad in a local newspaper and we were reading that and that was his way of communicating to the to the people a data domain saying he wants to welcome us into the family it was quite a moment well it sure was and of course you guys were fierce competitors data domain was fierce competitors with with EMC you know fighting for for the install base and then all of a sudden you know the cultures it's somehow work EMC was was very good at acquisitions and he made it work and they not active it was an outside observer but you were there you know Frank Sluman came in did it's kind of running the the data protection organization but a lot has changed since then hasn't it I mean back then you stored you know a little bit of data I think accounting of terabytes today we live in a petabyte scale world I could talk about what's changed well you know the scales and performance certainly has changed I think the data domain platform today is about a thousand times larger than it was when it first came to market and in fact when we were being bid on by NetApp and EMC we had a flagship product is the DD 690 you know behind the scenes we had a system that was coming out that was double that size and EMC nor Netta knew about that so once the deal closed they got to find out that our size had just doubled in our performance and doubled at the same time but you're right you kind of talked about the dynamics inside of EMC EMC had a very large data protection you know division they had avemar networker santaros v TLS they also had an OEM arrangement for a competing product with the data domain platform so it was really like you know I compared to going to Hogwarts right where you have all of these different houses and we came in with with data domain and and I think the thing that really the glue that really helped it come to get was Joe Tucci you know tapping Frank's Luqman on the shoulder as the leader to bring this together and taking what was the borough division and and reforming it as the BRS division and I think we came together very quickly as a team even though people came from all of these different backgrounds you know standing for these different products rich let me follow up on that because there's a lot of M&A activity going on right now and and not very many big M&A deals are ultimately successful it turns out so what you said a little bit about you know Joe and Frank you know coming together but what are some of the other attributes that you would say that made it work it actually did what everybody hopes on an acquisition which is take great technology put it into a big sales machine and watch it grow and grow I think part of it you know quite frankly just comes down to the product and being differentiated because there are a lot of products out there and and if you take a step back they have good things that they're doing but it's very hard to find a product that says hey you're doing something that even if you put the blueprints out there it's very hard for other people to follow in those footsteps and create a similar value proposition and I think I think in this case it was a differentiated product and it had a lot of energy of its own and and I think from an EMC perspective they just stood back and said let's take this momentum and and play it out and see how how far it can take itself unfortunately I think a lot of times they don't do that right a lot of times acquiring companies don't just take this great thing and kind of get out of the way and add the juice where they can but you try to to try to change it so that's a really nice statement on Joe to G and what he was able to accomplish yeah no he was fantastic for us and and his support was tremendous but also his you know delegation and and kind of seeing how this but you know kind of having a vision of how this business unit should be formed right I think what was was very prison and then now you're part of Dell so obviously Michael Dell big personality as well the Dell technology stories he's doing a great job of pulling all these pieces together and you know kind of reinvigorating the brand coming back out of the little little side bar you know make it private for a while and come back so I wonder if you can talk about that integration how's that going as you've gone now a couple of times well I think it's been very exciting for us because the one piece that EMC had always been lacking had been the the compute part of the picture and now we have really the ability to go in and talk about the entire stack with our customers and that's that's a lot more powerful than saying here is an element of it and then if you want to go and add compute to that perhaps you know put in your virtual or physical servers then you're gonna we're going to need to partner with somebody and you know it's it's just a much cleaner story from end to end right right so the big big change obviously that wasn't around ten years ago that is around today is public cloud right huge impact not only directly in in taking workloads to the public cloud but also I think much more importantly changing the way people think about provisioning thinking about the way people think about elastic capacity so as as the market has evolved the rise of AWS and any other public clouds how has that changed what you guys are doing how are you reacting to that house at a new opportunity you know to kind of grow the maturity of the core product yeah well the thing is we have taken a lot of approach you know that's been learning and evolving as well right so so you know developers and applications really figured out AWS and the public cloud early I think data protection has has followed along with a couple years of lag in terms of doing that so you know our perspective is we learned as well right so so 2015 2016 I think there was some resistance and I think ultimately when we started to follow those workloads into the cloud there was a little bit of a lift and shift what we've learned is that the architecture really matters when you get to the cloud so the efficient use of resources the ability to do things in a cloud like way to use for example object storage instead of block storage when when the case presents itself so we took our products and virtualize them and followed them into the cloud but we realized that just taking the on-premise version of the product and putting it in the cloud itself isn't enough right because at the end of the day the customer is paying for all the underlying resources and so if your architecture is an efficient from a cost perspective as well as a performance perspective it's not going to be a viable solution and so 2017-2018 we've really seen a big acceleration in our adoption in the cloud because we have adapted our architecture to be more cloud friendly and more cost-effective for our customers to deploy but it was a learning experience for sure you know and and I think we're continuing to learn and continue to develop in that space and there's a lot of opportunity ahead of us the other big change I think that's come that we see over and over and over is really data as an asset only as an asset but as a huge valuable asset that drives your business drives real lytx but then becomes actually something that drives your company value and I think we see that and the Facebook's of the world and the googles of the world of why they have these crazy high valuations relative to here to their revenue and their profits because they're getting value for the data alright great news for you right it used to be a sample the day of the day was a pain it was expensive to store I didn't want to keep it all now everyone wants all the data they want to analyze it in real time and they want to put it in a place where they can actually put multiple applications across that same data set to do all kinds of new analytics so again super opportunity for you guys people aren't storing any less data no absolutely yeah no the data amount being stored is definitely growing one of the things that we're seeing that that's this kind of pervasive is this idea of of really using the right data the right place the right time so accessibility to whether it is a data Lake or it is your protection copies or you know an instant access of your protection copies there's a lot of different thing customers are doing with data but it's no longer a one-size-fits-all proposition like it was back in the tape automation days where I'm just throwing all of this stuff into a box and and never accessing it again right so the dynamics are changing and continue to evolve I expect that if we have this conversation two or three years down the road we're going to see some amazing things happen in the next couple of years that and some of it we were not predicting now we're gonna find out as customer demand and as innovation guides us along right because then the other big piece is the media right we've talked about tapes and the original data domain was was in response to some issues with tape and we get spinning rust as everybody likes to call it and now of course flash so yeah again see change in terms of capability the cost is coming down it's no longer the super high-end thing just for super high value applications so very transfer transformative opportunity on the on the media side as well on the flashlight as well you hit on a couple of really key things data domain was very successful because it became viable and practical to displace tape automation and nobody was a fan of their tape automation environments and now I think we're gonna see that's that same shift you know spinning disk is right now being relegated to archival and backup purposes but we're gonna hit an inflection point very soon I think we're where every instance of spinning disk probably can be questioned and so we are actually doing the you know kind of getting ahead of that curve and coming out with all flash products as a choice for a customer so we'll still have spinning disk for some backup use cases but we'll also have you know be able to offer customers a choice of the data domain technology on an all flash set of platforms and that will give customers a chance to get out of the yeah that spinning disk business as well right good I wonder if I get what if I get chime in here I you guys were talking about the the technologies and the cloud and the architecture it's interesting it David the main really started out don't hate me for saying this but as a feature product and the key feature was data deduplication data domain had the best you had a lot of guys doing post process you had you know some guys trying to do server-side avemar itself for example but they domain really killed it with regard to data David II do and if this feature product became a platform and had an architecture people became as you know unicorn times 2 plus plus and so I wanted to ask you rich about that architecture and aware it can go you're talking about different media now beyond spinning disk you know it used to be just a kind of a dumb target you've now got integrated appliances you've got software that's integrated there so it's you know you talked about the scale and the capacity where do you see this architecture going I wonder if you could comment on yeah well I think a lot of that belongs in in the realm of the data management software that speaks to it and and by having a distributed ecosystem and having things like you know distributed segment processing so we can take data domains technology and extend it out into those data management activities because a lot of the what's happening in the market is as new workloads are coming into the market they're having their own methods and native tools built-in for data protection and to be able to leverage those and have a highly consolidated affect on the backend is still extremely valuable to our customers and you're right it was a differentiated product from a deduplication standpoint but really the feature was that I can keep my 30 60 or 90 days worth of copies that are separate from my primary copies so I putting them somewhere safe I can even put them under different governance from my primary storage or my primary application owners right and it's practical and feasible and and prior to that the only real way to do that was with tape automation deduplication has become more of a broader word itself and it goes beyond what data domain does so there's deduplication and primary storage but if you look at primary storage deduplication it's good but it's designed to help you reduce the use of primary storage by 2 or 3 times it doesn't touch on the 30 60 90 days of retention that data domain does so there the similar technologies and a common use of the word but but they're two different use cases that the the remains separate I think yeah and you know as a former practitioner the other you are I think a former customer the genius part of the genius of data domain was its ability to just plug in to existing processes yes you didn't have to change things up and so it was an easy in but but it's impressive that you've been able to keep that that architecture going I wanted to ask you about market share you aided them in has always had a sixty plus percent market share I think it's at sixty now but it's it's like the Cisco of purpose-built backhaul appliances you're able to sort of dominate that little segment of the market which keeps getting bigger what but now you've got a lot of new entrants you know on VC money pouring in a lot of noise in the marketplace I feel like you guys maybe a couple years ago took your eye off the wall and now you've got this renewed sense of a vigor you know maybe it was parked partly the acquisition but you know we've talked to Beth Phelan about this a number of times you've really refreshed the portfolio so so wonder if you can talk about that and my question is what gives you confidence that you can continue to maintain your dominance yeah that's a great question and things have really changed I think starting around 2014 we were having some internal conversations about things like simplification the consumerization of IT and and all of those those dollars that you're talking about are really being poured into companies that are trying to take a different approach they're going into the white space that we had kind of left open which was simplicity right if you if you look back 10 or 15 years and you look at the the data management and enterprise backup software space enterprise backup software has been complicated and as you add more use cases it has become even more complicated and the customer base is no longer tolerant of that that's something that that maybe 10 or 15 years ago that was kind of a badge of honor to be working with complex and people just don't have the time for that there's a lot of IT generalists and folks that are out there that don't want to go to training class you know you know five days or ten days out of the year to learn how to use a product so that was a really good thing that we're seeing in the marketplace in terms of making products simpler easier to use and more approachable with things like discoverable functionality we certainly have the you know put a lot of effort into going in that direction because we think that's the right direction but what gives me confidence is the underlying storage value proposition about efficiency and performance and scale is something that we've still think that we have a strong upper hand on and when it comes down to that you know we take cloud as an example our data reduction in the cloud we think allows a much lower cost to serve and you know the customer is going to pay for that cloud storage or that cloud compute regardless of which vendor they're trusting in terms of their their solutions so simple only goes so far we think we can get there with simple but we don't necessarily see our competition having the efficiencies scalability and and so forth that we've already had so that that's good that gives me a lot of confidence so when you talk to customers what's the big problem the big hairy problem that they're trying to solve in your space and how are you guys helping so I one of the two big problems I see is is really a lot of IT teams are confronted with they've got a digital transformation going on they've got a cloud strategy going on an IT isn't necessarily being invited to the table early enough or often enough to go ahead and help with that process so what you have is you a cloud team building applications bringing things online and then the data protection the backups the snapshots whatever they're doing to make sure that that data is safe is is a bit of an afterthought and it you know I think of DevOps and I think about the ops part and I've never really come across an application team that wanted to own the business responsibility for the risk of you know backups recovery replication and all of that and I think IT has a lot of established practices that would be good to inform how those things should be built so the number one thing that I'm talking to with my customers when we're talking about this whole you know tectonic shift and in the way things are being done is that IT and the digital transformation or the cloud team do need to speak early and often and proactively about how they approach data protection because they continue to need to have a strategy that evolves and make sure they keep themselves protected as they start moving these critical workloads into the cloud it's an age-old problem with backup and data protection people think of it as a back as a bolt-on is an afterthought and your point is right on it's got to be a fundamental part of any transformation it's just like security you can't bolt it on earth just doesn't scale yeah and it's very much like you know back in the day when open systems was just coming of age there was a lot of operational discipline that the mainframe teams had and the mid-range teams had but the open systems was the Wild West and eventually open systems learned and and and a lot of that you know was knowledge sharing about best practices and you know Mis became IT now IT is becoming you know DevOps and digital transformation we're seeing a lot of that same dynamic happening again and and you know my main point is just you know start those conversations and if you're on the IT side start those conversations proactively you might not be getting invited to the digital transformation party invite yourself rich has been quite a 10 years and and as I was just watching an Andy Jazzy interview if you think the last 10 years have been crazy you ain't seen nothing yet so you guys are in a great position to stay agile and I'm gonna steal your line that it's no longer an honor to work on complicated systems that's great yeah it's been great being here thanks for having me and looking forward to maybe coming back in ten years and seeing what changed so hopefully we won't wait 10 years so rich thanks for stopping by Dave thanks for checking in from Boston and it's great to see you as well thanks you guys thanks Dave thanks Jeff [Music]