 There are many constants in the storage business, relentlessly declining costs per bit, innovations that perpetually battle the laws of physics, a seemingly endless flow of venture capital, despite the intense competition. And there's one other constant in the storage business, Eric Herzog, and he joins us today in this CUBE video exclusive to talk about IBM's recent storage announcements. Eric, welcome back to theCUBE. Great Dave, thanks very much. We love being on theCUBE and you guys do a great job of informing the industry about what's going on in storage and IT in general. Well, thank you for that. We're going to cover a lot of ground today. IBM Storage, you made a number of announcements the past month around data resilience, a new as a service model, which a lot of folks are doing in the industry. You've made performance enhancements. Can you give us the top line summary of the hard news, Eric? Sure, the top line summary is of course, cybersecurity is on top of mind for everybody in the recent Fortune 500 list that came out. You probably saw there was a survey of CEOs of Fortune 500 companies, they named cybersecurity as their number one concern, not war, not pandemic, but cybersecurity. Okay, so we've got an announcement around data resilience and cyber resiliency built on our flash system family with our new offering, safeguarded copy. And the second thing is the move to a new method of storage consumption. Storage is a service, a pay as you go model, cloud like the way people buy cloud storage, that's what you can do now from IBM Storage with our storage as a service. Those are the key to takeaways, Dave. Yeah, and I want to stay on the trends that we're seeing in cyber for a moment. The work from home pivot in the hybrid work approach has really created new exposures. People aren't as secure outside of the walled garden of the offices. And we've seen a dramatic escalation in the adversary's capabilities and techniques, not the least of which is island hopping, in other words, putting code fragments in the digital supply chain. They reform once they're inside the company and it's almost like this organic creepy thing that occurs. They're also living, as you know, stealthily for many, many months, sometimes years, exfiltrating data, and then just waiting. And then when companies respond, the incidents response trigger a ransomware incident. So they escalate the cyber crime and it's just a really, really bad situation for victims. What are you seeing in that regard and the trends? Well, one of the key things we see is everyone is very concerned about cybersecurity. The Biden administration has issued victims, not only to the government sector, but to the private sector, cybersecurity is a big issue. Other governments across the world have done the same thing. So at IBM Storage, what we see is taking a comprehensive view. Many people think that cybersecurity is the moat with the alligators, the castle wall, and then of course the sheriff of Nottingham to catch the bad guys. And we know the sheriff of Nottingham doesn't do a good job of catching Robin Hood. So it takes a while, as you just pointed out, sitting there for months or even longer. So one of the key things you need to do in an overall cybersecurity strategy is don't forget storage. Now our announcement around safeguarded copy is very much about rapid recovery after an attack from malware or ransomware. We have a much broader set of cybersecurity technology inside of IBM Storage. For example, with our flash system family, we can encrypt data at rest with no performance penalty. So if someone steals that data, guess what? It's encrypted. We can do anomalous pattern detection with our backup product spectrum protect plus. Why would you care? Well, if the cubes backup was taking two hours on particular data sets and all of a sudden it was taken four hours, maybe someone is encrypting those backup data sets. And so we notify. So what we believe at IBM is that an overarching cybersecurity strategy has to keep the bad guys out, okay? Correct detection, anomalous pattern behavior on the network, on the servers, on the storage and all of that, chasing the bad guy down once they've breached the wall, because that does happen. But if you don't have cyber and data resilience built into your storage technology, you are leaving a gap that the bad guys can exploit. Whether that be the malware ransomware guys, or by the way, Dave, there still is internal IT theft. Back there was a case about 10 years ago now where 10 IT guys stole $175 million. I kid you not, $175 million from a bunch of large banks across the country. And that was an internal IT theft. So between the internal IT issues that could approach you, malware and ransomware, comprehensive cybersecurity strategy must include storage. So I want to ask you about, come back to Safeguard copy. And you mentioned some features, some capabilities in encrypting data at rest, your anomalous pattern recognition. Inferring, you're taking a holistic approach, but of course you've got a storage centricity. What's different about your cyber solution? What's your unique value prop relative to your company? Well, when you look at Safeguarded copy, what it does is it creates immutable copies that are logically air gapped, but logically air gapped locally. So what that means is if you have a malware, ransomware attack and you need to do recovery, whether it be a surgical recovery or a full on recovery because they attacked everything, then we can do recovery in a couple hours versus a couple of days or a couple of weeks. Now, in addition to the logical local air gapping with Safeguarded copy, you also could do remote logical air gapping by snapping out to the cloud, which we also have on our flash system products. And you also of course could take our flash system products and back up to take, giving you a physical air gap. In short, we give our customers three different ways to help with malware and ransomware. Air gapping locally, right? Yeah, please continue, I'm sorry. So our air gapping locally for rapid recovery, air gapping remotely, which again then puts it on the cloud provider network. So hopefully they can't breach that. And then clearly a physical air gap going out to tape. All three and on the main frame, we have Safeguarded copy already Dave and several of our main frame customers actually do two of those things. They'll do Safeguarded copy for rapid recovery locally, but they'll also take that Safeguarded copy and either put it out to tape or put it out to a cloud provider with a remote logical air gap using a snapshot. I want to ask you a question about management because when you ask CISOs, what's your number one challenge? They'll say lack of talent. We've got all these tools, we lack of skills to really do all this stuff, can't hire people fast enough and they don't have the skills. So when you think about, and so what you do is you bring a lot of automation into the orchestration and management. My question is this, when you set up air gaps, do you recommend or what do you see in terms of logically and physically, not only physically separating the data, but also the management and orchestration and automation? Does that have to be logically air gapped as well or can you use the same management system? What's the best practice there? Ah, so what we do is we work with our copy management software, which will manage regular copies as well, but Safeguarded copies are immutable. You can't write to them, okay? You can't get rid of them and they're logically air gap from the local hosts. So the hosts, for the Safeguarded copies, that immutable copy you just made, the hosts don't even know that it's there. So you manage that with our copy management software, which by the way, will manage regular snapshots and replicas as well. But what that allows you to do is allows you to automate. For example, you could automate recovery across multiple flash system arrays. The copy services manager will allow you to set different parameters for different Safeguarded copies. So a certain Safeguarded copy, you could say, make me copy every four hours. And then on another volume, on a different data set, you could say, make me a copy every 12 hours. Once you set all that stuff up Dave, it's completely automated, completely automated. So I want to come back to something you mentioned about anomalous pattern recognition and how you help with threat detection. So a couple of multi-part question here. First of all, the backup corpus is an obvious target. So that's an area that you have to protect. And so, and you're saying, okay, you use the example if your backup's taking too long. But so how do you do that? What's the technology behind that? And then can you go beyond, should you go beyond just the backup corpus, with primary data or copies on prime, et cetera? Two-part question there. So when we look at it, the anomalous pattern detection as part of our backup software, say Spectrum Protect, and what it does, it uses AI-based technology. It recognizes the pattern. So it knows that the backup data set for the cube takes two hours and it recognizes that. And it sees that as the normal state of events. So if all of a sudden that backup that the cube was doing used to take two hours and starts taking four, what it does is that's an anomalous pattern. It's not a normal pattern. It'll send a note to the backup admin, the storage admin, whoever you designate it to and say, the backup data set for the cube that used to take two hours has taken four hours. You probably ought to check that, okay? So when we view cyber resiliency from a storage perspective, it's broad. We just talked about anomalous pattern detection in Spectrum Protect. We were talking most of the conversation about our safeguarded copy, which is available on the main frame for several years and is now available on Flash Systems, making immutable, local, air-gapped copies that can be rapidly recovered and are immutable and can help you recover for a malware, ransomware attack. Our data at rest encryption happens to be with no performance penalty. So when you look at it, you need to create an overarching strategy for cybersecurity. And then when you look at your storage estate, you need to look at your secondary storage, backup, replicas, snaps, archive and have a strategy there to protect that. And then you need a strategy to protect your primary storage, which would be things like safeguarded copy and encryption. So then you put it all together. And in fact, Dave, one of the things we offer is a free cyber resilience assessment. It's not only for IBM storage, but it happens to be a cyber resilience assessment that conforms to the NIST framework and it's heterogeneous. So if you're a big company, you've got IBM, EMC and HPE storage, guess what? It's all about the data sets, not about the storage. So we said, you said these 10 data sets are critical. Why are you not encrypting them? Okay, these data sets are XYZ, why are you not air gapping them? So we come up based on the NIST framework, a set of recommendations that are not IBM specific, but they are storage specific. Here's how you make your storage more resilient, both your secondary storage and your primary storage. That's how we see the big thing in safeguarded copy, of course, fits in on the primary storage side, A, on the main frame, which we've had for several years now and B, in the Linux world, the Unix world and the Windows server world on our flash system portfolio with the announcement we did on July 20th. Great, thank you for painting that picture. Eric, are you seeing any use case patterns emerge in this space? Well, we see a couple of things. First of all is A, most resellers and most end users don't see storage as an overarching part of the cybersecurity strategy and that's starting to change. Second thing we're seeing is more and more storage companies are trying to get into this bailiwick of offering cyber and data resilience. The value IBM brings, of course, is much longer experience to that and we even integrate with other products. So for example, IBM offers a product called Q-Radar from the security division, it's not a storage product, it's a security product and it helps you with early data breach recognition. So it looks at servers, network access, right? It looks at the storage and it actually integrates now with our safeguarded copy. So part of the value that we bring is this overarching strategy of A, comprehensive data and cyber resilience across our whole portfolio, including safeguarded copy on July 20th announcement, but also integration beyond storage now with our Q-Radar product from IBM's security division and there will be future announcements coming in both Q4 and Q1 of additional integration with other security technologies. So you can see how storage can be a vital cog in the corporate cybersecurity strategy. Got it, thank you. Let's pivot to the as-of-service, it's a cloud obviously is brought in as-of-service. It seems like everybody has one now. You guys have announced obviously HPE, Dell, Lenovo, Cisco, Pure, everybody's got now their as-of-service model. What do we need to know about your as-of-service solution and why is it different from the others? Sure, well one of the big differences is we actually go on actual storage, not effective. So when you look at effective storage, which most of them do, that includes creating the RAID data sets and other things, so you're basically paying for that. Second thing we do is we have a bigger margin. So for example, if theCUBE says we want SLA three, and we sell it by the SLA, Dave, SLA one, two and three. So let's say theCUBE needs SLA three, and the minimum capacity is 100 terabytes. But let's say you think you need 300 terabytes, no problem. You also have a variable. One of the key differences is unlike many of our competitors, the rate for the base and the rate for the variable are identical. Several of our competitors, when you're in the base, you pay a certain amount. When you go into the variable, they charge you a premium. The other key differentiator is around data reduction. Some of our competitors and all storage companies have data reduction technology, right? Block level D-dup, thin provisioning, compression, right? We all offer those features. The difference is with IBM's pay as you grow, storage is a service model. If you have certain data sets that are not very dedupable, not very compressible, we absorb that. With our competitors, most of them, if the data set is not easily dedupable, compressible, and they don't see the value, they actually charge you a premium for that. So that is a huge difference. And then last big difference is our 100% availability guarantee. We have that on our flash system product line. We're the only one offering 100% availability guarantee. We also, against many of the competitors, offer a better base. Nines, as you know, availability characteristics. We offer six nines of availability, which is five minutes and 26 seconds of downtime, and the 100% availability offering. Some of our competitors only offer four nines of availability. And if you want five or six, they charge you extra. We give you six nines base in, which is only five minutes and change of downtime in a year. So those are the key differences between us and the other as a service models out there. So the basic concept, I think, right, is if you commit to more and buy more, you pay less per, right? I mean, that's the basic philosophy of these things, right? So if I commit to you X, let's say I want to just sort of start small, and I commit to you to X, and okay, great. I mean, now in, maybe I sign up for a multi-year term, I commit this much, whatever, 100 terabytes, whatever the minimum is. And then I can say, hey, you know what? This is working for me. We CFO likes it, and the IT guys can provision more seamlessly. We got our charge back or show back, I want to now make a bigger commitment. And I can, and I want to sort of, can I break my three-year term and come back and then renegotiate, you know, kind of like reserved instances, maybe bigger and pay less? How do you approach that? Well, what you do is we do a couple of things. First of all, you could always add additional capacity. Okay, you just call up. We assign a technical account manager to every account. So in addition to what you get from the regular sales team and what you get from our valued business partners, by the way, we did factor in the business partners day into this. So business partners will have a great pay-as-you-go storage as a service solution that includes partners and their ability to leverage. In fact, several of our partners that do have both MSP and MHP businesses are working right now to leverage our storage as a service and then add on their own value with their own MSP and MHP capabilities. And they can white label that? Is that right or? Well, you'd still have storage as a service from IBM. They would resell that to the cube and then they'd add in their own MHP or MSP. Got it. That said, partners interested in doing a white label, we would certainly entertain that capability. I interrupt you. Carry on, please. You can go ahead and add more capacity, not a problem. You also could change the SLA. So the cube, one of the leading industry analyst firms, you bought every analyst firm in the world and you're using IBM Storage as a service, the pay-as-you-go cloud-like model. So what you do is you call up the technical account manager and say, Eric, we bought all these other companies, they're using on-prem storage. We'd like to move to storage as a service for all the companies we acquired. We can do that, so that would up your capacity. And then you can say, now we've been at SLA too, but because we're adding all these new applications or workloads from our acquired companies, we want some of it to be at SLA one. So we can have some of your workloads on SLA two, others on SLA one, you can switch everything to SLA one and you just call your technical account manager and they'll make that happen for you or your business partner, obviously, if you bought through the channel. All right, I got the hard question is what if all those other companies, the cube acquired, are also IBM's storage as a service customers? Can I, what's that discussion like? Hey, can I consolidate those and get a better deal? Yeah, if they're all storage as a service customers and Dave, I love that thought, we would just figure out a way to consolidate the agreement. The agreements are one through five years. One other thing also that's very unique is let's say for whatever reason, and we all love finance people. Let's say the IT guys have called up financing, we did a one year contract, we now like to do a three year contract, the one year's coming up and guess what? Finance is delayed for whatever reason, the PO doesn't go through. So the ITI calls up the technical account managers, we love your service, it's delayed in finance. We will let them stay on their storage as a service, even though they don't have a contract. Now, of course they've told us they wanna do one, but if they exceed the contract by a quarter or two because they can't get the finance guys who are messing with the IT guys, that's fine. One of the key differentiators, exactly the same price. Some of our competitors will also extend without a contract, but until you do a contract, they charge you a premium. We do not. Whatever, if you're at SLA 3, you're at SLA 3 will extend you and no big deal, right? And then you do your contract, you know when the finance guys get their app together and you're ready to go. So that is something we can do and we'll do on a continual basis. Last question, let's go way out. So, we're not doing any kind of near-term forecast. I'm trying to understand how popular you think as a service is gonna be. I mean, if you think about the end of the decade, let's think industry total, you know, one of the IBM specific. How popular do you think as a service models will be? Do you think it will be the majority of the transacted business or it's kind of more of a, just one of many? So I think there will be many, okay? Some people will still have bare metal on-premises. Some people will still do virtualization on-premises or in a hybrid cloud configuration. What I do think though is storage as a service will be over 50% by the end. Remember, we're sitting at 2021. So we're talking now 2029. So I think storage as a service will be over 50%. I think most that storage as a service will be in a hybrid cloud model. I think the days of 100% cloud, which is the way it started, I think a lot of people realize that 100% cloud actually is more expensive than a hybrid cloud or fully on-prem. I was at a major university in New York. They are in the healthcare space. And I know their CIO from one of my past lives was talking to him. They did a full-on analysis of all the cloud providers going 100% cloud. And their analysis showed that 100% cloud, particularly for highly transactional workloads was 50% more expensive than buying it, paying the maintenance and paying their employees. So he did an all-in view. So what I think it's going to be is, storage as a service will be over 50%. I think most that storage as a service will be in a hybrid cloud configuration with storage on-prem or in a colo, like what our IBM pay-as-you-go service will do. And then it'll be accessed and available through a hybrid cloud configuration with IBM Cloud, Google, Amazon, Azure, whoever the cloud provider is. So I do think that you're looking at over 50% of the storage being as a service, but I do think the bulk of that as a service will be as a service through someone like IBM or our competitors. And then part of it will be from the cloud providers. But I do think you're going to see a mix because right now the expense of going 100% cloud storage is dramatically understated. And when someone does analysis like that major university in New York did, they had a guy from finance help them do the analysis. And it was 50% more expensive than doing on-prem as a, either on-prem or on-prem as a service. Both were way cheaper. Okay, but you own the asset, right? And as a service model, okay. And I would bet, I would bet that over the lifetime value, the spend and it as a service model, just like the cloud, if you do this with IBM or any other competitors, I would bet that overall you're going to spend more just like you saying in the cloud, but the benefit is the flexibility that you get. Yeah, yeah. If you compare it to the, so obviously the number one model would be to buy. That's probably going to be the least expensive, right? But it's also the least flexible. Then you also have leasing, right? More flexibility, but leasing usually is more expensive. Just like when you lease your car, if you add up all the lease payments and then you, you know, at the end, pay that balloon payment to buy, it's cheaper to buy the car up front than it is to lease a car. Same thing with any IT asset, now storage network servers all are available on leasing. The net net is at the bottom line. That's more than buying it up front. And then storage as a service will also be more expensive than buying in my friend, but ultimate capability, altering SLAs, adding new capacity, being able to handle it up very quickly. We can provision the storage. As you mentioned, the IT guys can easily provision. We can version the storage in 10 minutes. If you bought from IBM storage or any competitor and you bought and you need more storage, A, you got to put a PO through your system. And if you're not the cube, but you're a giant global fortune 500, sometimes that takes weeks to get the PO done, then the PO has to go to the business partner. The business partner's got to give a PO to the distributor and a PO to IBM. So it can take you weeks to actually get the additional storage that you need. Okay. With storage as a service from IBM with our pay-as-you-go cloud-like model, all you have to do is provision and you're done. And by the way, we provide a 50% overage for free. So if they end up needing more storage, that 50% is actually sitting on-prem already. And if they get to 75% utilization of the total amount of storage, we then call them up, the technical account manager would call them up and their business partner and say, Dave, do you know that you guys are 75% full? We'd like to come add some additional storage to get you back down to a 50% margin. And by the way, most of our competitors only do a 25% margin. So again, another differentiator for IBM storage as a service. What about, I said the last question, but I have another question. What about day one? Like how long does it take if I want to start fresh as a service? How long does it take to get up and running? Basically you put the PO through, right? Whatever it takes on your side or through your business partner. We then will sign the technical account manager. We'll call you up because you need to tell us, do you want it in a colo facility that you're working with or do you want to put it on-prem? And then once we do that, we just schedule a time through your RT guys do the install. So, you know, probably two weeks. Yeah, okay. It all depends because you've got to call back and say, Eric, we'd like it at our colo partner, ABC, we got to call ABC and then get back to you. Or on-prem, okay, we're going to have guys in the office a good day when it's not going to be too busy. Could you come two weeks from Thursday? Which now would be three weeks for sake of argument. But that would be, you know, we interface with a customer with a technical account manager to do it on your schedule, on your time, whether you do it in your own facility or use a colo provider. Yeah, but once I tell you, once we get through all that stuff, it's two weeks from when that's all agreed. It's like the Xerox copy or salesman. Where are you going to put it? Once you decide where you're going to put it, then it's a couple of weeks. It's not a month or two months. No, it's not. And when you do additional capacity, remember there's a 50% margin sitting there. So if you need to go into the variable and use it, and when we hit 75%, we actually track it with our storage insights pro. So we'll call you up and say, Dave, you're at 76%. We'd like to add more storage to give you better margin of extra storage. And he would say, great, when can we do it? So we're proactive about that to make sure that you stay at that 50% margin. Again, our competitors all do only a 25% margin. So we're giving you that better margin, a larger margin, in case you really have a high capacity demand for that quarter. And we proactively will call you up if we think you need more based on monitoring your storage usage. Great, Eric gotta go. Thank you so much for taking us through that. Great detail, I really appreciate it. Always good to see you. Great, thanks, Dave, really appreciate it. All right, thank you for watching this Cube Conversation. This is Dave Vellante and we'll see you next time.