 Live from New Orleans, it's theCUBE. Covering VeeamON 2017, brought to you by Veeam. Welcome back to the Big Easy, everybody. This is theCUBE, the leader in live tech coverage. I'm Dave Vellante with Stu Miniman, and this is our first day of coverage of VeeamON 2017. We'll be here for two days. Haman Ferreira is here, he's the CTO of BankServe Africa, and from Set Africa, welcome to theCUBE. Thanks for coming on. Yeah, thank you, gentlemen. Always a pleasure to be here. So, quite a tour for you, you've been over here for a while, checking out a few different technology events, and what do you think of VeeamON? Amazing experience, so it's always great connecting with the partners, connecting with the vendors, and with my fellow customers. So, there's only one of us that can tell wall stories, and that is to one another, so it's always great connecting with people that knows what you're going through. So, tell us about your organization, the bank, what you guys are focused on. Yeah, so BankServe is the mutual that runs for South Africa, a payments clearing house, so we get owned by the banks, and we deliver services back into the banks. So, therefore, as you guys would know, the payments industry is going through a bit of a modernization exercise. So, long gone with traditional cash and check, and it's now all the different digital channels, and Vsta is also all the mobile wallets coming into play, so that necessitated us to have a re-look at the architecture. So, what is the new always-on service levels all about, and how do I build architecture that will help me exceed those service levels to the customers? So, for the past year, I'm in the job for about a year now, so we've been going through infrastructure refresh program, looking at every layer of a technology stack, and going from a new converts architecture right through the VM world, the Linux, Microsoft, Oracle, SQL, and then finally on top of a VM product. So, it gives me that great opportunity to protect data. Data is the new currency, I suppose, and we all got to make sure that's always available. It's protected, data is in place, so, before the whole product suite actually fits quite nicely into providing that 24, 7, 365 availability. So, the big driver in your business is, I mean, the question of senior execs at banks always ask us, do people need banks? So, that's a question that you've got to ask, you're serving the banks, mobile, and the whole, like you say, digital payments. Blockchain is potentially a very disruptive force. So, how does that affect, I mean, digital is data, we say that a million times in the cubes, how does that affect how you protect data? Not only the volume, but just the different types of data. Yeah, and what we see is different channels coming in South Africa, for instance, we've got like 150 art mobile wallets. So, how do I build the interoperability in between them that you can actually use your bank's wallet with another bank in the region or anywhere globally? How do I connect to Apple Pay and all of those sort of things? So, it necessitated us really looking at the total architectural stack. So, going through the whole modernization of the infrastructure, you build it out for resiliency, you build it out for that high availability, you make sure that it is covered from every single angle, and then you partner with the right guy. So, I've mentioned the Dell EMC, the articles, VMware, and then Veeam to make sure that I can provide the right information to the right customer at the right time. And should something go wrong, then I have got that safe back door. It's almost like Veeam has transformed the old traditional backup world where it was always that little grudge purchase at the end, almost that insurance policies someday I might need you. And I think with the new stack, they are now moving into the full architecture, they're now part of plan A and along the plan B. It's almost taking disaster recovery into two business continuity and that's really what we want to. So, infrastructure has always been critical for financial services companies. What's been really interesting to watch, you talked kind of that digital transformation. Many of the companies I talked to, it's their developers, they're becoming software companies themselves, and that puts a whole different kind of stress and strain on the IT people. Can you give us a little bit of color on that and what you've been seeing from kind of the business transforming? Are you a software company now? Well, I think my CEO will have a problem if I call ourselves a technology company. You understand your core business. Yeah, but it is in a sense, it's that solution making sure that the solution, the product, the inservice that you sell goes through the right channels. And for that, we have to think differently about how we develop, what we develop, what we partner in with people and what do I take back to the tech shop and say, develop this for myself? Talk a little bit about how you approach architecture and how that's changing. And then I'm interested in where data protection fits in. Is that, I infer from your title that it's more than just data protection and availability. So, describe your philosophy of architecture and sort of how you spend your time thinking about how to support this digital transformation. Well, first of all, you've got to understand the customer needs. So what is the SLA that you need to obtain? And how do you actually contract this in this new digital world? So, we have a new generation always on, always available, always there. And once you understand what you are obliged to do, then you can also then take that input into designing the architecture, getting the infrastructure and the services build out that enables you to succeed those SLAs. So, that's always a point of departure for me as a customer. And if I understand that then to pick the right technology solution, the right technology partners. And I was quite fortunate either in the South African market that got great support from other vendors but also the resellers. I've got a partner, Silicon Sky in South Africa that came in and brought it out for me at a remarkable pace. So, once you understand that target estate that you're going to, and we all know if payments message is now changing, new ISO standards, it's more rich data, so it's more storage, it's more competent on actually managing. So, if you don't pick the right tools right now, then that transformational journey will actually be more difficult in a couple of years time. So, that was the reason why we selected it and why we built, and we almost chose to build a new target state infrastructure so that we can migrate on to it instead of going back and fixing some of the legacy stuff. So, you can imagine some of the check processing systems and EFT systems has now been around for 30, 25 years, all of those sort of things. So, it's time that we really look at it. Quicker, faster, better, simpler. One of the big things we're hearing from Veeam here is that it's not just about virtualized environments, they have virtual, they have physical, they're supporting SaaS applications and public cloud. How does cloud fit into your strategy? Do you use public cloud as part of your technology stack? I don't at the moment, but being owned by the banks and sitting on a massive data center estate and owning the networks into the banks, I'm looking at transforming my business into a financial services cloud business and our whole company philosophy is building mutual digital infrastructure to the benefit of financial services. So, looking here and having a lot of chats to the partners about how do I enable that sort of secure cloud for financial services within my region. And you don't envision that'll be a public cloud, is that right? It'll be your cloud? Yeah, sort of all the benefits of a public cloud. In a protected data center, but they already own the shares and I am a mutual, so therefore there's no profit objective, so I think I can do things at a bit of a better price point, a better solution point. You know, the banking services, there's always the other aid of regulations, so personal information protection acts, PCI, all of those sort of things. And being certified in that, I think I can actually transform it and give them the same quality of service, partnering up with some of the big print. So, high degrees of automation to succeed at that vision. And what does that mean? That you just laid out that vision of cloud that serves your constituents through the other banks. What does that mean for data protection? How would you re-architect your data protection strategy to accommodate that? Yeah, it's from all the different angles, right? Picking the right database technology, picking up the right transport layers into it that makes it efficient, that makes it a real time. And then once it's in a structured format, how do I control that the best? So, others for the application work, others for the backup work. So, one of the big advantages for me in the real world is that my backup windows actually quite drastically decreased. So, that gives me just that opportunity to do more on my maintenance slots so I can be much more proactive in all the housekeeping. So, earlier this week, we had a very ransomware exercise and now instead of doing backups, I can make sure that the patch levels is 100% installed and those sort of things. So, it doesn't just come with a data protection of, I guarantee you that the information will be there. I took over environment, it was still tape, VTL, all of those things, off-site storage and for order to always on your case about when last if you test the backup and all of those good things. And the solution said, gives me the opportunity to make sure that the last line of defense is now solid, it's tested, it's regularly tested and I know that I can provide the right data to the right person at the right time. Well, ransomware obviously is on everybody's mind, the last couple of weeks. We don't have to ask who's security is a top priority, obviously it must be, but how has it changed in the last year or two in your environment? Yeah, it's this layer upon layer upon layer and that's the only thing that one can do is we're just to build it out almost like onion, make sure that there's another layer so it's with it is from what data at risk, encryption to tokenization to all the different ones. So I spent about the 47% of my technology budget just on IT security products. So it's 37, 37% yeah. So that gives us that ease of mind. It is my job to be the trusted utility. I'm only the trusted utility because I am trusted. So I got to make sure that I protect data and customer information to absolute them. That 37% is excluding staff or that includes staff? That includes most often. It does, okay. So that's a full budget view. Yeah, that's about it. That's a big number. It is a big number though. It's gone up in the last couple of years. Yeah, but if I tell you that I said to a few credit card information, surely you would demand me to make sure that it is actually protected at the right levels and layers and I protect it not only from external but also from my internal guys. So making sure that the database administrators don't have access to the data, the developers, all of those, masking the right information. So it's the only chance that you've got to protect yourself is to layer up and to make sure that there is defense on defense, making sure that you've got all the right management tools in place to make sure that one of the nice feature sets that I saw now is that the beam come also now spot some trains or even get a sort of traffic patterns on my network. So it will just form another layer on top of that. Yes, there's obviously a company like Veeam's in a position actually to provide analytics on anomalous behavior because you're backing up change data continuously and presumably if somebody's trying to do some nefarious things you could see some anomalies in there, right? Absolutely, and if I can validate that out of two or three different ways and make sure that I've got all the basics in place then I sleep a bit easier at night. All right, we'll leave it there. Hamad, thanks very much for coming to the Cube. It's good to meet you. Thank you, enjoyed it. All right, you're welcome. Keep it right there, buddy. When I went back, we're live from Veeam on in New Orleans. Right back.