 Live from the Sands Convention Center in Las Vegas, Nevada. It's theCUBE at AWS ReInvent 2014. Brought to you by headline sponsors Amazon and Trend Micro. Welcome back to theCUBE, SiliconANGLE TV's flagship program. We go out to all the great enterprise shows, extract the signal from the noise, talking to all the users with the digital transformation. My name's Stu Miniman, joined on this segment by my co-host Jeff Kelly, our big data guru, the senator of big data. Pleased to have on this segment Aaron Hughes, Systems Architecture from the Washington Department of Fish and Wildlife. Aaron, thank you much for joining us. Thank you for having me. All right. So we had a lot of discussions actually about government and transformation. CIA obviously a big ripple through the industry over the last year. Can you, in the case a little bit, you know, what's your role and a little bit of the scope of IT inside your department? Well, I lead a team that's responsible for server storage, virtualization, both on-premise and in the cloud. So I basically, it keeps me very busy. Windows systems administration, Linux systems administration. I wear many hats, but yeah. All right. A little bit, you know, you own your own data center. It sounds like how long have you been using cloud? What's the breakup of your team on on-premises versus in cloud? How do you manage those two different environments? So we have the majority of our infrastructure is still on-premise. We do have, we run VMware virtualization on-site with NetApp back in storage. We have, we've been using the AWS cloud for about three years, three plus years. We've used it for, in terms of we've leveraged the Glacier services for archival user data backups. We've leveraged scientific computing capabilities of EC2 instance types. And one of the most recent projects that we've had was we had, we expanded a solution that basically was out there to be able to collect citizen science branded data or otherwise data that we've allowed citizens of Washington state to upload anonymously that helps us or the biologists of our agency be able to track species, different wildlife species and also be able to monitor the ecosystems that they live in. So we expanded out that environment because we, the original, the prototype environment was really only capturing anonymous data, data that was what we categorized as category one or public data and it could be shared with anybody. The new environment is a mixture of both that as well as some sensitive data. We're now capturing information on species that are protected. So some of those, that information cannot be shared with everybody. It has to be, you know, we have to basically vet that data and then we actually only provide some information to our biologists and also to a few people such as the tribes of Washington state, some of the temporary companies and whatnot. But yeah, it's been a great solution for us. All right, so that project, can you walk us through what the decision-making process, how that ended up in AWS and what it enabled you to do that you might not have been able to do on your in-house solution? Absolutely. Well, it was really, there was a security limitation. There are policies enforced by Central IT and the Office of the OCIO of Washington state basically stated that we could not basically bring in data from the public anonymously straight into the state government network. So we came up with the solution. I should actually point out one of the chief biologists and data manager for our agency Andrew Duff actually stood up the prototype environment on his own several years ago using a cloud builder with ArcGIS and he basically stood that up outside of our organization. We did a system to some degree as far as Central IT, our IT organization, our department but that allowed users to anonymously upload photos that were geotagged, basically using their cell phones. You can turn on location tagging that contains GPS coordinates and then that information is then fed through an ArcGIS server and then that information is fed up through ArcGIS online and presented to the public. So that was the original prototype and before we could then bring that information back down we then scrubbed that data, made sure it was clean before we brought it back into our internal environment. So really there was multiple reasons we started out with the cloud for security purposes, functionality purposes, there's multiple reasons. All right, so that sounds like a great partnership really between the scientists and IT. Can you talk a little bit about that dynamic and the role of data in your environment? Yeah, absolutely. Our scientists are obviously the stars of our organization. We're a scientific department or agency. That's what comes first. Really our role is to help support them and help bring their vision and make it a reality. There's a brilliant people, so to be able to use AWS in a system with expanding out that environment is actually awesome for me to be able to do is a really cool project to work on. Can you talk a little bit about the relationship between IT and the scientists? Because one of the things that we found in our research specifically around the use of data and big data is big data or small data for that matter is there seems to be a disconnect between the IT department who are standing up systems and the business user, in your case, scientists who are trying to actually make sense of all this data and do things with it. IT tends to feel like they're doing a pretty good job based on the feedback we're getting where the business side says but we're not getting the insights we need. And there's that kind of disconnect and of course it's got to be a collaborative environment. How do you approach that? Well, you know, we work closely. I'm going to mention Andrew Duff again. He's the data management. He actually has an IT background in addition to having biology degrees. So he's one of those people that bridges that gap between IT and we have central IT but also with each one of the programs also has IT staff. So the wildlife program has IT staff that helps their biologists and the scientists that work with them. Fish program has IT staff. The habitat program has their IT staff and we all work together. We try to work together as best we can with central IT to help provide them with the solutions that they need to be able to make their... to do their work. And I wonder if you could talk a little bit more about it. I mean, what are some of the insights that your scientists are finding? Any of the some of the more interesting analytic kind of aha moments you may have seen through the use of data analysis? Now, let's see. You mean example. Well, I mean, you know, so we talk, you know, there's in one of the real benefits that we're seeing of some of these new approaches to data are, but you've got, you know, the old ways you kind of got the reporting. You ask the question ahead of time. You model your data the way before those questions and then you get the answers. We're in the new model. The new paradigm is some of these more unstructured approaches. You can ask any question and you don't have to. So I think about it ahead of time and this potentially can lead to new insights that you couldn't have gotten in this kind of older world. It may not be an area that you ask some of those insights, but I'm just curious if that's something where... I guess our data services team, I work on the infrastructure. I'd like to be able to answer that question a little bit better, but you know, I work more on the server storage. We'll have you guys on again. We'll get the data, no problem. So Aaron, I wonder if you can unpack for us a little bit the security environment. One of the, I guess, challenges people have told us is that, you know, Amazon has great security, but it's their security partnership and usually you need to expand and work with some of their partners if you want something a little bit different than off the shelf. Yeah, and that was actually crucial for us to be able to expand the environment that we have right now, to be able to maintain sensitive data out in the cloud. We had to actually, you know, meet a security design review by Central IT for State of Washington and then later followed up by a desktop to make sure that we followed those steps to ensure that, you know, that we were doing everything that we said we were going to do to protect that environment. So we have reached out, you know, we didn't have, this environment that we have, we don't have a direct connect out into the cloud. You know, this is a completely separated environment, so we're having, we had to look for new tools, new solutions to be able to make sure that we had the correct monitoring. You know, the correct, we have the security layers that Amazon provides as far as network accoling and security groups. You know, that's one part of it, but our responsibility also is to be able to follow up and make sure that we're logging out information and making sure that the appropriate alerting was taken for the different types of monitoring that we had to put in place to make sure that that environment was secure and stable. Alright, and Aaron, how do your security policies span between the Amazon solution and your in-house offer? Well, the security, we basically, it depends on the category of data type, you know, and as far as sensitivity. You know, if, depending on what, you know, with the data, with species data, that is basically category two. So each category of data type requires different security measures to be enforced. So with category two data, we had to make sure that we had logging, we made sure that everything that we had firewall rules in place and everything was secure, but it wasn't as stringent as it may have been in flight with the CIA's data and things of that nature. So we certainly had to make sure the environment was secure and stable and we had to do our part as far as making sure that, you know, the basics were being covered with intrusion detection, prevention, firewall, all that kind of stuff was in place. I don't know if I should mention the exact solution that we're using to accomplish that. Trend Micro Deep Security is the product that we use for that and it's been a, they've been doing some solution for multiple reasons. The functionality that they provide and I'll say this, their cost models were great. They had a lot of great, flexible, when you work for state government, obviously, especially in Washington state, you're very scrutinized on what you're spending your money on, so you want to make sure that you're getting the best bang for your buck. It was interesting, over years last night I was talking to some people in Washington state, you really have not only overcast skies, but you've got the center of the cloud there because you've got not only Amazon, but Microsoft. Can you talk a little bit about the IT climate? My understanding, you guys do use the Microsoft still and looking at some of their cloud offerings too. Yeah, no, we definitely use Microsoft in-house heavily and we're looking to expand, we're looking to go to Office 365 and SharePoint online, so we're definitely looking at some of the offerings that Microsoft has with Azure as well. And I've actually done a proof of concept testing with Azure's IIS and I still have the opinion that the AWS solution as far as that goes is still several levels above what Microsoft offers, but Microsoft does offer some really great solutions and they're a great partner of ours. All right, so Aaron, I want to give you the last word on this interview. Amazon's put a lot of effort into the government solutions. What's your takeaway from this show? What events that they've been having for yourself and your peers that you take away and tell other people why did I be able to come to events like this? Well, you know, one of my job duties is I have to procure new hardware, I have to procure new infrastructure. We invested a very large sum of money last year in new network infrastructure for both storage on-site and as well as compute on-site. And I would really love to have the ability to extend our network out to the cloud like the CIA has done, leveraging the Gov cloud to be able to leverage and have Amazon take over more of that infrastructure as a service. So, you know, really I would really hope I get to come back next year and I get to tell a story of how we were able to extend our network out to the cloud and save our taxpayers considerable amount of money by using AWS's resources for storage instead of continuing to spend a lot of money on internal infrastructure. I really appreciate you coming to share with us how, you know, tech like the cloud is helping improve livestock and the wolf population and everything. Really interesting story. I appreciate you taking the time. We will be back with lots more coverage here from ReInvent 2014 after this quick break.