 Live from San Francisco, it's theCUBE. Covering Google Cloud Next 2018. Brought to you by Google Cloud and its ecosystem partners. Hey, welcome back, everyone. It's theCUBE, live here in San Francisco for Google Next 2018. I'm John Furrier with Dave Vellante. This is day one of wall-to-wall three days of live coverage here on the floor. Our next guest is Karthik Lakshmi Narayanan, who is the Director of Product Management for Cloud Identity, one of the core products at the edge authenticating users, people, and applications and devices. Karthik, thanks for coming on. Yeah, thank you. It's good to be here. So take a minute to explain, because obviously Cloud Identity, we've seen identity systems in the enterprise, anyone who's dealt in the enterprise, who have been buying IT, have been buying IT stuff that's around identity, and then something new comes out and I got to refresh that, I got to buy this, rip this out, replace this. So identity's been super important, but it's been kind of stove-piped within applications. The cloud is horizontally scalable. The benefit of the cloud is that you kind of do it once, if you do it right, architecturally, you can scale it. Absolutely. Take a minute to explain how Cloud Identity works, and has it fit into the future of what people expect from the cloud? Yeah, absolutely, thank you. And Cloud Identity, our solution is to help organizations securely manage people, applications, and devices in the cloud. So just exactly like what you're talking about, user identity is evolving, because organizations are now coming in and saying, what is this mobile cloud thing? How do I adjust? Because users are getting increasingly trained on consumer-like behavior. They just want to turn on, connect to their cloud services, use their mobile devices, and be up and running. Organizations have been trained for years to think about the corporate network as their security perimeter. So how does that happen in the cloud when the data is no longer on-premises? So that's what we do with Cloud Identity, where you look at signals from your users, from your devices, and other things that you're trying to do, and give you a different way of accessing the cloud. For the folks watching who might have missed the keynote, it's going to be on demand. Go to YouTube, I'm sure it's on the Google Cloud channel. One of the things Diane Greene said, and also we saw in the demos we were talking before we came on camera, was you showed a demo of basically cloud and on-prem solution. It looked just like one dashboard, like just the node in the network, and everything's kind of clean. Diane Greene then mentioned that when she came to Google Cloud years ago was to just share what was already built over 25 years, or 20 years, to the masses. So okay, that's cool. But the question I want to ask you is, people don't want to be like Google, or buy Google stuff to implement in their non-Google environment. They want to use the Google services. So they want the benefits of what you guys have experienced. So this is kind of a cultural nuance within Google Cloud where it's like, you're not telling me to be like Google, just use the services. Identity is super important. You have all this institutional knowledge, and low latency signals from whether it's Android, Chrome, Search, user experience. How are you guys putting that into it? Does that help your product? Is that a benefit to the customers? Is that more of a future thing? Because when you're out as a service, I can almost see identity as a service scaling to a point where all these things are kind of taken care of. What's your vision? Yeah, absolutely. So just a couple things. One is something called BeyondCorp. I think a lot of folks are familiar with it. It stands for Beyond the Corporate Network. And I want to touch on a couple things. One is that today we make access decisions based on who you are as a user, the state of your device, and then context. And context is really king now in a cloud-based world where we look at signals. Signals around the data that we can get even from our consumer services, but carefully curated and making sure we meet all the compliance policies. Where we can now look at these signals and we do what we call context-aware access. So the idea that what are you trying to access, where are you accessing from, and who are you as a user and what kind of device that you are at? That's the perfect combination of what you just said. And we call that context-aware access, and that is absolutely central to how we offer cloud-based. That's a classic example I've seen. We are Gmail customer, obviously, and with G Suite. So I log in from Paris. Yes. Like, hey, wait a minute, you're not in Paris. So you guys, is this kind of an example of that? Yeah, it's funny. I feel like you're part of our team because we call this the Superman scenario. Because if you just logged in from, say, California, and then a moment later, we see an access request coming in from Paris. Then we know it's not just because you have the valid username or password. We know that's not right. That's just a trivial example. Like, Google does a great job of crawling the web. So we don't just know what the good sites are. We know what the bad sites are. So if you're even trying to access a bad site, we can stop you. There's all kinds of things we do with this. So I wonder if I could ask you about enterprise IT. John, at our kickoff this morning, said, you're Google's 10 years, maybe even 15 years ahead. And as he was just saying, people can't go that fast to be like Google. So how do you, I think of a caravan where the fastest truck in the military caravan has to slow down so the whole caravan can keep up. How do you manage the fact that you're going so fast but enterprises move at this, we sometimes joke, they move at the speed of the CIO? What's your perspective on that? And how do you deal with that challenge? No, absolutely. So I think our core philosophy, our design philosophy with how we've built the product is really meeting customers where they are. That's key. Meeting customers where they are. So we recognize, take some of our advanced technology with Kubernetes and we recognize that organizations are still building a lot of applications on premises. So we took the power of Kubernetes and made that available on premise. We just saw that today. Another example, we connect to systems of record. We know Microsoft Active Directory is largely the identity record of choice in large organizations. So we connect very seamlessly with them, we sync with them and we use a federated identity story. So you don't have to move to all in Google Cloud. You connect Google Cloud, you augment your existing infrastructure and that's how we make it all work. So really making sure that we are inclusive and meeting customers where they are is how we've designed everything, including cloud identity. And my follow-up on that is architecturally, how do you future-proof it? Now part of it is you have a lead on the rest of the world. So you have visibility on things that others aren't going to see for years. But at the same time, you don't know every, you can't predict the future. So how do you future-proof your system architecturally? Maybe talk about that. Yeah, I think there are a couple things for us. I mean, we are big on open systems so we make sure that the cloud, as we all know, is built on standards. So as an example, the security keys that we talked about was largely invented at Google, but we made sure we contributed that back into the standards community. That's an example. We are big on APIs, making sure all our APIs are out there and we support federated standards like SCIM and those other things. So we make sure that an organization can use not just us, but whatever identity system of choice and we interconnect through standards and APIs. I think that's the way forward. Sorry to ask you, since you do product management, which is you're building products, I used to run a product group at a big company and products are built differently now than they are with the cloud. So how is the role of building a product change? I mean, product management, you got to have the right features, you got to have customers. But we're living in a services world where you have a service as the product or the platform as the product in a cloud-centric world. How do you guys do that product and share some insights for the folks watching? Customers get an insight into how you guys work because it's not your classic product management or is it? How are you guys doing things differently? Because business models are being built as a service. Things are changing so fast that a new service like Istio could literally change someone's business overnight leveraging some of these core services than you guys have. Yeah, so let me share a couple of things. I think some things are always going to be the same if you do our jobs right, which is there's customers, there's customer needs and making sure the solutions we provide, not features, but solutions meet customer needs. I think in that regard, whether you deliver it as a service or as a non-prem, it does not matter, that's a delivery model, but you want to make sure we take care of our customers. I think one of the challenges we find on the cloud side is the pace of which we are delivering features and a lot of times the IT person or the decision maker in an organization wants to make sure they stay in the loop on this. They are getting ahead of planning. You don't want to change that went out so rapidly that the users are confused, they're getting help desk calls and things like that. So we have a very structured communication mechanism that we work with, we share road maps and timelines so it helps organizations really think about what's coming and so I think the service delivery and the service consumption is more of a partnership now even though on the consumer side you might think it's just as a service we push a change. I think it's really a partnership. It's faster too, I'd imagine, right? Absolutely faster. I mean your acceleration of service is faster. I think we can meet needs exactly. We can meet needs a lot faster. I want to just call out that Google consciously takes into account the fact that we don't want our changes to be so fast and so disruptive you want them to be well received. So we really partner with our partners in the customer organization. It's interesting, Dave mentioned the caravan example. I would say that enterprises move at a glacial pace. Many users feel that way. But they're buying IT in the past. Now they're essentially leveraging scaled services that are pre-built so they can get things going faster. This is the new normal where they'll be buying services not IT products. That's right. So you mentioned solutions, solutions and services. Is that kind of what you're getting at? Yeah, I think absolutely. I mean if you think about what's happened, as mentioned earlier today, IT was a cost center and now we're moving into, like hey, how do we get ahead and build a competitive advantage? So I think absolutely, you said it well. So plus one. Karthik, you talked about some of the standards that built out the internet. Now you're seeing with blockchain a spate of new protocols being developed. All this innovation. A lot of talk about KYC, know your customer and anti-money laundering, AML. Perspectives on what's happening in that blockchain world. Obviously it's relevant to identity. Yeah. What are your thoughts on what's happening there? Yeah, a couple things. One is we think blockchain is very interesting. It's something that we continue to look at. I personally look at blockchain as amazing technology but it go back to what are the use cases and needs that we need to solve. And so let me throw something out there. It is not very well thought out as it's just an idea. But we think about, one of the things we've tossed around is like bring your own identity. There was a time when identity was, think about your cell phone number if you remember was once tied to your provider. You change your provider, you had to get a new number. And now you have portability, you don't think about it. So if you think about you as a user, you are who you are and then there is an identity or a profile that exists on a personal side. There's identity that happens. So there is protection and this context of that access. Things like that that blockchain could now enable because you now take your identity and you go with you. Whether you are in the consumer context, you are in a work context or even switching from one job to another or one role to another within an organization. And so I think blockchain could be technology that is very foundational and fundamental to decentralized notions where I as an organization manage your policies and lots of other things but who you are as a person stays with you. The old model was bring your device to work. Your base was all about bring your identity to the world under one immutable, own your own data, trustful way. That's enabling its identity as a service at a whole other level. Very different level. I think we are not there today because right now I think organizations are shifting mainly from wrap their arms around the user and the identity and they're super paranoid about just moving through the clouds. I think the first step is just making them fundamentally comfortable with everything they need. But once we build, I think your trust point is key. Once you have that governance and that secure platform, I think we can start shifting towards bring your own identity and how can that all coexist. And why do you think the consternation about moving to the cloud? Is it because it's just a still unknown and still somewhat new? Because I mean by all accounts when you talk to the experts and they'll admit the cloud is more secure than what I can do on prem. Why the consternation do you think? Absolutely, I think the key part is the simplicity that comes and I think it's a new model that has not yet been mastered. So how, you know, cloud is secure, yes. But when my users start doing things that I don't really want them to do, what we call shadow IT, they're very worried about it. And then on the flip side, they've been trained for years, decades, to this whole old model of corporate network. And now we're saying the cloud is open and the internet is your new network. So that I think scares a lot of people, but customers when they come to Google and they see our BeyondCop story, our cloud identity story, then they know that they can achieve both. Higher access for employees and advanced security for organizations. I think the BeyondCorp is very relevant and we've been tracking that, we find that super fascinating. On the shadow IT, we've been reporting on shadow IT now it's our ninth year day, we've been talking about it. But the shadow IT though is just an early adopter form of DevOps. So I think shadow IT has kind of regulated itself to as a stepping stone for cloud. I mean SAP used to do shadow IT as pre-sales and then the customers moved everything to the cloud. So I think shadow IT is much more of a kind of a kindergarten or the first step to DevOps. I think that DevOps is a big, I think is where a lot of organizations are moving. I think depending on where the organization is going back, they like the IT admin led model, they're experimenting with DevOps. There's a lot of experimentation going on. I think what I like about shadow IT, not from a security risk perspective, but it's signaled a clear intent from the user to their organization saying, I want access to these services fast and make it simple. I think that is a clear signal. I think R&D sandbox, the way I look at it. Final question before I know you got to go. Thanks for coming on, I appreciate your time. How are you guys going to roll out this Identities of Service? Who's your competition? How do you guys compare? What's the story? What's the vision? Share some of the competitive strengths and weaknesses? What's going on? Yeah, I think three things for us. It's already available today. You can go to cloud.google.com slash identity. Sign up for a free trial and we give you everything from identity as a service to device management and all of that. The things that we focus on is smart, secure, and simple. The idea being that we can use ML-based security to automatically protect. No longer can an IT admin go and set reactive policies. We just have to use data and set proactive policies and protect them to your points earlier about endpoints and other data coming in. So that's the smart piece. We also have a unified single pane of glass, unified administration, one admin console to manage everything. Because people are complaining about the complexity of these solutions that they got to put together. So you get cloud identity, you get one thing. Everything from not just the administration but also the licensing. It's one price and you're done. You never have to worry about it. And then last but not the least, it's always, it has to be secure. The things that we've talked about from security keys, I've never changed my password for the two years I've been at Google. I use security keys. I've never typed an RSA key in or anything like that. It's fascinating how simple we can make it. And so that's really what we like, smart, secure, and simple. Awesome, well congratulations. Looking forward to see how this scales out, certainly foundationally. Identity is super important. Identity is when the bedrock of cloud is part of that system that scales theCUBE. Bringing you all the best content scaling here at Moscone with all the great content from Google Next. I'm John Furrier, Dave Vellas. Stay with us for more day one coverage of three days of live coverage here in San Francisco. We'll be right back.