 Live from Las Vegas, it's theCUBE, covering Dell Technologies World 2019. Brought to you by Dell Technologies and its ecosystem partners. Welcome back everyone to theCUBE's live coverage of Dell Technologies World 2K19 here in Las Vegas. I'm your host Rebecca Knight along with my co-host Stu Miniman. We are joined by Cliff Madrew. He is the VP Cloud Solution Architecture and Engineering at Iron Mountain. Thank you so much for coming on theCUBE. Thank you so much for having me. I truly appreciate the opportunity. So Iron Mountain, we know the trucks, but there's more to the story now. So why don't you tell us a little bit about the company and about how you're expanding into new terrain. Absolutely, so I mean, you said it, right? Most people know us for the trucks. They know us for physical asset management, records management, and how we help customers protect their physical information. We've been through an evolution. We've been through a transformation as a company evolving with our customers to help them as they digitally transform. And what's interesting for our customers in particular is that they live in this world of a physical and a digital realm and how do they move from one to the other. And that's where we focused a lot around building our portfolio of services is helping our customers through that transformation along with everything that we've done in history and through history and our legacy around protecting physical information we've carried through into our services with a focus on what we call iron cloud, which is built around that same chain of custody, that same security for our customers. And we're leveraging a lot of Dell EMC technology within iron cloud to make that happen for our customers. So as you're transforming, you are helping other companies transform too. We are customer focused and we're moving right along with our customers to help enable them. Yeah, Cliff, it's been fascinating to watch. You know, the traditional storage industry is now focused on the data more than ever and you know, we hear so many stats about, you know, how much data is available, searchable. You know, I think back to Iron Mountain is like, oh, well for governance requirement or for legal issue or things like that, I had to retain. But tell us how the changing role of data. You know, you were in a T-shirt that said data deserves better. So I think data is probably central to what you're talking about and absolutely in the cloud, how that's changed and how your customers look at data. Data is at the core of everything that we talk about with our customers. And I work within specifically our data management group and to your point, you know, focus on customers' data and how are they able to either leverage the historical data that they're currently storing with us, leverage the physical data that needs to be transformed into something that's digital, something that's searchable. You know, we've just recently launched a tool called Insight which gives full analytics capabilities on some of those data sets for our customers. And then how do you maintain the protection of that data in its digital format? And you know, even if you go to our tape-based business, which is all about data protection and getting that data protected off-site, well, in the world where people are, you know, looking to the cloud and for hybrid strategies, looking for as-a-service type offerings, they're trying to move away from that physicality and having to manage that information physically. And so, you know, for those customers in particular, we're able to take a look at their data requirements and we're able to help them evolve that strategy to make sure that their go-forward in the cloud is meeting the same needs, whether it's compliance. You mentioned, you know, regulation, right, regulatory needs around building out a strategy. Our information governance tools around policy management and how do you ensure the appropriate retention of that data while mitigating your risk and not keeping things for too long. All of those play into the hybrid world and in particular, into a multi-cloud world, right, which we hear a lot at these shows, is talking about how to leverage, you know, best and breed SaaS applications and other applications that are either hosted in the cloud or you're migrating workloads to the cloud. The same challenges that all of our customers have really seen with the physical assets that they've managed in the past, those challenges still exist but in a digital realm, right? And so, you know, when you think about that, you're now creating these silos of information. Well, if 80 to 90% of that data is infrequently accessed or archival or needs to be retained to meet a compliance need, how are you still managing that and how are you able to do that in that multi-cloud world? And that's where we're helping our customers understand the information they're managing, understand how to apply policy to that data, how to really garner insight from that data because, again, it's all about the data, like you said. But cybersecurity is another very important priority. Let's back up a little bit and just sort of lay the foundation for our viewers about breaches and about attacks. I see a statistic here, Verizon data breach index, 28% of cyber attacks were committed by inside actors. We keep thinking about these nefarious actors being from foreign nations and these other hostile, but inside, so what is, talk a little bit about that. Absolutely. When you start to develop a, you know, we like to talk a lot about cyber resiliency. So, cybersecurity incorporates a lot of things. Some of those things are around the prevention of bad actors from gaining access to your data, but we think about a lot around how do you ensure you can recover when you have an attack and how do you protect the data so that you can recover the data when you have an attack and what we're trying to help our customers understand and help them develop is a strategy around recovery because there's no such thing as complete prevention and even leveraging some of the tools and some of the things that have been announced at the show that SecureWorks is working on and some AI-based tools. Although you can drastically reduce your risk of an attack, the reality from my perspective is you cannot prevent an attack and so you need to ensure the data's protected and when you think about an insider threat, so 28% of attacks are from an insider perspective and actually roughly 68% of attacks come from unnoticed for months and so that means someone's on your network, that means they're monitoring you from the inside and they're trying to understand the patterns and how you protect things and how can they infiltrate that process and when we work with customers, we're looking at first, how do you identify the critical data that you could not recover your business if you were to lose it or if it were to be destroyed and we help them build strategies with what we call critical protection and recovery, our CPR service, that takes a copy of that information. It's managed by Iron Mountain, which I think is one of the most critical aspects of the service, because an insider threat is something that's very hard to prevent when someone understands the inner workings of your environment. So by having that solution managed by us, having that put in one of the most secure data centers in the world, so we spent over $2 billion last year and we have some of the most secure facilities in the world, it really helps customers prevent that insider threat as well. Cliff, the one word I didn't hear that I was expecting here in that discussion was ransomware. Okay, sure. How does that fit in? Sure, so ransomware is just one of the multitude of different challenges that our customers are faced with when it comes to cyber protection. So from a ransomware perspective in particular, I think it's roughly 20% of companies or so we're not able to recover their data from ransomware. I think the number is probably even higher than that. And again, backup and disaster recovery are not cyber resiliency solutions. They can give you a level of protection and in some cases you can recover from ransomware by restoring a backup data set. But depending on how you're configured, if your data's online, with Iron Mountain in particular, we know an awful lot about the tape business. One of the values of tape is being able to take data offline. But again, one of the things that customers are moving away from is having to manually manage that process. And so with something like Iron Cloud and with CPR, we can take that data and we can create an air gap so that you have the protection from the network. So if you have a ransomware type event or something that crawls your network, you have an air gap now from the network perspective. Your data is isolated because of that air gap. And then the third component is really an administrative air gap. And this is the one around any type of insider attack or ensuring that one of your employees, because 17% of attacks are social attacks, right? So again, all the software in the world can't change a psychological attack on one of your employees who does have access to a system. And so again, having that administrative air gap is what we like to call it, where you have an independent third party that is now protecting that data in an air gap format. And again, we offer the ability to take it down to tape so you can still have many versions to recover from, because if you have an attack that's been months on your system and you need to get a clean version of a file, now we have the ability to bring that into what we call a clean room, have that, you can run your forensics on that in a very secure environment that'd get completely isolated from where your data's been attacked and then bring that data back to recover successfully from ransomware or any other threat. Can you give us some examples of customers that are using Iron Cloud CPR and the business impact that they're seeing? Sure, yeah, so one of our more recent customers is an insurance provider in the Boston area, and they wanted to ensure that the policy data for their customers was protected against any type of attack, right, and that they could always recover that information. In their case in particular, their data domain user, they wanted to leverage the technology they've already invested in as a way to get Iron Mountain the data, and with Iron Cloud we support CPR for data domain, so we have the ability to take that data and replicate that data to our Iron Cloud and then offer the air gapping and offer the cyber resiliency solution to those customers, so. That customer in particular, again, that major database and a couple of databases that had their customer information is what they wanted to protect, and in many cases, our customers don't always know what they want to protect, so we're helping a lot of customers right now understand their data and leverage some of our advisory services to understand what those crown jewels are, what it is that we really need to ensure is protected from a cyber perspective, and we're also dealing with a lot of right now financial institutions, so when you get to account information, transaction data, ensuring that that information is protected, again, that's a strong point for cyber resiliency solution for Iron Mountain, so. All right, so Cliff, the Expo Hall's right behind us over the shoulder here for these people that didn't make it to the show, give them a little flavor as to what's the energy been, any cool things you saw, and any meaningful conversations or talking points you've heard from customers. Yeah, I mean, the energy is infectious in a good way. I always love these shows, but the amount of customers, and Iron Mountain in particular, we have 235,000 customers, so a lot of our customers attend these shows, and to be able to engage with them and have them understand our evolution, we're very well known for our records business, for our shredding business, and not everyone understands the breadth of services that we can offer when it comes to digital information and helping them through their transformation, so some of just the speaking engagements that I've had here, the crowds of people gathering and understanding and following up at the booth to really understand more about how we can help and scheduling follow-up sessions so that we can help them through that transformation whether they're coming off of tape or they have critical assets that need protection, critical data that they're interested in CPR for, I've had so many engaging conversations, so it's always great. Well Cliff, thank you so much for coming on theCUBE. We really appreciate it, it was a great conversation. Thank you so much. I'm Rebecca Knight for Stu Miniman. You have been watching theCUBE's live coverage of Dell Technologies World. We will see you next time.