 From theCUBE Studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is a CUBE conversation. Hey, welcome back, you're ready. Jeff Frick here with theCUBE. We're coming to you today from our Palo Alto studios, talking about a really important topic and that's data. And as we hear over and over and over right, data's the new oil, data's the new currency, data's driving business decisions, data drives AI, data drives machine learning. Data is increasingly important and we're still kind of waiting for it to show up on balance sheets, which is kind of implied in a lot of the big valuations that we see in companies that are built on data. But one of the important things about data is taking care of it. And we're excited to have our next guest here to talk about some of the things you need to think about and best practices in securing your data, backing up your data, protecting your data. And we're joined today by Tim Berlowski. He is the Senior Director Product Management from Veritas, joining us from remote, I believe you're in Minnesota. Great, Tim, great to see you. Yep, thanks for having me. Absolutely, so let's just jump into it. So all we hear about is data these days. It's such an important topic that is growing exponentially and it's structured and it's unstructured and it's so core to the business and are you making database decisions and are you getting enough data to drive your AI and your machine learning algorithms? I mean, data is only exploding. You've been in this business for a long, a long, long time. I wonder if you can share your perspective when you hear these things, more data's gonna be created in the next 15 minutes than was in the entire history of man before us or I'm making that up, but it's been quite an explosion. Yeah, I know where you're coming from and frankly, I don't even put that in my presentation anymore because it's a lot like saying gravity exists and things that you drop out of a window will fall to the ground. Everyone's heard it, everyone's aware of it. The numbers are just so staggering. You don't even know what to do with it. Like how many iPhones could you stack to the moon and back and then to Saturn? It doesn't make sense, but the truth is we are seeing an explosion. Everyone knows it, we have to manage it better. Now for us, a lot of what we do is in this data protection space where we want to make sure that data is protected and always available and all of the data that's been created and the growth in mission critical applications. It's no longer seven to 20 mission critical applications. It's hundreds and hundreds of mission critical applications means you have to be ready with a recent recovery if necessary and you need to provide that data back to the consumer as quickly as you possibly can because you've got people waiting on it. We've all got our apps on our phone. We're looking at our bank account 24 seven. We don't wait until a teller appears at 9 a.m. anymore. It's not the world we live in. Right, and I'm just curious if you've got some tailwinds in terms of, you've been in this market for a very long time in terms of people finally realizing that their data is really more of an asset than a liability and the investments to gather it, protect it, analyze it, have it ready for a refresh if there's some problem is really, it's a positive investment towards kind of revenue and strategic importance to the company as opposed to kind of a back office IT function that we're kind of taking care of business because we have to. Boy, that one really varies a lot by company. I see companies taking shortcuts and outsourcing and then suddenly you'll see them in the news and they discover that they had a major outage for a couple of days and suddenly practices change very, very quickly. The relative comprehensive, sturdy and reliable infrastructure that people run today sometimes lulls people into false security and then you see a major airlines with a multi-day outage and you go, hmm, I think we missed a few steps in the process. And so it sometimes takes those rude awakenings but the companies who are really taking it seriously and starting to practice pruning their data, examining their data for PII. So they meet various compliance regimes and other in various states and countries and starting to think about their backup stream really being how do we get a fast recovery instead of how do I make a copy which I will never use again are really starting to drive a more efficient IT operation when it comes to data protection. It's an interesting take in reference to having some issue because we do a lot of stuff around security which is related to but not equal to this conversation. And one of the topics in security is that most people have already been breached. It's just a function of how fast can you find out and how fast can you minimize the damage and how fast can you move on. Why are they breaching? They're breaching to get the data. So I would imagine with this constant reading in the newspaper of who is breached here and everywhere, pretty much every day that that's got to be a huge driver in terms of people kind of upping their game in this sophistication of the way they really think about data protection. It is, and I'll tell you, I've had the misfortune I would say of talking to customers who are in the middle of recovering from a major ransomware malware attack. And it's a very difficult proposition. And what customers often discover is they haven't practiced enough. They don't have enough of a DR plan present. We are certainly rising to the occasion. Our products are sort of the last thing that often stand between the customer losing their data completely. And so we're looking at a number of technology innovations that will enable them to store their data on immutable devices and for the backup infrastructure to be completely aware of that, which will be announcing later this summer, which we're very excited about. And of course, you know, from our perspective, for our appliance portfolio, we've always provided a couple of extra layers of security against intrusion detection and intrusion prevention right out of the box because we know the backup infrastructure becomes this collection of the very most important data in your infrastructure because that's the thing you back up and you want to restore if there's ever any sort of man-made disaster or otherwise. Right. So I want to shift gears a little bit and talk about kind of the evolution of the infrastructure kind of a scene, if you will, right? With the rise of public clouds, you know, with Amazon and Google and Microsoft Azure. And then, you know, obviously, you got your tried and true data center. Lot of talk about HP Discover this week about, you know, kind of going from edge to cloud and data center in the middle. So the environment in which these applications live and these applications run and where the data is relative to those applications is evolved dramatically over the last, I don't know, you probably have a much better time perspective than I did, five years, 10 years, but it continues to accelerate in this kind of application-centric world versus, you know, kind of an infrastructure-centric world. Just curious to get your take on, you know, kind of the challenges that presents to your company and to what you guys are trying to accomplish and how do you see that continuing to evolve and get not simpler, but more complex over time? That is a very astute acknowledgement of what's going on in the industry. And I often call it, the industry's getting weirder. I would have thought at some point we'd sort of have Linux and Windows and a couple of database vendors. And the truth is the database vendors exploded. And it's not just Linux anymore, it's containers. And it might be a container based on CentOS and it might be a container running in the cloud or it might be a simple function, like a Lambda function running on nothing in AWS. And so this whole world has gotten a lot stranger. From our perspective, I think the biggest change for Veritas has been a renewed focus on APIs that we make public to customers and ways that we can glue and stitch these systems together. Now, of course, it doesn't replace the deep integration we do with companies like VMware, with Docker, as well as the container ecosystem around OpenShift and some of those technologies. But from our perspective, we've had to be a little bit more prolific in what we support. And the truth is, it's all files, it's all objects, it's all things we've done before, but they just keep bubbling up in new and different ways. Right, but what's interesting though is you touch on all kinds of stuff there with Kubernetes and clouds and containers is a lot of it's kind of ethereal, right? The whole idea of a cloud-based infrastructure is that you can bring it up and bring it down as you need it, you can adjust it as you go and literally turn it off when you don't need it and bring it back up. And then you add to that serverless and this kind of increasing atomization of all the different parts of compute. Kind of an interesting thing for you guys to try to back up as these things are created and destructed and we hear these crazy stories of automating Kubernetes to spin up tons of these things at a time and then bring them back down. And then I'm curious too, within that is also the open source kind of challenge and continuing to have evolution in open source technologies, APIs, et cetera. So it is, I like getting weirder and weirder on a number of fronts as you guys continue to evolve with the market. Absolutely, and I'll tell you, you have to think about all technologies as being on a bridge. As I remind people, we have washing machines, they work really well, but washboards still exist even though it's a technology from 18th century or beforehand. Now, they might be used as they'll still do exist. Now, my point in this is people need a bridge. Most enterprises run on an amazing amount of technology they've developed as a stack over the last 10 to 15 years and they can't immediately rewrite that and put it all in a cloud container. So we're actually seeing a lot of use of containers and Kubernetes with fairly heavy application stacks. When you think about something as heavy as all of Oracle inside of a container, you can understand that is a big lift for a container and it's not ephemeral at all. But then it reaches out to storage that has that persistence value and that's where we come in because we want to make sure that persistent storage is always protected and easily available to the customer for any recovery needs. Great, so I want to shift gears a little bit, Tim, to talk about regulations and compliance because as we know regulatory requirements drive a lot of behavior and activity and really oftentimes are ahead of maybe the business prerogative to do things like provide backups, provide quick and easy access because you need it for a Freedom of Information Act request or you need it for some type of court type of activity. So I wonder if you can kind of talk about how the regulatory environment continues to evolve over time and how does that impact what you guys are doing in the marketplace? Great question. You know, the biggest place it's affected us is customers are starting to think about privacy and where do I have data which relates to, you know, personally identifying information and that's really driven a lot by the European regulations around GDPR. Then we're seeing the California Privacy Act come in and a number of other states are considering legislation in this area. In some ways, it's actually been a good new story for data protection and data management because people are starting to say I should identify where the data is, I should figure out where the PII is and I should make sure I'm actually using my backups for the right purposes, which is something we've always believed in. We've always thought, hey, Mr. Customer, I see you're backing up an Oracle database for 10 years. What are you going to do with it in 10 years? Are you going to install Oracle 7 and reboot it? Doesn't really add up to me. So how can you get to a true archive for that data you really need archived? And then for your backup set, how can you keep it lean and mean and just keep it for the length of time you actually need it, which for many customers, could be as little as 14, 15 days, maybe six months, maybe a year, but it's often not those extreme retentions people were thinking of when they were building their tape-based infrastructure 10 years ago. Right, that's funny, because as you mentioned that, all's I'm thinking of is big data, right? And this constant kind of conversation in the big data world is, do you keep everything forever with the hopes that at some point in time, there may be a different algorithm or a different kind of process you might run on that that you didn't think about, right? Kind of schema on read versus schema on write. But to your point, is that necessarily something that has to be backed up? But it sounds like a lot of policy-driven activity then to drive the software to define what you back up, what you don't back up, how you back it up, how long you back it up. And a lot of, you know, kind of business decisions as opposed to technology decisions. Absolutely, and that's been on the back of, you know, the price of storing a bit of data has declined over the last 10 years, you know, on average 15% year over year for a very long time. So people have ignored the problem, but the truth is when you're really working at scale, there's a tremendous amount of waste. And we've identified for customers using our data analytics technology, millions of dollars of cost savings where they were both had storing files on, you know, expensive primary tier one storage and they were backing up that same bit of information every single week, even though it hadn't changed or hadn't been read in seven plus years. And they couldn't find an odor for the information in the company. They literally didn't know why they had it. And I think people are starting to consider that, especially in budget constrained times. Right, it's so funny, right? Sometimes it's such a simple answer. A friend one time had a startup and he was doing contract management. This is 20 years ago. And I was like, how do you manage the complexity of contracts inside software? Again, 20 years ago. And he said, Jeff, that's not it at all. We just need to know like, where is the contract? Who signed it and when does it expire? And they built a business on answering simple questions like that. It's sometimes it's the simple stuff that's the hard stuff. But I want to shift gears a little bit, Tim, on what Veritas is doing in the market in terms of still having appliances. You know, I'm sure a lot of people like, wait appliances, why are we still using appliances? This is a software defined world and everything just runs on x86 architecture. You guys still have appliances. Tell us a little bit about the why. And some of the benefits of having kind of a dedicated hardware, software piece of equipment versus just a pure software solution that sits on anybody's box. That's a great question. Thanks for asking. When I think about that world, you have to understand Veritas at its core is absolutely a software company. We build software and we preserve the choice in how the customer implements. When I say we preserve choice, we obviously still support old school Unix. We certainly have an enormous investment in the x86 world, both on Windows and various Linux flavors. And of course you can run the same software in the cloud. And of course you can run it inside of a virtualized infrastructure. So we always like to preserve choice. Now, why did we create the appliance business? It's frankly because customers ask us to. The thing that made storing backups on disk affordable was this technology known as deduplication, which at its heart is just a fancy kind of compression that's very, very good at copies of data where there's a lot of blocks that have been seen before. And so we don't store them if we've seen them before. We simply store the ones that are new and fresh. So from our perspective, customers said we want this technology and the market really moved away from general purpose solutions on servers to do that because it was very hard to build something that could have a very high throughput, very high memory. And at the same time could give excellent support for random access reads when the customer actually needed to read that data. And so we created purpose built appliances as a result. And what we discovered in the process was there were a lot of pieces that were actually fairly hard in the enterprise. So when a customer would describe the purchasing process of their typical solution before appliances, they would talk about filing tickets with the server team, filing tickets with the storage team, filing tickets with security team. And sometimes taking six or nine months to get a piece of equipment ready to install the backups off around the floor. Whereas with ours, they placed in order, it showed up on the dock. As soon as it was in the rack, they were ready to go and working independently. Now while we have a great and thriving appliance business we're very proud of, we always preserve choice at Veritas. And even though that's the business I represent, I would make sure our customers always understand that we're interested in the best platform for the customer. So that's our basic perspective. If you want to go deeper, let me know where you have questions. Well, I'm curious on the process, when there's a fail, when there's attack, when there's ransomware, whatever, when you need to go back to your backup, what are some of the things that your approach enables or what are kind of the typical stumbling blocks that are the hardest things to overcome that people miss when they're planning for that or thinking about it, that kind of rear their ugly heads when the time comes that, oh, I guess we need to go back to a backup version. Yeah, and I'll break that into this disaster recovery or restore process and then also the process of backup. So when you think about that disaster recovery and I'll use ransomware as that piece of it because that's the real kind of disaster when you're looking at equipment in the infrastructure which has been wiped clean. And that's a worst case scenario for most IT managers. When you think about that situation, we've built into our appliances, first of all, a hardened Linux OS, meaning we've shrank down that OS as much as we possibly could. Second, we've added role-based access protection to make sure that you simply can't log in and perform activities which you're not privileged to perform. And then we have intrusion protection software, intrusion detection software to ensure that even for those zero-day attacks that we may not even be aware of when we release our software that the system is hardened. Of course, you have firewalls and Stig rules. Stig's rules are a DOD standard for hardening Linux-based devices. So we've got a hardened device and I was talking to a customer in a different part of the world this week where they describe having a data center where everything had been wiped and there's one thing left, their net backup appliances. And they were able to then take that and use that for the restore because that was a real vault for their data. Now, the flip side is that's a rare day. So that is truly a black swan event. When you think about day-to-day and we're running a data protection operation, really think about speed of backup. And for us, being able to take something that's neatly tuned for the hardware, the operating system, the tuning, the net backup softwares all configured out of the box and ready to go. And the data protection folks can be independently able to drive that is a great value because essentially you have Lego style building blocks where you can order a device, you know it always performs the same and three years from now you don't have to redesign it and take your expensive IT staff and ask them to figure out what's the best solution. We've just got another one off the shelf for you and another series in the model. Now, as you said earlier, the world's getting weirder. It definitely is. So we'll be branching off into what kind of appliances we offer and you'll see some announcements later in the year where we'll be offering some reference architecture approaches which will be a little different than what we offer today just to meet the customer demand that's out there. Yeah, that's great. I mean, because as you said, it's all about customer choice and meeting the customer where they want to meet. But before I let you go, this is a pretty interesting conversation. I want to get your perspective of someone who's been in the business for a really long time. And as you look at opportunities around machine learning and artificial intelligence and you look at kind of the, I'm going to steal your line about things getting weirder and use it over and over. But as they continue to get weirder and weirder, where do you see kind of the evolution? As you know, you kind of sit back not necessarily in the next six months or so, but where do you see growth opportunities and places you want to go that are still out in front of you, even though you've been doing this for many, many years? Boy, that's a great question. So this is yet another wave. And that's often how I look at it, meaning there was a wave of Unix. There was a wave of Windows. There was a wave of virtualization. And each of these technologies brought some real shifts to our environment. I think, from my perspective, the next big wave is dealing with ransomware and some of these compliance requirements we talked about earlier. And then I can't get away from this big data AI piece. And my son's studying computer science in college and that's a weekly conversation for us. What's new in that front? Because I think we're going to see a lot more technology developed there. We are just truly on the beginning of that curve. And frankly, when I think about the companies I work with, they have a tremendous amount of data, but that's really only going to increase as they realize they can actually develop value from it. And as you mentioned, first thing, once it shows up on the balance sheet, suddenly everyone's going to get very excited about that. Yeah, it's so funny, right? Because it basically does show up on the balance sheet of Facebook and it shows up on the balance sheet of Google, but it's just not a line item. And I keep waiting for the tipping point to happen where that becomes a line item on the balance sheet. Because increasingly, that is arguably the most important asset, or certainly the information and learning that goes around that data. You're right, and frankly, it's an insurable asset at this point. You can go to a company in a number of commercial settings and get ransomware insurance, for instance. So people are definitely recognizing the value of it if they're willing to insure it. Right, right. All right, Tim, well, thank you very much for stopping by and giving us an update. Really interesting times in, you know, kind of taking care of business and really the core of the business, which is the data inside the business. So important work and thanks for taking a few minutes. All right, thanks. I'll be glad to be back anytime you want me. All righty. All right, he's Tim. I'm Jeff, you're watching theCUBE. Thanks for watching. We'll see you next time.