 Lie from Palo Alto in the heart of Silicon Valley. It's theCUBE, covering I.O. Brought to you by I.O. Now, here are your hosts, John Furrier and Peter Burris. Okay, welcome back, everyone. We're live in Silicon Valley on Sandhill Road and a special presentation of I.O. Conversations. This is theCUBE, covering their event. Data Center is a service. I'm John Furrier with Peter Burris. Our next guest is Jim Flagging, student-shared-off group and Rich Miller. Datacenterfrontier.com. Welcome back to theCUBE. Good to see you. All right, thanks, guys. So obviously, Data Center is changing. We're here in that from I.O. Data Systems is the data center as a service. I mean, Data Center implies being at the center. Kind of one monolithic, but that's now over. We're seeing that. How is this impacting the internet of everything? Because this is now edge networks. You're seeing that I.O.T. has been hyped up beyond all proportions. Oh, it's got a way to go. It's got a way to go. It's still being hyped. The beginning of the hype's curve, but I mean, it's pretty real that Data Center's being changing significantly. Rich, what's your thoughts on that? Sure. So the internet of things is really one of the forces that's shifting where data centers are built and what they look like. Historically, the large data centers have been located in the major data center markets near places like Northern Virginia or Silicon Valley where there's a sort of critical mass of network and customers. That's begun to change first with the hyperscale guys who wanted to build out in rural areas where the land was cheap and the power was cheap. But what we're now seeing first with edge computing, which is a phenomenon where content is trying to go everywhere and to make the network be able to handle it, we've started to move content to smaller data centers in edge markets, the kind of places that may not necessarily have supported a lot of data center services in the past. So that's sort of the beginning of a wave that the internet of things will extend where we'll see data centers in new places. The data centers at the edge is what you're kind of getting at, right? Not the edge. Data centers at the edge and ultimately micro data centers that may be all over the place. And the wireless is gonna be just about everywhere and there's gonna be some infrastructure requirements to drive that. So Jim and Rich, if you can define for me, what is the new edge of the network? I mean, I get this question all the time and I have my opinion, but there's 10 different answers. I mean, how do you define what the edge is? It used to be the connection, but is it now, is it a windmill? Is it considered the edge? Are humans considered it? What is the definition, current definition, state-of-the-art definition of the edge? Well, from the data center perspective, edge data centers are, as we said before, data centers in smaller markets and places where you haven't seen them before. But you also have the edge of the network being the device in a lot of cases. And ultimately, it will be the sensor as we get more and more sensors built into infrastructure that can gather data, help people understand how their infrastructure is working, and send that data back. And that's where one of the interesting discussions comes up, is what does the overview, the architecture of the network look like when you have to take all of this data and you want the analytics and the business value that comes out of it, and that sort of wisdom about your network, but you don't want all of that data going all the way from the edge back to your core data center. So part of what's interesting about the internet of things and how it impacts the shape of the network is that these smaller data centers will have to have enough sort of compute power to do some processing, do an initial round of analytics, and then send a smaller batch of data to the center. So is it a question of not sending the data back or they don't want to send it back? So in some cases, it might be just the fact that it's almost, it's hard to send it back. There's another aspect to how the network's changing and just look at the carrier networks themselves, right? The challenge that these guys have in terms of tens of billions of new devices coming on the network, very different types of devices and very different use cases. So the old world in running a carrier network is you could pretty well plan and forecast and nail things down and it was very hardware intensive. From a capacity standpoint or device. In terms of planning, how much capacity do I need here? What type of capacity do I need there? So the carriers are reacting to this by moving to a software-defined network and something called network function virtualization. Thank you. I need your help here today. And so really what that helps them do is just respond to change and be able to manage traffic better, be more agile with new services they deliver. And as it comes to IoT, they're gonna need to put more intelligence at the edge to make decisions to protect their networks and also to deliver higher value services to their clients. Yeah, you bring up an interesting point. I mean, you're talking about the reaction to it, the trend of growth and the growth is, I mean, you almost marked the day of the iPhone and it came out as kind of that one moment when we was talking about that. And now LTE networks, I mean, I remember when Wi-Fi first at the scene, I mean, you could never ever imagine what we have today from a network standpoint. But to react now with software means a complete shift over into network. So the question is, how secure is it? And what are enterprises doing? I mean, how do they react now? Carriers, they have their business, but what's the impact of the customer? What does this mean to them? Well, you hit a lot of topics there, at least again from some of the, let's talk about mobile networks. There was a time not too long ago that we thought, well, the mobile network's secure and mobile devices, the iPhone secure. I mean, if you fast forward to what was announced this spring once 60 minutes, I don't know if you guys caught the announcement of when they had this Congressman Lou got his iPhone hacked and all you needed was a phone number where you could compromise, get a number and take control of the phone. That's pretty scary stuff. So I think that from a telecom operators point of view, you're gonna see some of where they spend their money, begin to shift away a little bit from, can you hear me now? And another point of coverage and really focus on the quality of service and security is gonna be part and parcel to the quality of the services they're delivering mobile and fixed line networks. In matters of security will be the definer of the quality of service. I think that's a great point. I do think it's the case. I mean, we take for granted now that spam has gone generally on messaging networks. What a huge nuisance. But now if you begin to think somebody could either, if I make one click and my whole phone is taking control of or very easily somebody could be listening into the calls, that's a pretty scary proposition. So I think quality and security will become more synonymous. It's a good point. I mean, there's two business models that are dominating the data world right now. Business model number one is still transactional. You buy something, you get something. Apple, at least in the consumer market is kind of the main driver of that business model. Very successful. And certainly most of the IT universe has been part of that for a long time. Also not too far from here, we have Google and Facebook who are driving the ad-based business model. Now, when you think about it, people are giving up an enormous amount of information to get a lot of free services. They may not know it, but they're starting to figure that out. And markets may or may not get more efficient as a consequence of that. When you add this question of security to that, i.e. I'm giving up an enormous amount of information maybe to someone that I didn't know I was giving information up, it dramatically changes the consequences of engaging some of those brands. How is Chernoff Group starting to help clients think about this? I know you do a lot of work in the financial services business, which is very information intensive. Well, that's a great point on those two models. I've actually written about that specifically, that closed versus open model. I think one issue that's certainly been in the news this year is encryption, right? And I think we surprise some people, given the background of some of the folks that are firm, Mike Hayden and Mike Chernoff, when we came out and said, back doors are bad. It's almost the equivalent of putting a biological weapon out into the open that you really, weakening encryption is not a good thing for our country. And I would say, even looking forward, we'll talk about this later today, the craziness of weakening encryption when we have another big storm coming our way, and that's called quantum computing, okay? Back in what was it, 94, 96, when the first papers came out around quantum computing, it looked like fairy dust. That's here now. University of Maryland has a working quantum computer. The people who, NIST came out with a study in February that said they believe commercial quantum computing will be here in 10 to 15 years. Well, you know one of the first things they're gonna go after with quantum computing is the crypto modules or the crypto capabilities in RSA, elliptical curve, et cetera. So if now the things that we use to generate trust, pass data securely can be cracked, that has a tremendous impact on IoT. So now is the time that we need to take the long look and think about, with quantum coming, what are other techniques, strategies to look at data security and identity in the world of IoT? So I interviewed John Fowler at Oracle, former son now at Oracle, Larry Allison last year at Oracle over the world. It's gonna be up next week we'll be there covering that. It's his philosophy, encryption should always be on, never be off. Does that kinda play with your concept of the long game on encryption? Is that just more marketing fluff from Oracle? Is that, do you see that model? Yeah, I mean, I don't know that I can answer that question directly, but encryption's here to stay. I mean, it was what, 20 years ago, encryption was just something that was in the domain of the intelligence community. But what's happening- And overhead intensive too, there's overhead penalty with that too. But cyber, some people call cyber the fifth domain, air, sea, land and space, right? The fifth domain is cyber. The first four, the government has the smartest people, that's where all the goods are. Clearly in this, it's out here, it's in industry. And they literally, the governments have said, we want you guys to lead the pack, innovate for us. And some of the key innovations have been around things like data security, encryption, tokenization and masking and things like that. That cat's out of the bag. And then also, if you look at some of the most valuable companies that have been created, they're all about privacy, Snapchat, WhatsApp. I mean, go down the list of things that people care about privacy. So I think we're gonna see more encryption, not less, we gotta get over it on that issue. That's a great point. We were talking earlier on our intro package, intro segment around how power has been validated as a key thing to design around. And we were just riffing on the idea that data has to be thought through differently around designing the data center around data. It's going in the business around data. The business, the data. Data is an asset. And so if you think security is data, and that's what you're securing. So the question for you guys is, okay, how does a company start thinking about this? Because now, if they're designing around power, because that's a resource, obviously a scarce resource, unlike data a little bit different, we've talked about that, but how does a company start planning around data? Designing around the notion of data being very valuable. Well, I think you guys are already sort of advanced to second base because you've got the right way to start to look at this. When we're in talking to boards and CEOs, the questions people want to know are really kind of basic, am I secure? How would I know? And we turn around and ask folks, what's your most sensitive data? What's your most sensitive business process? Because security is not like peanut butter. You can't apply it equally across the board. So you really have to have a really good sense of what's the most important. Then think about where and how that data should move. Secure it appropriately, put the right policies in place, and then like anything in life, audit. Check the checkers. But additionally, you bring up the way you talk about it at one board level. This is a business conversation because your business consequences show you where the data is. So it's not so much technical per se. It's kind of thinking it differently. I'll take one more, and this is a favorite topic of mine, and then Rich will send it back to you. I think this is one of the biggest changes. We were talking about this before the tapes rolled, is that 10 years ago, security was for those crazy guys down the hall, like don't talk to them. You'll never want to get out of that conversation. It's a technical issue. Never came into the board. Now, I think it started with Target and others. With CEOs go, what the heck? I don't want to be that guy on the Wall Street Journal. So for many organizations, security has not only become a business risk, but it's the top business risk. If you look at the chairwoman of the SEC, she came out in May, right around the time of the swift crisis, and she said cybersecurity is the number one risk to the worldwide financial system. So the smarter CEOs and the smarter boards are putting cyber on par with financial regulatory and other types of diligence. And to do that, you talk about it in a risk management framework. Boards, they get risk. They don't get all the technical mumbo jumbo, but if you talk about it in risk, hey, what do we want to eliminate? What do we want to avoid? What can we mitigate? And then what do we transfer through insurance? They get that. And I think that's where you're gonna see the ball continue to go. We actually did a significant piece of research on this exact issue, and discovered that increasingly, this conversation between CISOs and CIOs and the board is not, I will protect us, but rather, I will mediate the risk. I will reduce our exposure, because we will, we happen and we'll be hacked. So it's how we're gonna respond. And this comes back to the data center, because the data center is still where the center of the response takes place. And in so many respects, it's one of the defining tasks and responsibilities that takes place in the data center. How is that the issue of security, the issue of business risk, and the evolving role of the data center, especially given some of the physical things we've been talking about coming together? Well, so it comes together on a couple of levels. One is the physical security piece. And you're seeing more people looking at these sort of federal data center standards where you've got your setbacks and different levels of access controls. There's the physical piece, and then there's the compliance piece is becoming a much bigger role in a lot of the data center companies and their business models, in being able to say, look, we understand your business. We understand the regulatory requirements that you face, and we can work with you and your data center installation and where the data's going or moving, and help you meet that. So in terms of a specialization, that's one of those areas where it's been an opportunity for the data center industry. And one of the places that gets interesting once you distribute the infrastructure much more, because that creates more overhead and more management challenges, both in terms of the physical security of what you have there, and keeping an eye on that, and on the software security. So your perimeter is no longer a part of that, it's not the action. But let me follow up on this just really quickly, because Chernoff is in the security knowledge business amongst other things. Yes. We're talking about data center and being a place where some of the smartest people that are associated with some of these issues are gonna do their work, get their work done for the organization. And we've also talked about the need that security professionals themselves have to think differently in how they engage at least the business, that it's no longer no, no, no, and you stupid idiot, how can you not understand this? It now becomes part of a business conversation. Are we facing a shortage in security people, and people who really understand these issues? And if we are, how extreme is it? And if it's extreme, how do we get out of it? This is a huge issue you put it now on the head. So I'd say kind of leading up to that, the first thing people need to realize the government's not coming to the rescue. Yeah, I hope so. Look at this, the Sony case. They knew it was the North Koreans, no question about it, but attribution is really damn hard to do, to do it right and to do it safely. So most companies, every company needs to realize that you're on your own. Now, depending on whose numbers you read, the worldwide shortage for cyber talent exists between a million and a million seven today. The fact is- A million or a million seven people. People today needed to in the security field. So we, there's a whole stem and education and start with the secondary schools. It's a whole piece on that. We need to do a lot more of that to get those numbers changed. The other thing is security is too hard. Security that's hard equals no security because people are going to bypass it, right? Nature finds a way. So we've got to make security products easy. They've got to be more interoperable. But I think from a long-term trend, you're going to see security be procured and delivered more like a utility. You turn on your electricity, you don't think you're going to get fried every time you turn it on. It would be really nice that on your mobile networks, your broadband networks and everything else, they're secure. So for a small and medium business to try to staff these hard-to-find guys and gals, keep them on the payroll, it ain't going to work. So being able to buy security as a service, so we think the whole variety of security services is big. And that's also why you're seeing companies with, software is what they do, high gross margin, fire-eyed buying mania, say, hey, the way we're going to grow is go buy a lower gross margin services business. That dog would not hunt in the old day. People are realizing that, hey, if I'm not the trusted advisor, the guy who can solve the problem, I'm not going to get the call for the PO and the software. So people want to be that first one, that trusted advisor, like who you're going to call when the chips are down, and you've got to do that with having smart people to deploy a great topic. It's also not an accident that for a lot of companies when they look at data center site selection, one of the criteria that comes up is locating near a university where graduates can have advanced security certifications and so they have access to workers coming out who can help them. Having said that, there is that huge disconnect. In addition to the fact that in the data center industry, making Wave for the next generation is a challenge that a lot of companies are stepping up to and putting a lot of time into. This is a great topic. I wish we had more time going, because we haven't gotten to SDN and all the horsepower, but security is a huge concern, a shortage of people, but the power is now there. So the overhead, this compute power is available. I think security's got a good future ahead of it in terms of career advancement and then data center of design. Thanks you guys for sharing your thoughts. This is theCUBE live here in Sandhill Road in Silicon Valley for IO Conversations. We'll be back with more after the short break.