 Live from Las Vegas, it's theCUBE, covering Veritas Vision 2017, brought to you by Veritas. And we're back at Veritas Vision 2017 in Las Vegas. This is theCUBE, the leader in live tech coverage. My name is Dave Vellante, and I'm here with my co-host, Stuart Minimano. We've been unpacking the innovations and the evolution of Veritas at Veritas Vision over the past two days. Shaheen Pirouz is here, he's the CTO of DataEndure. Thank you for having us. Welcome to theCUBE, thanks for coming on. Digitally resilient, that's an interesting and powerful and loaded phrase. What does it mean to be digitally resilient? Ultimately, we're trying to get our customers digital resilience, and what that means to us is that your people have access to their data whenever they need it, wherever they need it in a secure and protected manner. So, I got a follow-up on that, but before I do, let's give us an overview of your company, what you guys do, and what your specialty is. We're a system integrator, and we happen to resell stuff as well, including Veritas, and we're about 32 years old. We evolved from very early days in the tech space and continue to evolve the company, and today have four practice areas. Those practice areas include security and compliance, data center and cloud, the information management practice, which is where Veritas squarely falls into, and finally we have a systems and storage practice, which is primarily one of our biggest practice areas in terms of revenue. We have, go ahead. We'll go ahead, please, carry on. We have customers, all of the biggest names you'd imagine in the Silicon Valley, Cisco, Facebook, Yahoo, Google, and then a series of customers below that tier as well. Really, those customers are relying on you to do their integration, to help with their deployments, get value faster. Yep, we, Centrelink is the largest Veritas net backup appliance deployment in the world, and we implemented that platform for them. So, yeah. Interesting. You've got these heavy engineering driven companies, and they just, what? They just don't want to waste time on stuff that's not their main business, or? So, typically it's like any IT organization. You've got a series of projects, and those projects are spread out across the engineers that you have, and then you have something you have to get done that's more urgent, more critical. You've got to revamp your backup infrastructure, for example, or you got to build out a new backup as a service offering in Centrelink's case, and your, while the engineers have the skillset to do it, they're also doing 60 other things during the day. So they bring companies like us in to get it done quickly, get it done accurately, and then there's a level of reliance on not only our technical depth, but the access to visibility of what we see in other places as well. Whereas your engineers might be focused on a single thing within a company. We see a lot of different environments, and so when we run into problems, it's not the first time we run into it, and we can get through it much more quickly. So this idea of digital resilience is really interesting to me. They say you should skate to the puck. I think you're really skating to the puck, as most customers haven't transformed digitally, even though everybody's talking about it, but this is what I said. It's really a rich and sort of loaded phrase. What I'm inferring from it is, if you're going to go digital, you better not bolt on resilience. You better design it in. I mean, that's sort of my inference, but talk about that a little bit. That's exactly right. Yeah, typically there's, we look at the consumption, and cloud is a big part of this journey, for both Fairtoss and ourselves, and we look at cloud consumption as a journey that happens in five phases, or maturity levels, as we like to call them. So the cloud maturity model that I talk about often is, level one is usually companies that start consuming backup to the cloud. So the first step is we're going to back up our data to a cloud target and remove tape from our environment. Second step is consumption of storage. Then you start moving some virtual machines, doing lift and shifts to the cloud at level three, and level four is when that digital transformation starts to happen, where you're starting to build, consume cloud native databases instead of just migrating your database to the cloud. And then level five is typically the startups of the world which are building cloud native applications, and companies will eventually get to the point where they're building those cloud native applications. So, go ahead. It's an interesting model. Cloud's getting more and more complicated. And we said some of those companies that started up out, cloud native, everything built there, sometimes they're pulling things to another cloud or building their own data centers. We're finding the hyperscale companies looking to sound a little bit more like some of the enterprise vendors and some of the enterprise vendors are going there and you've got companies like Veritas that are going to play everywhere. What's that dynamic, especially, you know, Silicon Valley tends to be early on these, you know, what's kind of that macro level, you know, there's no typical customer. What is some of the dynamics you're seeing with the customers and clouds? So it's a simple scale calculation, right? There's a point, there's a tipping point where cloud becomes too expensive and it's cheaper to have some fraction of your infrastructure running in-house. So it's that hybrid cloud model we've been talking about for the last decade and nobody really has a good handle on what it is. It's run some of the cloud in-house, some of it in a public or multiple public clouds. And what you're seeing in the Netflixes of the world who went all in and then back out is exactly that. They got to a point where they realized the amount of money that they're paying on a monthly basis to the public cloud providers is outpacing what they could do themselves internally. And so they cut back to that tipping point. There is definitely sense in having infrastructure in the cloud, but there is that point where it doesn't scale that we're very well financially. Do you have any guidance that you can give people as to when they're going to hit that? I mean, we look at everything, you know, you talk to Amazon, they'll say, no, no, we're always the cheapest, we can use reserved entities. Heck, they just gave by the second pricing. So, you know, it's always kind of, it depends, but, you know, what's your experience been? It really isn't, it depends. But the short answer is that that tipping point is different for every single company. So if you're a company who's never going to get two billions of users accessing your infrastructure, you're probably never going to hit that tipping point. You can be all cloud and you can be cloud native and be happy. Whereas if you're, you know, a Dropbox or a Netflix or somebody like that who built all in or Workday, for example, all of them are now looking at we need to build our own infrastructure to support that scale that can't keep up with us financially. So, I wonder if you could talk about some of the big picture, we touched on cloud. What are the big picture trends that you see driving customer behavior and how is it affecting their IT and how are you responding? So there's, I would say that there's two primary things that we're focused on to help customers address what is coming. Number one is compliance. So our security and compliance practice, we lead with compliance as opposed to all the others managed security providers. We effectively go to market with this notion that no matter who you are, you have some sort of regulatory concern, whether it's enforced by yourself or you have a third party or a government that's enforcing some regulatory concern on you. And there's not a company out there that doesn't have something that they have to deal with on a regular basis. And our positioning is get your head around your compliance and that dictates what your infrastructure looks like, what your application consumption looks like, what your cloud consumption looks like. But you have to start from that place of here is how we have to deliver services and here's the controls we have to have in place. And then do we have the right tools, technologies, people and policies to do that? And that's our approach to market. So that's one side of the answer. The other side of the answer is storage is continuously growing in leaps and bounds and we have this ridiculous amount of data that's stockpiling, we're all hoarders of storage, if you will, and we don't know what to do with it. We're running out of storage places, we're throwing it in Amazon, we're throwing it in Google, we're throwing it all these places and just paying monthly storage fees. And that data is critical business data that if you can get and analyze it, you can make important business decisions about what your customers are doing, how they're buying things, what products they're buying, what products they're not selling and make fundamental business shifts and changes. And all you have to do is put a layer of analytics above this massive hordes of data that we're just continuing to pile and pile. So where does Veritas fit in to this equation? In all of that. So the 360 offering that Veritas has brought to market, a big part of that is compliance. So if you look at the messaging around GDPR, that's just one compliance that they're focusing on but that applies across the board. Having visibility into all your data with their data insight platform, for example, who's accessing it, where they're accessing it, what types of data it is, the classification of data, that's the first level of being able to understand your unstructured data and know, does it meet all the controls that I have to adhere to in order to deliver health information controls or personal information controls, whatever your industry control might be. So whether it's PCI or GDPR or HIPAA, you name it, it gives you apply the compliance onto the data and have reports that let you know if you're in compliance or not. On the storage side, there's analytics within the backups as well as the data that give you visibility into what you've been protecting and what you've been backing it up and where that data resides on a global level. So not only what but where is it and who's accessing it. So it's giving you all that visibility to try to get a handle on what it is, where it is and what valuable information is in there. And so you're bringing this to market today. We do. Okay, I mean, you got some pretty advanced customers. Do you feel like you're on sort of the leading edge of the bell curve or? So we have customers that are on the leading edge of that bell curve and we have customers that are starting that journey. They're starting to realize GDPR is a perfect example. Not everybody's sure what it's going to mean to them. It's like when HIPAA and PCI came out way back when, everybody was like, that's not my problem and now everybody has to deal with it. So I had many hospitals back then who wouldn't do anything, wouldn't do anything. And then the fines came and they're like, okay, hurry, let's do something. And so similarly, the compliance aspect of this, we're seeing a lot more traction on because GDPR is only about six months away. I mean, it's a two-sided coin, right? Because on the one hand, it's this sort of boondoggle for all the guys who can, you know, service those accounts. But on the other hand, it takes dollars away potentially from other more strategic initiatives. And you know, in the case of HIPAA, I mean, you can't even get your own information out of the hospitals, let alone, you know, other peoples. But so what's your thought on GDPR? Is it as big as these other initiatives? It feels that way, but we don't really know yet, right? So the risk where GDPR is different than all the other regulatory concerns is that any individual in any of the European Union can come and say, I want you to delete all the information you have about me. And you have to. So not just- You have to prove it. Yeah, I have to prove that you did it. You don't have any of it. And so the control structures are making it difficult for companies to say, how am I going to do this? And that's where products like the 360 solution that Veritas is bringing to market help give visibility into the data. And so you know, okay, I see Joe Smith across my own structured data. I see it in these file servers in this place and the other place. And so you have visibility into where Joe Smith is and can take action to actually delete the data and then show that it's not there anymore with audits. So it could be very real whether it's going to kick in and go live in July as it's supposed to or they're going to continue to extend it as they did with HIPAA and PCI. It's unclear at this point. Yeah, so talk about that a little bit. Is that sort of what happened with HIPAA and PCI? But that was the US government. Yeah. It wasn't the EU. So again, we don't really know. I mean, you've seen some of the crackdowns by the EU and Google and others. And so maybe they won't be as forgiving. Who knows? They may not be as forgiving and I think it'll get dialed in a little bit more. I think when it comes out and they realize the expense in trying to do this is going to hamper business. I think it'll get dialed back a little bit and not that you have to delete the data, for example, but you have to prove that you have it controlled and secured and somebody can't get to it. I mean, do you think that's really ultimately what it's going to be is the processes around it that's going to be as important as everything else? At the end of the day, all any of these audits and regulatory concerns can do is tell you you have to have these processes. That's the best they can go hope for. So it really is nothing more than a process conversation. But process without technology can be really burdensome and expensive on a company. Yeah, because of the risk is that you say, okay, we've got these processes in place. Yes, we did it. Here's the information. And then if you get hacked and there's Joe Smith is still in there. Oops. And then that somehow gets published on WikiLeaks. Right. Yeah, right, Ro, exactly. So Shaheen, as an industry, we've been talking for a while about how important data is, how we can leverage data. When we're talking GDPR, it's like, well, your data can be dangerous for you. Where are your customers? How do they actually, do they value data? Is data still a challenge for them? Or maybe give us a little bit of the spectrum of where you're seeing customers. It's a wide range. We've got customers that are in the research space and they're doing, for example, genomics research and their data is everything to them. We've got customers in the semiconductor space and they're building chips and their designs and their information about how each chip design is improving from version to version. All that data is important to them and when they go back to do new chip designs, they have to be able to look back at that data and they do a lot of analytics. But then there's industries that just keep the data because they think it's going to be important and they don't use it. They don't take advantage of it and they don't realize the risk associated with it either. It's the number one thing I've been a CISO for over 15 years and the one thing I used to say to customers is if you're going to keep your data, if you have a policy for data retention, make sure that it's not longer and creates an exposure for you than it needs to be. Because keeping data too long can be, because you have to present it if you're in a litigation and so that's the challenge with these piles of data we keep keeping. And so the reality is customers are all the way to the extreme of using it heavily and deep analytics to I have no idea what I have, I just have piles of data. Kind of the variation on the Einstein quip, keep data as long as you need to but no longer. Exactly. All right, sheen, we have to go. Thanks very much for coming on theCUBE. Appreciate it. My pleasure. All right, we're in a rapid sprint to the end of day two here at Veritas Vision 2017. We'll be right back. This is theCUBE.