76: Nutanix Weekly: Beyond Ransom & Recovery: Defend Your Data Proactively with Nutanix Data Lens

Oct 23, 2023

Unstructured Data Under Siege

In today’s digital age, data is the lifeline of businesses. It drives decision-making, influences strategies, and unveils market insights that can propel any organization ahead of its competitors. However, much of this data is unstructured, creating challenges with data visibility, and making it more vulnerable to cyber attacks and insider threats. 

The complexity of defending unstructured data from ransomware is a key obstacle hampering an organization’s security posture. Protecting only the endpoints and employing network-centric tools, and device authentication is no longer sufficient. For organizations, it’s imperative to deploy a holistic approach to data security, ensuring that the very essence of their business—its data—is safeguarded from these evolving threats. 

Starting with Storage: Laying The Foundation for Robust Data Security

To protect against ransomware and other malicious threats, IT and Security leaders should look beyond endpoints. To achieve true ransomware resiliency, an organization needs to be able to detect attacks from within the data layer, block the activity, determine the scope of the affected systems, and recover quickly. 

The Nutanix Data Lens™ SaaS-based data security solution helps proactively assess and mitigate unstructured data security risks by identifying anomalous activity, auditing user behavior, and adhering to monitoring requirements – all at the primary storage layer, where your data is stored. Additionally, global data visibility across clouds helps with intelligent decision-making and lifecycle management of unstructured data stored on the Nutanix Unified Storage™ (NUS) platform

The latest release packs powerful features for cyber resilience, permissions visualization, risk scoring, and support for the  Nutanix Objects Storage™ product

What’s New Today?

  • Threat Containment Window:  Proactively detect and block a threat, defend from further damage and get alerted to begin a One-Click Recovery process within 20 minutes of exposure. Don’t just take our word for it, read this report to see how Data Lens delivers on the promise. 
  • One-Click Recovery: Seamlessly recover from the last good snapshot available and restore your data and operations swiftly.
  • Permissions and Risk Visualization: Identify the root cause of access control risks and monitor the risk score to track vulnerabilities within your data and user groups.
  • Objects support: Nutanix Data Lens has increased its coverage to include Nutanix Objects Storage, enabling customers to effortlessly access S3-available data, providing an intelligent understanding and forensic capabilities similar to those available for the Nutanix Files Storage™ product today. 

Host: Andy Whiteside
Co-host: Philip Sellers
Co-host: Harvey Green
Co-host: Jirah Cox

WEBVTT

1
00:00:02.050 –> 00:00:06.019
Andy Whiteside: Hi, everyone. Welcome to episode 76 of new tanks weekly. I’m your host

2
00:00:06.240 –> 00:00:14.220
Andy Whiteside: Andy, white side Podcast number 4 of the day and this is number 4. And the first 3, I forgot to say, the new tagline you guys ready

3
00:00:15.230 –> 00:00:24.490
Andy Whiteside: podcasting with context, cause, contacts, context matters. I love the blogs

4
00:00:24.580 –> 00:00:33.539
Andy Whiteside: I love. I love the blogs. But having this conversation with a group of people who, you know, passionately love the space and want to talk about it. That context is so valuable.

5
00:00:34.200 –> 00:00:39.050
Andy Whiteside: And I love that we do that. Phillip Sellers on from the Zintegr side. Phillip. How’s it going

6
00:00:39.290 –> 00:00:43.569
Philip Sellers: good, Andy having a great afternoon. Looking forward to

7
00:00:43.580 –> 00:01:00.380
Andy Whiteside: to closing out the day. It’s been a good day, so I asked Philip while I go. He’s been on calls all day long with customers, and he gave me one example. What’s the not county, the one you just had when you gave me, land, the last podcast what’s the problem the customer was trying to solve. And and what pro? What problem did they bring?

8
00:01:01.540 –> 00:01:07.910
Philip Sellers:  now, I’m trying to think of a good one. Talked with a customer earlier who

9
00:01:08.670 –> 00:01:26.070
Philip Sellers: we’ve got existing new tanks on vmware. And they are true believers. So we’re helping them migrate and upgrade and scale out and consolidate. So I would file that under simplification. They’re really place where

10
00:01:26.240 –> 00:01:31.249
Philip Sellers: they believe in the platform wholly. And they’re they’re simplifying overall

11
00:01:31.420 –> 00:01:50.500
Philip Sellers: operations down to to this way of working. So they’re Aos, currently on Vm, where they’re gonna go Aos on Hv clusters. They’re gonna be collapsing in as well. All in super nuts, were they always true believers? Or they had to get one over.

12
00:01:50.910 –> 00:02:03.329
Philip Sellers: So yeah, I mean, it’s it’s an interesting thing we. We help them move. It’s a medical customer, and so we help them move trying to get better performance out of their emr we’ve made multiple different

13
00:02:03.460 –> 00:02:09.410
Philip Sellers: improvements around the Emr helping with the database and how it runs on the back end. And so

14
00:02:09.449 –> 00:02:11.599
I think

15
00:02:11.660 –> 00:02:25.689
Philip Sellers: they were one over. I don’t think they were true believers from the beginning. They were interested. Talk to other customers in the healthcare space and heard great things, and then out of the gate. It wasn’t

16
00:02:25.930 –> 00:02:47.460
Andy Whiteside: fantastic for them, but we help them change the way they were running. Some things follow best practices, and now they get that same result, great performance and great great outcomes. A very common story, and when they finally come to their own understanding of what it is they want. It really makes that advisory type partnership thing make make a ton of sense

17
00:02:48.020 –> 00:02:53.989
Andy Whiteside: Harvey Green founder, co-founder of Zintegrick. Gov what’s going on in Harvey’s world

18
00:02:54.950 –> 00:03:00.610
Harvey Green III: a little bit of everything. Jerry and I were just talking about it. You.

19
00:03:00.630 –> 00:03:08.869
Harvey Green III: You’re not at a conference today, I said, no, that’s next week, and I know it’s been last week. It’s been a few weeks, but you’re no longer in the basement, either.

20
00:03:09.280 –> 00:03:36.050
Harvey Green III: I am not I am upstairs in the kids playroom right now, which is fun I got. No, I got some some family that stand with me on and off. So it’s funny in it. Normally you move upstairs, and that’s an upgrade in this case. Not so much. Well, looks like a fun room.

21
00:03:36.690 –> 00:03:42.869
Andy Whiteside: Yeah, they have lots of fun. Same same question for you. What? What customer problem have you solved today.

22
00:03:44.100 –> 00:03:46.030
Harvey Green III: Today.

23
00:03:46.430 –> 00:03:51.269
Andy Whiteside: what? What problems did a customer bring? One problem that a customer brought today?

24
00:03:52.380 –> 00:03:57.940
Harvey Green III: Yeah. So talk with a customer earlier who was

25
00:03:58.180 –> 00:04:04.709
Harvey Green III: looking at options to help them move from on-prem to the cloud.

26
00:04:04.970 –> 00:04:32.040
Harvey Green III: And for them they don’t really have a cloud footprint right now. So it was trying to figure out, you know. Not just like there’s always a conversation on Prem to cloud. That sounds great, but you don’t pick everything up and just move it. Is not that simple? So, having conversations with them to think about, you know what stays and what goes? What has to live on? Prem. What? What can go to? The cloud

27
00:04:32.100 –> 00:04:34.859
Harvey Green III: was a little enlightening for them.

28
00:04:35.100 –> 00:04:42.260
Harvey Green III: Because they did not think that they had to. They did not consider that they had to leave some things on Prem. So

29
00:04:42.290 –> 00:04:49.110
Harvey Green III: being able to talk to them about options that allow them to have

30
00:04:49.120 –> 00:04:54.550
Harvey Green III: on-prem resources and resources in the cloud of their choice

31
00:04:54.610 –> 00:05:09.249
Harvey Green III: but still be able to use a model that allows them to consolidate control over both in the same way, and not have to do everything all over again was super helpful for them.

32
00:05:09.380 –> 00:05:12.070
Andy Whiteside: And when you say Cloud, you talk about public cloud in this case.

33
00:05:12.220 –> 00:05:12.990
Harvey Green III: public.

34
00:05:13.260 –> 00:05:29.050
Andy Whiteside: But cloud in this case. Yes, yeah. Cause in in Zintigra world we literally could come pick the stuff up, put in a colo, and it would be cloud to them. Might, we might, could actually just pick the stuff up and move it. I know that’s not the normal path. But if you, if you want that? Let us know. Cause that’s that’s possible.

35
00:05:29.430 –> 00:05:30.600
Absolutely.

36
00:05:30.710 –> 00:05:34.320
Andy Whiteside: Yeah. Gyro Cox gyra.

37
00:05:34.520 –> 00:05:35.930
Andy Whiteside: you about ready to move again.

38
00:05:36.130 –> 00:05:51.379
Andy Whiteside: We’re we’re staying here for a little while. What’s what? First of all, how are you doing? Well, thank you. How are you doing? I’m I’m I’m busy, but good, good, busy.

39
00:05:51.770 –> 00:05:53.420
Andy Whiteside: good, busy.

40
00:05:53.780 –> 00:06:14.479
Andy Whiteside: fun busy. Have a good time. I guess. Same question you have. I’m sure you’ve been on 1,000. Well, 18 customer calls today. What? What problem was brought to you today? Asked to address, I met a new software vendor who has like a secure ot access solution.

41
00:06:14.480 –> 00:06:40.429
Jirah Cox: And they, because of a shared customer of ours, was trying to run that on Hv. For the first time walk them through. What does it look like, you know, they had a typical kind of vmware ova that they were used to giving their customers, and we kinda walk through some troubleshooting steps around, you know. Do you stuff the Ver I/O drivers in there, or does like your packaging process, remove those. There’s some troubleshooting steps you can do on HD around booting the Vm. Even to like a de id disk mode.

42
00:06:40.590 –> 00:06:43.499
Jirah Cox: And so we kind of reviewed some of those

43
00:06:43.520 –> 00:07:06.789
Jirah Cox: troubleshooting steps, and ultimately I just want to spin up a lab and saying, Hey, here’s an Hv. Cluster for 3 days. Go, you know, kick the tires on it, and use it to help streamline giving an Hv friendly image, or really just a Kvm from the image to your customers for rapid deployment. So cause I think I think their requests to run on top of HP are only gonna increase over time.

44
00:07:06.950 –> 00:07:27.480
Andy Whiteside:  Ot stands for operational technology. Right? It does. Thank you. Sorry. So I was listed a podcast. Mostly security related this weekend and the guy started talking about, you know, we have all these client server networks that are very you know, very dangerous, potentially. But, man, if the bad guys ever figure out how to get into Ot networks in mass. Man, we’re in trouble.

45
00:07:28.690 –> 00:07:37.009
Andy Whiteside: Yeah, so good that you were trying to help somebody in that space, and good that they’re going to be able to run it on new tanics Aahv or vmware, or both.

46
00:07:37.070 –> 00:08:01.129
Jirah Cox: Cause we need that world to be very secure. Yeah, I was even running a boot camp last week for some customers, and showing them the latest version of prism central right, which we can do a later episode on that, even right there on the dashboard of PC. Puts a security dashboard around. Have you turned on Microsoft? If you turned on intrusion detection, you know, here’s how to scan your clusters and map them to publish Cvs, you know. Really.

47
00:08:01.150 –> 00:08:04.550
Jirah Cox: kind of making it easy for customers to to decrypt.

48
00:08:04.740 –> 00:08:07.769
Jirah Cox: How secure is mighty phenomena’s deployment? Yeah.

49
00:08:08.600 –> 00:08:18.310
Andy Whiteside: Well, you guys bought a blog for us through your day. Let me do my commercial real quick. If you’re a new Tanks customer and you’re not getting everything you can out of the platform. Because your existing partner is not

50
00:08:18.520 –> 00:08:45.150
Andy Whiteside: not bringing advisement to you. Let us know, cause that’s what we do. That’s why we do this podcast we also like doing it. We just happen to be nuts about space. But there’s so much opportunity to help people. And if you’re not getting the value out of new tanks platform, it’s not the platform, it’s you that’s really not in you. It’s your partner, and we would love to kind of up that game for you. Alright, Jair, I’m gonna read the name of the blog from October fourth to 2023. So very recent. And then I’m gonna ask you to pronounce the name of the authors ready.

51
00:08:46.090 –> 00:08:57.369
Andy Whiteside: The blog is beyond ransom and recovery. Defend your data proactively with new tanics data lens. I’m excited to talk about that. And this was written by

52
00:08:57.430 –> 00:09:00.219
Jirah Cox: by Sneha and Tahina from our fowls team.

53
00:09:00.400 –> 00:09:04.009
Andy Whiteside: Alright, I’m not Gonna let you off. That easy last names.

54
00:09:04.940 –> 00:09:09.590
Jirah Cox: I think. Has last name is Cheddar Vadula and Tahina Goyal.

55
00:09:09.760 –> 00:09:14.029
Andy Whiteside: Okay? Well, I must admit that was pretty impressive. I thought I was gonna stump you pretty hard, but

56
00:09:14.230 –> 00:09:24.260
Andy Whiteside: blew right through that. They would chase them down in the building the next time he was there. Alright Jair! Why this blog? Why today?

57
00:09:24.630 –> 00:09:36.579
Jirah Cox: We already talked about it? Because it’s sort of topical and evergreen for customers right? Like security matters. So ransomware threats as usual, only increasing, not really decreasing. Those guys don’t take a day off

58
00:09:36.730 –> 00:09:53.639
Jirah Cox:  for the long time. Listeners. Good example of a bad style of automation and so the worth protecting against. Yeah. Well, good thing is, we got AI to the rescue right?

59
00:09:53.670 –> 00:09:56.279
Andy Whiteside: Is that gonna help us or help them more.

60
00:09:56.330 –> 00:09:58.859
Jirah Cox: Why not both?

61
00:09:58.910 –> 00:10:00.490
Andy Whiteside: What’s good for the goose?

62
00:10:01.650 –> 00:10:09.010
Andy Whiteside: Alright! First section talks about unstructured data under siege. I’ll let you discuss that, and then we’ll have

63
00:10:09.050 –> 00:10:11.020
Andy Whiteside: Harvey and Phillips chime in

64
00:10:12.100 –> 00:10:12.840
Jirah Cox: P.

65
00:10:13.100 –> 00:10:37.399
Jirah Cox: I think the key points here that the the articles making are, of course, like everyone has unstructured data. It’s like required data for the business get gets mined. For, you know, stuff like customer interactions or fed into Kb, articles this data that you know is living on some file share somewhere that hopefully, you’re monetizing and isn’t just like some ball of data that you have to preserve from now until the heat death of the universe.

66
00:10:37.560 –> 00:10:51.729
Jirah Cox: But as a result of that data having value to you, that data has value to attackers as well. Right enter Ransomware into the world we live in. And how do we help our customers elevate their security posture against those kind of threats.

67
00:10:51.740 –> 00:11:09.380
Andy Whiteside: Yeah, I use the following example, talking to my kids, whoever unstructured data that the little grocery thing you scan. So you get the discounts at the grocery store. All that stuff goes somewhere, and I’m sure the grocery store and all the vendors are finding ways to monetize that that data

68
00:11:09.560 –> 00:11:18.830
Jirah Cox: this past weekend. I was like, how many stores can you walk into now and give them like your phone number? And they can pull up like your last receipt last transaction for like an easy swap, but like

69
00:11:18.860 –> 00:11:47.009
Jirah Cox: what an amount of data to have to store and be able to pull back up so quickly that, like in the world we grew up in, that wasn’t a thing like Oh, you lost this piece of paper. Sorry no return or exchange for you back 2 days later for more toilet paper

70
00:11:47.010 –> 00:12:04.550
Philip Sellers: during the pandemic, the amount of rich data they were getting because people had switched to their Loyalty program and their mobile app and mobile ordering. They went through and renovated all their stores, and that’s become their standard. I mean, completely pivoted their

71
00:12:04.580 –> 00:12:15.399
Philip Sellers: way of doing business, because the richness of the data, the data profiles. How often someone eats what they eat, how to turn. I mean, yeah, talk about the

72
00:12:16.020 –> 00:12:19.370
Philip Sellers: I mean absolute definition of monetizing your data.

73
00:12:19.530 –> 00:12:26.869
Andy Whiteside: Yeah. yeah. Keep waiting for the little lady with the samples. I come around the corner and she knows me by name and wonders why I’m 5 min later, and I’m not normally

74
00:12:28.650 –> 00:12:35.060
Andy Whiteside: Harvey, any comments on unstructured data being under attack.

75
00:12:36.940 –> 00:12:38.360
Harvey Green III: No, I mean.

76
00:12:38.610 –> 00:12:50.249
Harvey Green III: I think that we’ve kind of hit that pretty well. You can see that it definitely has value to the organization. And because it has value to the organization, it becomes

77
00:12:50.700 –> 00:12:59.070
Harvey Green III: something that they might have to might want to, or I might have to pay for to get back.

78
00:12:59.630 –> 00:13:06.720
Andy Whiteside: Alright, jyra! Next section says, starting with storage, layering the foundation for robust data security. What does that mean?

79
00:13:07.820 –> 00:13:27.619
Jirah Cox:  pivoting in here into a view point of view around like defense in depth is the, you know, kind of the standard in the environment here. And you know one phrase that the articles you’re about, you know it, and security leaders should look beyond endpoints. It’s interesting. I would even expand upon that to say you know, endpoints are important, too.

80
00:13:27.660 –> 00:13:46.910
Jirah Cox: but of course, producing the the data source itself is which, of course, what we’re focusing on today is also a key part of that puzzle. Right? So like everything matters right? Like the the file server in in this case, like mechanics files, we’ll talk about and objects that can host the data itself like security. There detection. There matters recovery there matters

81
00:13:47.040 –> 00:14:00.310
Jirah Cox: but detection on the endpoints, detection at the edge. All of these things, you know, are what contribute to an environment that lets you as the environment owner, as the administrator like sleep better at night.

82
00:14:00.640 –> 00:14:06.319
Andy Whiteside: Yeah, I look at all the different layers. And II know I can’t say this like I kinda just want to give up. But

83
00:14:06.740 –> 00:14:17.030
Andy Whiteside: you can’t do that, you gotta. You gotta cover the different layers the best way possible, and you stack it all up and make a big, nice security cake. Don’t you give up? That’s when the bad guys win. So yeah.

84
00:14:17.220 –> 00:14:19.199
Jirah Cox: we don’t. We? Don’t negotiate with terrorists, Eddie.

85
00:14:20.150 –> 00:14:31.879
Andy Whiteside: I didn’t say negotiate just to give up and that’s just a joke. Please don’t take me for that being serious. That’s I have have people for that. People that love doing that. That’s why.

86
00:14:32.020 –> 00:14:38.210
Andy Whiteside: I just like talking about it. Harvey thoughts on the the layering of security.

87
00:14:39.930 –> 00:14:46.180
Harvey Green III: I mean, obviously, you. You definitely want more layers in your security cake, as you put it.

88
00:14:46.340 –> 00:15:02.929
Harvey Green III: Ii think, being able to have a a service like data lens is, you know, way way past just the topic we’re talking about. But just just for ransomware and be able to being able to detect things quickly

89
00:15:02.930 –> 00:15:17.190
Andy Whiteside: without having your eyes be the detection method is definitely a plus. Yeah. No way the human can keep up with close to what they need is really fill up your thoughts on layering and specifically, data being the foundational layer.

90
00:15:17.480 –> 00:15:23.059
Philip Sellers: Well, what I like about this is, it’s so close to the data itself. Right? You know.

91
00:15:23.080 –> 00:15:30.590
Philip Sellers: I’ve I’ve heard other solutions, particularly in the backup space, also do the same thing. They watch the data set. And

92
00:15:30.920 –> 00:15:34.520
they, they try to find anomalies in that data set. And I think

93
00:15:34.680 –> 00:15:40.649
Philip Sellers: this is gonna become the standard you have to have something watching your unstructured data.

94
00:15:40.870 –> 00:15:42.829
Philip Sellers: I remember

95
00:15:43.190 –> 00:16:06.850
Philip Sellers: companies like Baroness coming in and talking to me, you know, a decade ago and going. That’s nice to have. But I don’t know if I have a unstructured problem big enough to to buy software like that, I think we’ve completely changed. And today you absolutely need data analytics around your unstructured data because of branch where

96
00:16:07.010 –> 00:16:08.290
Philip Sellers: in particular.

97
00:16:08.650 –> 00:16:27.629
Jirah Cox: yeah. And to be fair, like, I would love for my customers to have you know inspection monitoring of the data itself and the backups right? Like, it’s almost moving into a world where monitoring for ransomware is everyone’s job, meaning every humans job. But every piece of technology’s job as well. Right like we’re better together.

98
00:16:27.950 –> 00:16:46.210
Jirah Cox: but for sure. And and so, like the lay, the the layer of the cake we’re adding on this one or focusing on this new feature of it is data lens, right? So like, of course, the the data itself lives in Newtonix files wherever you run the cluster. Right? Of course, on Prem in its integrity data center in a Colo

99
00:16:46.540 –> 00:16:54.370
Jirah Cox: you know, across the street, in the cloud anywhere. And then data lens is the sas component of that right? So you have monitoring

100
00:16:54.640 –> 00:17:15.950
Jirah Cox: embedded in the file server. You have analytics about that running as a sas service. So that’s the the the always seeing. I never sleeping. Observability of that data, saying what looks normal here, what looks irregular here.

101
00:17:15.980 –> 00:17:26.470
Philip Sellers: you, you talk about this fence and depth, you know each one of these layers has its own perspective, too. We need to have a perspective from the endpoint. We need to have a perspective from

102
00:17:26.470 –> 00:17:49.339
Philip Sellers: the file servers itself. We need to have a perspective from the backups. Each one of those has benefits to be able to monitor, you know, from the endpoint we get to see where something, maybe trying to talk, and what targets and things, you know. So again. If you talk about defense and depth, think about the different perspectives that you need to give you good visibility.

103
00:17:49.350 –> 00:17:50.100
Andy Whiteside: Yep.

104
00:17:50.550 –> 00:18:10.930
Andy Whiteside: So it the next part of the blog talks about what’s new today. And I’m just gonna run through these and we’ll break them down. Threat, containment window, one click, recovery permissions and risk visualization and object support. Java. The first one says preemptively, detect and block attacks. Yeah, so this is pretty cool. Now, sort of stating the

105
00:18:10.930 –> 00:18:20.730
Jirah Cox: the the sla we call. We used to hear the window right? Like, how frequently, how quickly can data lens the the monitoring Sas service

106
00:18:20.750 –> 00:18:26.050
Jirah Cox: catch something going on in the environment, right? So now, we’re actually coming out and saying, that’s 20 min now

107
00:18:26.210 –> 00:18:40.079
Jirah Cox: for data lens catching and really actually be able to respond to as well. That action right? So it uses lots of kind of stuff can do here. Right? Uses signatures like signatures on the files itself.

108
00:18:40.090 –> 00:18:57.740
Jirah Cox: but also like user behaviors. Right? So like, IP, user connectivity details, file activity. And then we say also, like behavioral detection markers, right? So we can kind of fingerprint what looks like a regular usage of the file server. What looks like, you know, automated bad guys kind of like, you know, ransomware, malware kind of stuff.

109
00:18:58.110 –> 00:18:58.790
Yep.

110
00:18:59.150 –> 00:19:08.780
Andy Whiteside: quick question for you, Jay. Right? And I should know this. But is data lens? Is that something you guys acquired or something you developed in house. That one is totally developed in house. That was a net new

111
00:19:08.800 –> 00:19:16.259
Andy Whiteside: non acquired Sas service. Yeah, that’s awesome. Philip. Thoughts on preemptively detecting the block attacks.

112
00:19:16.500 –> 00:19:23.989
Philip Sellers: Well, what I like about this is is that as it detects, it’s also helping us with that snapshot like

113
00:19:24.010 –> 00:19:33.960
Philip Sellers: that. It’s it’s giving us an extra safety net. You know, something anomalistic happened. It’s reacting faster than a human can. And so

114
00:19:34.160 –> 00:19:47.070
Philip Sellers: that that’s something we can’t compete with. And so having that one click restore which we’ll talk about next. But I mean, that response is is huge. I mean, we we can’t replicate that in human.

115
00:19:48.110 –> 00:19:56.850
Andy Whiteside: Yeah, I I guess this will make sense. I was talking to by the day about how to teach someone to drive a manual transmission car, and their response was, no matter what happens if something doesn’t seem right pushing the clutch.

116
00:19:57.200 –> 00:20:01.230
Andy Whiteside: I like, you know, that’s that’s probably accurate. So in this case, if something doesn’t seem right.

117
00:20:01.910 –> 00:20:04.259
Andy Whiteside: start the snapshot. Is that what we’re talking about here?

118
00:20:04.900 –> 00:20:11.009
Jirah Cox:  how about? Automated Clutch pushing in on a schedule?

119
00:20:11.200 –> 00:20:23.260
Jirah Cox: The analogy breaks down. But no, the not not take a snapshot, but more like the snapshots are always occurring right? So therefore, this is that ability to say, whenever you notice something go going wrong, the clutches already been pushed in

120
00:20:23.280 –> 00:20:27.319
Jirah Cox: roll back to that snapshot. The analogy really gets problematic.

121
00:20:27.330 –> 00:20:28.860
Jirah Cox: but I’m agreeing with you.

122
00:20:28.870 –> 00:20:32.110
Andy Whiteside: Yeah, Harvey, any comments on the concept here in general?

123
00:20:32.800 –> 00:20:34.440
Harvey Green III: Yeah, this this is

124
00:20:34.760 –> 00:20:53.279
Harvey Green III: when it when the product went from a security monitor to actual security guard before it would just tell you, hey, there’s a problem, and then depend on you to go take actions. Now it is taking action for you and giving you options which you know I always like.

125
00:20:53.800 –> 00:21:04.629
Jirah Cox: The cool thing is Harvey, I can, I can think back to you. And I Podcasting about this basically day. It was announced at next. And now, like less than 6 months later. Here it is fully Ga for our customers.

126
00:21:21.640 –> 00:21:37.129
Jirah Cox: The one code recovery talks about. Since we have these snapshots that we’re taking all the time we can take snapshots at like lots of levels we can do in guest, right in file system snapshots of the files themselves. We can also snapshot the entire file server at the Aos level and do phone stuff with that.

127
00:21:37.740 –> 00:21:43.629
Jirah Cox: But this ability to say, Hey, here’s a share that’s had some level of infection activity on it.

128
00:21:43.670 –> 00:21:50.639
Jirah Cox: Roll that whole share back to a known good point in time gets all of our end users back up and running faster.

129
00:21:50.920 –> 00:21:54.219
Andy Whiteside: Right? Phillip, you, okay with faster.

130
00:21:55.190 –> 00:22:07.769
Philip Sellers: Yeah, I mean, that’s just name of the game. I mean, I can’t any. I can’t think of any customers gonna come to us and go. I want slower. It’s all about faster, faster. So yeah, I mean.

131
00:22:07.950 –> 00:22:22.869
Philip Sellers: sure, you know, we when we redid our Dr at my last organization, we call the process the big red button kind of like the staples. Easy button, right? And that’s what I think of here. One click recovery is that easy button

132
00:22:23.100 –> 00:22:24.350
Jirah Cox: cause I can think of.

133
00:22:24.390 –> 00:22:31.290
Jirah Cox: You know there’s certainly the threat to the business of like the data staying encrypted. Right? That’s clearly, obviously, that’s the big threat of ransomware.

134
00:22:31.420 –> 00:22:44.140
Jirah Cox: But I can picture a lot of customers actually would say, the most painful over the process of restoring. Right? It’s getting back to online state. Even if we don’t pay the ransom. Don’t get that file decrypted, even just using the backups we had

135
00:22:44.920 –> 00:22:49.939
Jirah Cox: is too painful for the business to to accept, as is status quo.

136
00:22:50.520 –> 00:22:51.280
Andy Whiteside: Well.

137
00:22:51.690 –> 00:23:03.749
Philip Sellers: you know, having been through situations, downtime situations not necessarily ransomware situations in the past, you know there is that very real business conversation of

138
00:23:03.990 –> 00:23:18.800
Philip Sellers: do we do A or B. You know, what is more acceptable to the business. And you’re right getting back up online sometimes trumps, you know, getting a hundred percent of the data back. And

139
00:23:19.130 –> 00:23:31.669
Philip Sellers: you know it mitigates a lot of times the the badness of a ransomware event. But you know, I mean in the just in this week. You know, we we have news of

140
00:23:31.870 –> 00:23:45.989
Philip Sellers: multiple things going on and and major corporations, and you know the size of the payouts being requested or just increasing to. So I mean this, this is huge, just to be able to get back into business because

141
00:23:46.100 –> 00:23:51.120
Philip Sellers: the other side of it is not just the ransom, your lost revenue, the lost

142
00:23:51.280 –> 00:23:54.820
Philip Sellers: business that you could have been doing during that same time period.

143
00:23:55.620 –> 00:24:16.790
Jirah Cox: III scroll past it pretty fast. I saw a report that was listing like, where in the Us. Is it even for our Us. Audience? Where in the Us. Is it even legal to pay a ransom for ransomware. It’s actually like most states, it’s actually federally illegal like, you’re not allowed to right. Because, of course, if you are allowed to that, just simply rewards the attacker and makes them go find some other victim

144
00:24:18.370 –> 00:24:19.440
Harvey Green III: agreed.

145
00:24:19.620 –> 00:24:25.020
Harvey Green III: Yeah, this this one click is the the difference between having to

146
00:24:25.100 –> 00:24:31.510
Harvey Green III: basically stop the world and bring all your it people in and try to recover things versus.

147
00:24:31.530 –> 00:24:37.049
Harvey Green III: Hey? Just everybody. Sit still, and I’ll touch anything for a couple minutes, and you’ll have everything back.

148
00:24:37.190 –> 00:24:42.219
Andy Whiteside: Obviously, the second situation is way better than the personal.

149
00:24:43.020 –> 00:24:44.999
Philip Sellers: And I mean, realistically.

150
00:24:45.960 –> 00:24:58.940
Philip Sellers: I’ve heard of is issues and incidents where this is great, but we also have to make sure that there’s not more. and that we’re not still susceptible. So it still makes take time to do forensics.

151
00:24:59.090 –> 00:25:13.049
Philip Sellers: but just restoring. I mean, that could be multiple weeks work effort depending on your backup strategy depending on what you have available to you. So I mean, this is a huge accelerator.

152
00:25:13.210 –> 00:25:20.240
Philip Sellers: Because of how Newtonics files is integrated into their overall solution.

153
00:25:20.830 –> 00:25:27.290
Harvey Green III: Yeah, to that point. There’s there’s always the question of when something like this happens of, Okay.

154
00:25:27.980 –> 00:25:32.540
Harvey Green III: now, I’m going to start recovering. What data can I trust?

155
00:25:32.570 –> 00:25:36.849
Harvey Green III: Right? What is available for me to go back to

156
00:25:36.860 –> 00:25:45.669
Harvey Green III: that I know is a known good and having an option like this that has a mutability built into it

157
00:25:45.700 –> 00:25:49.169
Harvey Green III: that gives you a very, very good.

158
00:25:49.180 –> 00:25:51.359
Harvey Green III: These these are things I can trust.

159
00:25:51.480 –> 00:26:05.530
Harvey Green III:  once you figure out when the issue started. You can go back to when you know it wasn’t present. And then, you know, because it was never written to since the first time it was written.

160
00:26:05.550 –> 00:26:09.329
Harvey Green III: that it’s a good backup. It’s something you can definitely use

161
00:26:09.750 –> 00:26:20.359
Philip Sellers: when that’s where that perspective comes in. You have that extra perspective to to feel good about these things, because you now have data that you can trust that

162
00:26:20.580 –> 00:26:26.319
Philip Sellers: is, visibility, view otherwise would not have had. For your unstructured data.

163
00:26:26.500 –> 00:26:27.650
Harvey Green III: absolutely.

164
00:26:27.760 –> 00:26:36.490
Andy Whiteside: And and guys, the quote here is from Haiku. That means third party companies like Haiku can take advantage of this technology and and improve upon it

165
00:26:38.050 –> 00:26:45.950
Jirah Cox: 100 even without direct, like actual like coding and api integration like that, like Sabaya, who is fantastic.

166
00:26:45.970 –> 00:26:51.170
Jirah Cox: grant Guy, over at IQ. Vp of products. You know, saying like this

167
00:26:51.310 –> 00:26:56.200
Jirah Cox: exactly fits in super well into a layer production strategy right like. If you can’t recover from snapshot

168
00:26:56.230 –> 00:27:09.700
Jirah Cox: fantastic when you can’t go from snapshot. That’s when we have a backup and nobody would say, have just one or the other? Right? The answer is both and and lot, probably lots of both. So so yeah, it’s 100 collaborative there

169
00:27:10.080 –> 00:27:11.890
Andy Whiteside: a lot of immutable stuff?

170
00:27:13.510 –> 00:27:17.470
Andy Whiteside: Next one, it says, permissions and risk visualization.

171
00:27:19.400 –> 00:27:22.120
Jirah Cox: Yeah. So I think I think a lot of us understand that, like

172
00:27:22.760 –> 00:27:37.069
Jirah Cox: commonly attacks that occur are often exacerbated right by overly permissive file structures. Right? If if someone can get something and has like right access to something. Then that’s something else that can get attacked. And it’s it’s at

173
00:27:37.210 –> 00:27:44.259
Jirah Cox: at risk there. Right? So of course, we’ve probably all heard the the industry buzz words around, please privilege and audit your

174
00:27:44.310 –> 00:27:59.520
Jirah Cox: Your file shares to what users can see. We’re now making that a little bit easier. Right? So within the console we can now identify. Hey? These shares might be flagged as overly permissive right? How many folders in here have open access? How many folders have full control,

175
00:27:59.530 –> 00:28:04.359
Jirah Cox: and even the screenshot here has been showing like which

176
00:28:04.430 –> 00:28:19.779
Jirah Cox: which users can see what and do, what to what shares and what what sections of data. So, using this, our customers can now easily find what’s low hanging fruit that I need to go. What what doors in the wall do I need to go close and lock right? That didn’t need to be open. In the first place.

177
00:28:23.470 –> 00:28:25.579
Andy Whiteside: Philip. Thoughts here. Oh.

178
00:28:26.580 –> 00:28:38.369
Harvey Green III: I was, gonna say, this, this is this is the lens and data lens. This is when you actually get to see things that you would have had no other good way of seeing

179
00:28:38.540 –> 00:28:42.900
Harvey Green III: and the fact that they have it set up in this way. That

180
00:28:42.910 –> 00:29:07.180
Harvey Green III: is also, you know, easy to see visually pleasing, and gives you risk scores and places to go. Look, hey! This this might look a little different than what you know what you’re used to, or hey? You might want to pay attention to this like, Hey, that gives a lot of value in a in a very small package here. Yeah, here’s what I see, confirm. This is intentional.

181
00:29:07.320 –> 00:29:26.900
Philip Sellers: Well, and I’ll I’ll actually take it a slightly different direction with that story. You know, a few years ago, working for an organization that decided to turn on sharepoint universal search and pointed it at file shares and because they were overly permissive. Well.

182
00:29:26.910 –> 00:29:39.449
Philip Sellers: lots of data was getting surfaced in search. And so, yeah, this is a real concern. I mean that overly permissive is not just a security risk. It’s also, you know.

183
00:29:39.940 –> 00:29:58.170
Philip Sellers: As we move forward with new technologies, it can also become a a discovery risk within your organization where you know, there may be any, any rule on a file share, and who knows what someone’s put in there? I mean, any kind of confidential information could end up on that share. So

184
00:29:58.330 –> 00:30:00.440
Philip Sellers: you know, as a user.

185
00:30:00.670 –> 00:30:08.070
Philip Sellers: they tend to gravitate to whatever’s easiest. And so I’ve seen organizations where they create shares that are tailored, and then

186
00:30:08.140 –> 00:30:22.249
Philip Sellers: they get tired of using those tailored ones, because well, I need to share this file from this share to another team who doesn’t have permission. So I’m just gonna put it in the all company share where everybody has access to it, even when that’s not the appropriate

187
00:30:22.370 –> 00:30:33.979
Philip Sellers: level of access for the data. So I love that part of this from the risk visualization standpoint helping us point out, you know. where do we have those problems? And

188
00:30:34.820 –> 00:30:37.830
Philip Sellers: for me, it’s a huge reason why migrate?

189
00:30:38.320 –> 00:30:42.070
Your file share your instructure data onto Newtonics files.

190
00:30:42.430 –> 00:30:45.009
Andy Whiteside: Yeah, yeah, II hear any any.

191
00:30:45.170 –> 00:30:58.189
Philip Sellers: And it still makes me cringe. Yeah, for those who who couldn’t see Harvey Space. He kinda looked like from home alone, with his hands and his face in between.

192
00:30:58.190 –> 00:31:15.729
Harvey Green III: Oh, my gosh! I’m sure it was like put in there just for troubleshooting. It’s just temporary, it won’t. That won’t stick around Number 4 support for in us

193
00:31:16.460 –> 00:31:22.910
Jirah Cox: object storage in us. So Newtonics unified storage is sort of the the new

194
00:31:23.210 –> 00:31:25.690
Jirah Cox: family portfolio, right of both.

195
00:31:25.760 –> 00:31:35.159
Jirah Cox: You know. Smb, nfs objects s. 3. And then also, of course, ice cuz he block storage, right? So we call all that kind of our unified storage portfolio.

196
00:31:35.170 –> 00:31:38.250
Jirah Cox: Story for your application, no matter how you’re

197
00:31:38.370 –> 00:32:08.139
Jirah Cox: go ahead totally right. Storage for your application, no matter how your application wants to consume it right across across any of those 4 protocols. So within the nest family. Right? Then, we have specific products, right? Like files and objects and volumes depending. What protocol you’ve got. So that’s that’s what? That is enough objects there. Andy. But yeah, so with this, right? Like some of the the great things we’ve had for years and files on the Smb and Nfs side of the house

198
00:32:08.490 –> 00:32:15.099
Jirah Cox: stuff like audit trails like, who has done what to this file or this directory and show me all of the user interactions or

199
00:32:15.200 –> 00:32:33.109
Jirah Cox: opposite, you know. Show me if I give you a user, what has that user done in the last day week? Couple of weeks? Very useful if someone you know you know, has access to sensitive data turns in their notice, like, Okay, great. Well, hey? Let me know what you’ve done. Let’s go. Look now, see, we’ve done our last 2 weeks what might be walking out the door with you.

200
00:32:33.480 –> 00:32:59.290
Jirah Cox: So these kind of activity, tracking and even anomaly identifications now come to objects as well. So this screenshot that we’re showing here talks about stuff like audit trails around what’s been done to a certain bucket bucket being akin to like an kind of folder, or even like uses trending right like, what’s growing? Where’s my data going? What are the consumers of a given type of like data store?

201
00:33:01.370 –> 00:33:03.040
Andy Whiteside: Fill up your thoughts.

202
00:33:05.020 –> 00:33:22.160
Philip Sellers: Yeah, I mean this, you know, certainly, data lens I feel like is golden on on the styles side of the house. But yeah, I mean growing use of object storage. I mean it. It’s coming up so often in in conversations with customers. And there’s really a A,

203
00:33:22.220 –> 00:33:33.609
Philip Sellers: you know, move towards object storage, not only from a backup perspective, but for a lot of different data types, a lot of different types of sharing and things. So the fact that we’ve got that

204
00:33:33.930 –> 00:33:39.769
Philip Sellers: understanding here. Natively, in dated lens is gonna be huge. II feel like this is

205
00:33:40.360 –> 00:33:51.289
Philip Sellers:  I don’t know. Preparing for the future. II called it that an earlier podcast today. So feel like this is one of those things that is preparing for the future.

206
00:33:51.640 –> 00:33:53.699
Andy Whiteside: Future can need lots of preparation.

207
00:33:54.610 –> 00:33:55.360
Harvey Green III: Okay.

208
00:33:55.720 –> 00:33:56.670
Andy Whiteside: Harvey.

209
00:33:57.780 –> 00:34:21.989
Harvey Green III: II would just like to point out that at the end of this article, it talks about how you can get started for a year free on data lens. So if you are a new tanks, unified storage, new tanics, files and tennis objects customer today. And you are not using data lens. Let’s fix that

210
00:34:22.139 –> 00:34:25.219
Jirah Cox: for free. You just go call this to action.

211
00:34:27.219 –> 00:34:39.810
Andy Whiteside: Well, and that’s how we end this every time. So neutanics makes it super easy to test. Drive this stuff and get engaged with the partner sales team the Nutan sales team and really just take it for test. Drive yourself.

212
00:34:39.850 –> 00:34:41.769
Andy Whiteside: So, Ira, I’m assuming you would recommend that

213
00:34:41.870 –> 00:35:00.359
Jirah Cox: 100. Yeah, it cause nice thing. Is it something to install? Right? If you’re already running files today on Prem, this is a Sas service you connect to it. There’s literally no, literally nothing to deploy right? So just turn it on. Get the value out of it. Get that inspection that that doesn’t sleep right, that watches what’s going on within the file server, you know.

214
00:35:01.370 –> 00:35:07.620
Andy Whiteside: Java, does this require prism central? Or can you do this without prism, central?

215
00:35:07.680 –> 00:35:13.699
Andy Whiteside: I don’t. It’s a good question. I don’t believe it requires PC. Inherently.

216
00:35:14.260 –> 00:35:18.209
Andy Whiteside: Jyra! Wrap us up. From your perspective on this topic.

217
00:35:18.750 –> 00:35:20.799
Jirah Cox: man, I just So

218
00:35:20.850 –> 00:35:45.049
Jirah Cox: between this role and my previous role, like, I’ve had one customer who’s been on file since the day one release right. And I should just check some of the phone home data. They’re still on files. 9 years later. And I just think like what? How, what a transformative amount of value we’ve put into that offering from 9 years ago. I’m not gonna say bare bones, minimum viable smb, file share offering.

219
00:35:45.200 –> 00:36:12.290
Jirah Cox: But you’d be justified in thinking of that 9 years ago to now what it is now, with dramatic performance, amazing availability. Super easy, powerful low latency. Dr. Replication right into it. And now, really going on the offense against ransomware as well helping make sure your data stays your data and stays online and available. I just think it’s it’s super cool stuff. I love you just coded all good offense. I mean, that’s that’s the only only answer here is to be on the offensive. And

220
00:36:12.290 –> 00:36:19.709
Andy Whiteside: yeah, put them on their heels. Bad guys are thinking about it. If you’re not, you’re kind of losing. Yeah, yeah, pretty much.

221
00:36:19.880 –> 00:36:25.250
Andy Whiteside: Yeah. And we have the tools today to kind of mitigate them to a large degree. Philip thoughts.

222
00:36:26.470 –> 00:36:28.489
Philip Sellers: you know, I think this is

223
00:36:28.790 –> 00:36:41.459
Philip Sellers: foundational technology. Now, II think, given the risk and the amount of risk you’re you’re probably gonna start seeing your cyber liability coverage starting to ask, What do you have watching?

224
00:36:41.630 –> 00:36:58.819
Philip Sellers: And so, you know again, this is an easy button for getting that information and getting that monitoring that we’d love to help you set up if you’re not using it today and getting this in place only helps. For when things like AI become mainstream.

225
00:36:59.600 –> 00:37:15.550
Philip Sellers: absolutely. I mean, you know, if if we look at this technology and look at others. Similar cloud based. And that’s where the Ml. And the AI datasets can really become powerful and helping pinpoint problems beforehand. I mean, we use it a lot and

226
00:37:15.550 –> 00:37:32.640
Philip Sellers: hardware anomaly detection and support proactive support programs. I can see this continuing to to provide value as as more and more things get developed on the platform to to help you identify the problems before you know their problems.

227
00:37:33.430 –> 00:37:35.810
Andy Whiteside: Yeah, Harvey, your thoughts wrapping this up.

228
00:37:36.580 –> 00:37:40.470
Harvey Green III: Yeah, I mean, ultimately, II kinda go back to

229
00:37:40.600 –> 00:37:45.899
Harvey Green III: what I just said a few minutes ago. Like, if if you are a Nutanax files customer and the Santa Claus.

230
00:37:46.190 –> 00:37:52.310
Harvey Green III: I’m just customer not using us. Let’s fix that. If you’re a lieutenant’s customer, you’re not using unified storage.

231
00:37:52.350 –> 00:37:56.739
Harvey Green III: Let’s fix that. I don’t know anybody in it today

232
00:37:57.450 –> 00:38:03.470
Harvey Green III: who would say, No, I don’t want something looking to protect me from ransomware. That’s crazy talk.

233
00:38:03.630 –> 00:38:13.269
Harvey Green III: Alright. That’s just not the way things should be today. Well, and as we talked about here, it’s something helping me protect me against ransomware at all the different layers

234
00:38:13.350 –> 00:38:18.550
Andy Whiteside: and the new tanks platform has a couple of pieces of that, just if you just implement the platform.

235
00:38:19.430 –> 00:38:20.590
Absolutely.

236
00:38:21.240 –> 00:38:36.909
Andy Whiteside: Well, gentlemen, thank you for the time and helping me with the context, I appreciate it as always, and look forward to doing this again. What? In 2 weeks? Hey, Gyre! You know what you mentioned your new role a minute ago, and what? What? I’ve stopped asking you in the beginning of the podcast what your current role is, what is that new role?

237
00:38:38.240 –> 00:39:02.479
Jirah Cox: Does that mention? I’m a new role. Oh, I just oh, I see, I’m sorry about yeah having customers. So in my current role. So I just get to have conversations like these now across the country, right? So I cover, I mean, enroll that covers the Americas, helping customers. Understand the portfolio. What can we do for them solve problems. And even architecturally, like, you know, get to designs. But how do we do this at scale for customers in very, very large environments.

238
00:39:02.510 –> 00:39:07.270
Andy Whiteside: No, that’s awesome. Alright guys, thank you for the time, and we’ll pick it up again next time.

239
00:39:08.650 –> 00:39:09.930
Absolutely. Thanks.