As any CIO knows, a data management architecture is essential to caring for one of the organization’s most valuable assets: data. Data management sounds simple but it’s not. Backup and recovery, disaster recovery, data retention, governance and e-discovery are all parts of any effective data protection strategy.
As businesses move and grow their presence in the cloud, the same capabilities apply in this very dynamic and elastic environment.
Recently, Druva received another investment round of $130 million led by Viking Global. Mike Palmer, CPO at Druva, joins us on this episode of DevOps Chat where we talk about Druva’s planned use of those funds and Druva’s approach to providing a SaaS-based data protection platform.
As usual, the streaming audio is immediately below, followed by the transcript of our conversation.
Mitch Ashley: Hi, everyone. This is Mitch Ashley with DevOps.com, and you’re listening to another DevOps Chat podcast. Today, I’m joined by Mike Palmer, chief product officer at Druva. Our topic today is how data protection is in your future as you move to the cloud. Mike, welcome to DevOps Chat.
Mike Palmer: Thank you, Mitch. I have been looking forward to this conversation with you.
Ashley: Me, too. Glad we’re together online and talking about data protection. Would you first start, though, just let’s introduce yourself, tell us a little bit about what you do as chief product officer and tell us a little bit about Druva.
Palmer: Well, as you say, running product is my primary job as chief product officer, as you would imagine. I run engineering and pricing and strategy for the company. And Druva is an amazing organization, one that I came to around about a year ago, coming from various positions in the industry, watching the evolution of both storage as well as data protection software and how it’s been evolving in a world of public cloud adoption.
Druva is the first and only SaaS player in the data protection space, which made it super intriguing for me because, as we look at enterprises and how they adopt SaaS, whether that’s been from CRM to ERP to collaboration platforms, what stood out as the next big wave of SaaS adoption was, in fact, data protection. So, we’re focused on that space and growing rapidly.
Ashley: You guys are doing real well. As a matter of fact, I know a little bit of old news here, about 30 days, but you had a $130 million investment. I think Viking Global led that for you—congratulations, by the way. That’s awesome.
Palmer: Thank you very much. I don’t think $130 million ever feels old.
Palmer: But it was a great validation of the strategy and Viking is a tremendous investor. Folks in the industry know kinda their origins dating back a couple of decades and we were glad to have them aboard. They were a great partner in talking through the evolution both of our business as well as the industry over the next, what we consider to be, kind of 5 to 10 years and they saw what we saw, you know, which was kind of a relentless pace of adoption in cloud and cloud storage, the desire for enterprises to find ways to simplify their current environments and move technical skills from some of the legacy areas like data protection into some of the more advanced ones or next generation ones like machine learning and analytics, and we stood at the intersection of these trends, and they got on board with us and have been a great partner.
Ashley: Clearly see a good future for you. Let’s talk about—so, this 130 million and the other investments that you’ve had, they didn’t give that to you to put it in the bank, they want you to put it to work. So, what does the future of Druva look like as you start to invest those kinds of funds?
Palmer: Yeah, it’s a great discussion, because we are competing, frankly, on a few different _______ looking forward. You know, number one and the basic one is, how do we drive the best possible TCO for enterprises who have increasing amounts of data to manage, increasing amounts of risk and liability related to the regulatory environment surrounding that data. How do we expand the applications and the workload coverage for them as they support current apps, but also the ones that they’re adopting in the native cloud?
And then, as we look a little bit forward, as I was told by an investor, you know, this is either a good investment or a great investment and it’s gonna hinge around how we can expand the data protection definition into one in which customers get more value from that copied and stored data. If we can find ways to help them use that data and extend it into the ecosystem, get better visibility into it, it will effectively not only change the architecture, but we will have changed the entire value proposition, and that’s what we’re shooting for.
Ashley: Now, you’re operating in AWS in an elastic environment, you know, storage is right there, you want some more, you just grab it, use it. I would imagine that’s very easy to get out of control proliferation. You need some data management capabilities around what you have as well as the whole process of backing up data, restoring, recovering, making sure you’re not losing information—all of that.
What are some of the key things that are different about operating in a cloud environment versus maybe a traditional on premise data center?
Palmer: Great question, and let me start by giving us some background statistics to frame up how big this challenge is and the opportunity is. You know, the thing that we keep most in mind is, if you look at Amazon’s five year Kager of cloud storage pricing, it’s negative 60%.
Ashley: Hmm. Going down.
Palmer: In a world like that—it’s going down and if you talk to Amazon, they will say that that is the path that they will continue on over the next five years, enough to challenge customers with, “Tell me, when you buy an appliance today, how much cheaper is it gonna be next year or the year after or the after?” It’s likely it’s gonna be the same, so they’ll lose out on the innovation in the industry, even just around the ability to create better price and performance. ESC did a very nice survey and asked CIOs in their premises data centers what were the top five opportunities for cost efficiency? And number one on that list was storage management.
Palmer: You know, enterprises are dealing with this long history, and you had talked earlier about your history as a CIO. All CIOs deal with generations of proliferation of storage vendors as well as the hardware itself, the incompatibility, and just even the ability to track it, tough challenges, and the third stat, which is the one that I find most interesting because it indicates the tipping point is, in 2021, so just about a year and a half from now, we’ll see the crossover point where there are more dollars spent in cloud storage than premises storage. So, this will be the point at which companies can effectively be viewed as cloud first from a storage point of view to the point where they’ll have to defend [Audio skip]. And in that world, your first question about what do we have to help them with—we have to help them realize the promise of those savings.
You made a good point—it can easily get out of control, especially where you have very distributed teams who are building applications and taking advantage of that infrastructure in a more decentralized way. We have to help them manage the tiering, we have to help them manage the data classification, we have to help them manage not just the cost side, but give them advice on performance. Much of this can be automated through machine learning. So, we’re gonna give them a new model for what old terminology like ILM or information life cycle management or HSM or hierarchical storage management, we’re gonna turn that, really, into a background automation process and let them focus on what matters, which is, do I have the right policy, can I leverage this data for other uses, and can I do that without special skills?
Ashley: Well, you know, you bring up some really good points and that is, it’s one thing for a startup or someone who’s building a Cloud Native application as a young company or maybe a one-off kind of application. Enterprises look for environments that are gonna de-risk or things that are gonna de-risk their move to the cloud. And I would imagine having a structure that it’s at least familiar so you have not only data protection and data management, but you’ve got governance and things like that. You’re able to do some forensics, predictive analysis things like that. The kind of functionality that they’re used to having on prem, but maybe in a cloud environment or possibly even a hybrid model.
Palmer: I think—yeah, you nailed it. And one of the words that I used frequently is convergence. You know, one of the benefits of cloud is that because you’re provided with all of the substrate, you’re provided with compute, you’re provided with storage and networking and policy and all kinds of things surrounding you that the job of a company like Druva and even the job of enterprise developers is just to focus on the application logic.
And what that means in our space is, as you mentioned, you have a lot of surround in your data center. Customers that, in my former world, they would buy a product for backup, they would buy a product for disaster recovery, they’d have an e-discovery product, they’d have an archived product, they’d buy a data classification product.
Ashley: Been there, done that. [Laughter] Been there on all those.
Palmer: Painful, right? You know, and all you see is your costs going up and complexity going up and different skill sets and your training and conferences to go to and it’s slowing you down, right? And when you look at Druva in a single platform, we simply consider those ancillary value propositions like e-discovery or data classification as on demand, callable apps.
Palmer: So, when you back up with us, you simply tack on the DR service, you simply tack on the data classification. You have a work flow for legal hold. And by the way, you pay for this on demand, you don’t have to pre-pay capacity licenses, you don’t have to pre-pay storage.
Palmer: So, you have a world in which not only do we replace your current apps, but we have a world in which, as customers come to us and we release new capabilities every other week, that they can put something on a roadmap and see a functional working application in weeks and months over their existing data set, paid for only when they use it. You know, and this is revolutionary for most CIOs.
Ashley: Usually you have to buy the amount of storage you think is sort of your top capacity and use it as you go and then potentially upgrade where, of course, in the cloud, it’s elastic, it’s fungible. We can change, add more as we need it.
Palmer: And of course, you have to do the same with your software licenses, you have to then integrate those products, you have to find space in your collocation facility. You know, when you really analyze how much cost and effort it is to adopt a new piece of software or a piece of hardware, it’s far beyond the obvious.
And not to mention, by the way—and this is a stat that I quote to a lot of people. It has been in my experience that, when a software vendor releases a new version of a product, it can be 12 to 18 months before even half the install base adopt that version. So, if agility and speed matter to you as a business in adopting capabilities, you have to take risk and wait a long time before you get a capability, whereas in SaaS, you get it on demand with no effort—again, completely changes the model.
Ashley: I mentioned hybrid earlier, something we haven’t talked about yet. Most enterprises can’t lift and shift everything into the cloud. As a matter of fact, they may not want to. They may want to keep some hybrid either multi-cloud or on premise. Is that an area that you can readily address with them?
Palmer: Yes, and thanks for asking that, because one of the difficulties in being unique in your space is just explaining your model in the first place. And from a SaaS point of view, while our application architecture is Cloud Native, we service customers in their premises data centers and into the public cloud, including their SaaS providers as well.
So, what that means is, as you said, you know, if you have a customer that has—and most are within this category—have a data center where they have workloads where their recovery times are perfectly fine to take advantage of all of those benefits I mentioned earlier in the cloud, we help move them to the cloud and manage and restore and so forth for them to their local premises facility. However, if there is an application that has an RPO or a recovery point or a recovery time objective that requires it to be within the data center, we also kind of provide them with a virtual appliance that solves that problems as well.
And then, as they build native cloud applications and, for example, Amazon, AWS, or they adopt Office 365 or Salesforce, we also help data protection and classification, both natively in Amazon as well as with SaaS providers as well. So, we really are in them with their current architecture. We’re also with them in their future architecture.
Ashley: Yeah, that’s the key to transition, I think. Again, I mentioned earlier about de-risking and part of that is familiarity as well as giving me a path to get where I want to go, and I may not fully go to the cloud, right? I may always have to have something, as you mentioned, because of RTO or RPO requirements to be on prem.
Palmer: That’s right.
Ashley: Tell us a little bit about some of your, some of the capabilities that are just kinda native with the product that, you know, what does it take to get started using Druva? Can I just plunk down the credit card and, like Amazon, I’ve got all of it available to me, or is there a set of planning processes that are helpful to go through to properly architect a data protection architecture like this?
Palmer: Oh, and we love this question, because again, coming from the industry where the idea of even doing a POC is a very complicated process of governance rules and software installation and finding hardware and disk capacity. With Druva, you literally sign up on the online platform. We give you access to the agent type that you’re looking for, so let’s use VMware as an example. You can download a proxy, provide it your credentials, put a policy in, do all of this within about 10 to 15 minutes and you can initiate your first backup.
And you can do this and we have tested this over and over without having specialist backup administrator skills, which means you can also start delegating privileges to application teams and such where you as an administrator have the ability to enforce and create overall policy. So, now you have a world where your most mundane, everyday tasks are made so simple that you can delegate them to your customers, your customers from an IT provider point of view—which increases their satisfaction, because they can do these things on demand, and they free up your time to do more important things.
Ashley: That’s awesome. I was breaking out in a cold sweat as I was asking that question. Having done this at multiple companies, it is not a fun process to stitch it all together with different products and really have to architect it properly because you have to worry about things like how are you gonna monitor compliance. You mentioned e-discovery. Now, we have things like GDPR compliance as well as our own internal processes about data retention and making sure we’re protecting ourselves against ransomware, things like that.
Palmer: And we deal with some of the largest companies in the world, and one particular use case we saw super well is on the end point side where customers are dealing with either legal situations or they’re concerned about end user behaviors and what they’re doing with data. So, we not only provide them the ability to protect devices, but we also provide them with ideas about what’s going on with the data, and then certainly with workflows as you mentioned to go and pull that data aside or do a hold where they need to—again, this is all just workflow in an interface. It’s not trying to get one product to work with another product or making sure that versions are upgraded or compatible or patched sufficiently. We take care of all of that.
Ashley: Mm-hmm. As I’m kind of peeling the onion here remembering things that you have to address with a data management approach, you know, you have to deal with things—you mentioned tiered storage earlier. Does de-duping apply in a cloud environment? Does caching apply in a cloud environment? Are those things that you also address?
Palmer: All of the above. So—and you asked a very good question earlier. If I’m a customer adopting the cloud, where are some of my risk areas or things that aren’t provided to me? And one of those examples is de-duplication. So, if I’m going to adopt S3 or I’m going to move data into Glacier, how am I gonna do that efficiently in a world where I’m potentially coming from a de-duplication position on premises, I’m gonna lose that in the cloud.
With Druva, we de-duplicate that data for you, so we are minimizing your cloud storage footprint. And once we’ve done that, we’re also taking care of the tiering into whether it’s S3IA or Glacier or Glacier Deep Archive, we’re not only replacing your HSM strategy, we’re doing that, as I said earlier, in an automated way.
Ashley: Mm-hmm. What’s nice, too, is—again, I’m kinda having the negative flashbacks here. The old process of which are tier one, how much in memory storage are you gonna have at your first tier of storage, how much are you gonna have at this speed, how much are you gonna have at your third tier of speed. With the different services that Amazon provides, that’s what you’re bringing together in one collection in a full data management architecture so you can, of course, dynamically allocate any of those as you need them, but that’s what you’re tying into is those services as well as what you provide.
Palmer: Capacity planning is a non-issue in a cloud and SaaS world. Of course, we will work with you where, as you mentioned earlier, where you have RPOs and RTOs on site where you know that the use case doesn’t apply to a remote data center. We’ll work with you with a virtual appliance. We also have customers that will always want a land speed restore, but they’re increasingly collocating in places like Equinix, for example, where they can cross connect into the cloud provider.
So, even where you have requirements that look like data center requirements, it’s almost as if your data center is moving into clouds in certain collocation facilities where you can take advantage of SaaS even without the virtual appliance.
Ashley: What do you feel like is the biggest pain point that you address for customers? Obviously, they have needs, functionality, capabilities—all of that kinda thing. But when someone comes knocking on your website and says, “I think I need this,” what is most commonly the biggest problem that they’re trying to address?
Palmer: There are two problems, but the compelling events are different. So, the two problems we’re solving for them are cost. They look into the future and they realize their costs are going up, not down, and cloud can help solve that problem.
And the second one is complexity. They don’t want to have to hire more storage administrators or backup administrators, track different vendors. They don’t have to do hardware refreshes. They don’t want to have siloed systems. These are problems that are all solved with SaaS provides like Druva and the public cloud. So, those are the core problems.
The compelling events, on the other hand, can be very different. We have Fortune 100 companies that have data centers all over the world, and their cloud journey can include moving the satellite facilities to the cloud today and increasingly looking at cloud and the core data centers tomorrow. So, they have a more data center migration consolidation use case.
We have others that have remote offices or field facilities where supporting an appliance is expensive if not impossible because they don’t have the staff. So, it’s refreshes and getting equipment out of facilities is the second one.
Ashley: Mm-hmm, mm-hmm.
Palmer: We have customers that come to us because of ransomware, where we offer an air gap solution where the only alternative on premises was tape. So, we give them the same security via encryption and have an air gap solution to their primary network that no one else can. So, they’re adopting the cloud with the safety of tape.
And then, of course, your basic use cases of backup and disaster recovery, where customers want not just to be able to restore data but move an application, have the full orchestration capability, and instantiate that without the additional costs of owning their own architecture or frankly even managing their own cloud integrations.
So, we integrate a DR capability in our platform. So, customers come, they get native backup, they get native disaster recovery all in one interface without other products or other training. So, we have compelling events and we’re saving our customers 50% based on their existing legacy architecture and we have proven that a few different times via external experts as well as customers themselves and complexity and really taking all of the legacy mundane tasks and skills and making them obsolete.
Ashley: Well, Mike, I’d like to thank you for joining us. We’ve run out of time, here. I think we could talk another hour about data management [Laughter]—
Palmer: [Laughter] For sure.
Ashley: —share some war stories along the way, too. So, I’d like to thank you, Mike—Mike Palmer, chief product officer at Druva, for joining us.
Palmer: Mitch, thank you very much. It was a great time talking to you. Maybe we’ll do it again.
Ashley: That would be great. We’d love to hear an update as things kinda move forward and you spend some of that money. [Laughter] And I’d, of course, like to thank you—you, our listeners—for joining us today. This is Mitch Ashley with DevOps.com, and you’ve listened to another DevOps Chat podcast. Be careful out there.