Continuing on previous posts, we're recapping EMC's recent "Strategic Forum", held March 10th in Boston where Joe Tucci and Paul Maritz laid out both EMC's and VMware's strategy to large audience of financial and industry analysts.
Today, I thought I'd run through the combined topics of protection, intelligence and automation before getting into the more beefy cloud discussions that dominated the day.
Feedback from the event continues to be extremely positive from those who attended. In case you want to watch the whole event (long, but useful), you can see the recorded webcast here.
Thoughts On Protection
Joe spent his time on the "what's hot" topics, rather than present the entire spectrum of EMC's capabilities, which was not the goal.
If you're interested in more depth, I discussed the attractiveness of this integrated view a while back.
He pointed out that the move to continuous availability was inexorable -- there were more and more situations where information had to be continually available, hence the coined word "information continuity".
We'll see if this phrase catches on, or not.
And if information was stored on tape or other media, it couldn't be made instantly available if it was needed for some sort of recovery. The rapid cost declines associated with disk-based storage (very dramatic, once you factor in things like spin-down and dedupe) had rapdily accelerated this trend.
The other "hopt topic" he pointed out was associated with VMware. Virtualized environments are turning out to be far cheaper and easier to protect with business continuity, causing a pronounced spike in interest in many customers.
I can certainly validate that one from my own experience. Business continuity (and high availability of any sort) is an entirely new game in VMware environments - and customers are recognizing it.
Security Is Hot
One of the great untold stories of EMC and RSA is our IPV (identify protection and verification) capabilites, largely delivered as a SaaS offering. I was fortunate enough to spend the day yesterday with Mat Newfield and Ann Johnson (both with RSA) learning all about this amazing offering that's growing like wildfire.
More on that later in a subsequent post.
Rounding out the discussion, anything to do with DLP (data loss prevention) frameworks is hot right now, as are SIEM frameworks (security information event management) that capture, analyze, report and audit security measures (see recent major update on enVision).
The industry has pretty much settled on an acronym -- GRC, or governance, risk and compliance to describe how to think about various risks in an IT environment. When I have a chance, I'll share with you a nice framework model slide that shows (1) risks being assessed and determined, (2) governance policy being pushed down into various pieces of the landscape, and (3) compliance being measured upwards.
However, if you're a frequent reader of this blog, you'll remember that I thought that GRC might be too narrow in its charter -- risk mitigation is only one component of a broader discussion that includes creating value from information, as well as containing costs -- hence my personal preference for the phrase "information governance".
We'll see if that one catches on as well :-)
And, of course, VMware is now a key part of the security discussion. Why? We're gradually realizing that the very nature of virtualization and containerization creates a convenient "insertion point" for security and compliance monitoring and policy.
And *that* idea will definitely catch on going forward, if my crystal ball still serves me well.
Adding Intelligence To Information
Joe wasn't able to stretch out and explain the core concepts here as much as I would have liked, but there's only so much you can do in a finite time, so the bulk of this was in Mark Lewis' breakout session later in the day.
If you think about the "information layer" in any enterprise architecture, there's a clear need to manage it intelligently to create value, contain costs and avoid risks.
The abilty to classify information in context -- automatically -- will end up being huge. This needs to be coupled with powerful and sophisticated policy engines that help determine -- in real time -- what should be done with information.
And, like the broader security framework discussion, you can imagine these policies being pushed down into the applications and infrastucture (governance), automated policy enforcement (archiving, compliance, security, tiering, protection, etc.) and compliance information being driven upwards.
We don't think that this will start as a broad-based capability in the enterprise; rather, it will be driven by specific application domains within an enterprise -- email, records management, eDiscovery and other large, unstructured information domains that are subject to all three forces.
And, Of Course, Automation
More people are starting to recognize that the classic "stovepipe" model of IT management will be under increased pressure in the future. Not only is virtualization changing everything, but more focus is being put on higher-level frameworks and models that allow IT to be run as a service, rather than a collection of components.
EMC's Resource Management group (the Smarts and ControlCenter guys) have been busy with a string of acquisitions and enhancements that build out this next generation of orchestrated IT.
Joe didn't have a lot of time to get into the details, but -- coincidentally -- we had a product announcement on the same day that reflected just the latest chapter in the fast-moving evolution.
And We've Just Begun ...
So far, I've just been laying the framework for the big story to come ... and that's in the next few posts.
More to come!