Data Protection and AI Summit: Insights from Industry Experts
Sterling Wilson, Field Chief Technology Officer at Object First, joins Christophe Bertrand, Principal Analyst at SiliconANGLE and theCUBE, to explore cutting-edge solutions in data protection and cyber resiliency at the Data Protection and AI Summit.
In this insightful discussion, Wilson sheds light on Object First's innovative approach to on-premises storage solutions, emphasizing ransomware-proof technologies. With a rich background in serving Veeam users, the conversation addresses Object First’s origins and its commitment to providing the highest level of security while focusing on simplicity for Veeam architects and administrators. Video hosts from theCUBE Research further enhance the dialogue with valuable insights.
Throughout the session, key takeaways focus on the concept of "true immutability" and its role in thwarting ransomware attacks, as Wilson asserts. The intelligence behind Object First's solutions, particularly the Out-of-the-Box Immutability, enables organizations to secure their data efficiently. The discussion also highlights integration with Veeam through Smart Object Storage Application Programming Interface, offering users a resilient and reliable recovery solution, a vital component in the current landscape of evolving cyber threats and AI-fueled attacks.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
Data Protection & AI Summit. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For Data Protection & AI Summit
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for Data Protection & AI Summit.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
Data Protection & AI Summit. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to Data Protection & AI Summit
Please sign in with LinkedIn to continue to Data Protection & AI Summit. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Sterling Wilson, Object First
Exploring Data Protection Solutions at the Data Protection & AI Summit
Sterling Wilson, field Chief Technology Officer at Object First, shares insights on safeguarding artificial intelligence workloads at the Data Protection & AI Summit. Christophe Bertrand, principal analyst at theCUBE Research, hosts the discussion, examining how Object First’s solutions fortify AI data security and ensure trustworthiness.
In this session, Wilson discusses the critical components of AI data protection, emphasizing the importance of immutability and secure data handling. The conversation with Bertrand explores the tools and strategies required to safeguard AI infrastructures against potential cyber threats and ensure business resilience. Viewers gain insights into how Object First, in collaboration with Veeam, structures its approach to protecting AI workloads.
The video highlights the importance of understanding AI as both a potential risk and an asset in data management. Key takeaways include the emphasis on having a solid resilience plan, ensuring data trust through comprehensive security measures, and the necessity for IT professionals to evolve with the increasing convergence of data protection, AI, and security protocols, as discussed by Wilson and Bertrand.
In this interview from the Data Protection + AI Summit, Sterling Wilson, Field CTO at Object First, joins theCUBE Research’s Christophe Bertrand to reveal how Out of the Box Immutability (Ootbi) is reshaping backup strategies for the Veeam ecosystem. Wilson explains why true immutability needs zero access to root, S3 compliance mode and zero-delay writes so attackers cannot tamper with data even when privileged credentials are stolen.
The discussion explores Object First’s Smart Object Storage API collaboration with Veeam, capacity options that scale ...Read more
exploreKeep Exploring
What type of company is being described and who are its founders?add
What does Ootbi stand for and how does it relate to security features offered by Object First secure appliances?add
What is the role of the Smart Object Storage API in relation to Veeam?add
What are the different sizes available for the box and how does it integrate with Veeam to provide security and immutability for backups?add
>> Hello everyone, and welcome to the Data Protection and AI Summit. We have quite a bit to cover today, and I'm very, very pleased to welcome a new friend of the family here at theCUBE. Sterling, welcome, please introduce yourself.
Sterling Wilson
>> Thank you very much. Sterling Wilson, Field CTO with Object First, very happy to be here.
Christophe Bertrand
>> I love to have a field CTO here because you can talk about a lot of clients, a lot of experiences from the field. Object First, I wanted to have you here on the Summit because you are quite an interesting company with a well-known founder. Let's get started.
Sterling Wilson
>> Let's do it.
Christophe Bertrand
>> Sterling, can you tell me about Object First? Who are you? What's the history?
Sterling Wilson
>> Absolutely. Well, who we are is we are ransomware proof, on-premises storage purposefully built for Veeam Software. Now, you just said we are a very interesting company, and part of those reasons are our founders Ratmir Timashev and Andrei Baranov, this is their third startup, their second being Veeam Software. When they figured out what they were going to do with their next foray, it was really to double down and make sure that Veeam architectures, Veeam admins, Veeam users have the highest level of security today to protect their data and their backups from ransomware attacks.
Christophe Bertrand
>> And actually, there's a lot of technology at play here, so I'd like to double-click a little bit more on some of the fundamental differentiators that you bring to the table. Obviously, there's a lot of data to protect. You're targeting an interesting part of the market as well, being the Veeam install base, which really spans from smaller businesses to mid-market enterprise. Quite a lot of differences in how you approach data protection. So what makes Object First, and I love the name of the product, Ootbi.
Sterling Wilson
>> Ootbi.
Christophe Bertrand
>> That's the Ratmir thing, he has a knack for names.
Sterling Wilson
>> He really does.
Christophe Bertrand
>> So how does it differ from other solutions out there?
Sterling Wilson
>> Yeah, well, first of all, we love saying Ootbi. Ootbi stands for Out-of-the-Box Immutability, and that is what you get when you buy an Object First secure appliance. We really go to market with thinking, with the mantra that we wanted to bring a solution that was secure, which means for these architectures and these data sets today, we have to separate the ability for threat actors. Threat actors that come in that steal domain admin accounts, that steal the highest level of credentials and they go and directly for the backup software. We wanted to prevent that. We do that with zero access to root. We provide the security that is third-party tested that the Veeam users today need. We want to keep it, which really meant we understand that Veeam admins, Veeam architects, people that are making these architectures, they are educated and understand storage backups, how to protect their data, but they're not security experts. We wanted to provide them a best of breed solution that gives them the highest level of security without being a security expert. And finally, power when it comes to bringing your stuff back, basically remediating after some sort of an attack, the data that's closest to you is the fastest and best to bring back. We understand cloud architectures are not going away. In fact, they will continue to grow. We believe in them, but we want to provide a way when everything has gone down for you to get your data back the fastest way possible. Those are our three tenets, bringing the security, the simplicity, and the power that Veeam users need today.
Christophe Bertrand
>> Right. Let's double click on that because there's a lot to unpack here. So first of all, immutability. I think that's going to be the first topic. One of the things I can tell you for sure is from our research that we recently conducted here at theCUBE Research on cyber resiliency, when you ask people what they worry the most in terms of infrastructure being exposed, the first thing that comes up is the backup infrastructure itself. So you're really going straight for the throat here. Immutability means what exactly?
Sterling Wilson
>> I'm so glad you asked that, and you are right, what we found is that these attacks, they want to render you helpless. The very first thing they do is to take away the one thing you would use to recover. Of course, that's your backups. So when we talk about immutability and the very root sense of the term is the inability to change any facets of that data. But as we've learned, there are different flavors of immutability. We consider immutability, the true zero access immutability means when all secrets are known, when the bad guy has everything they can possibly have, they still cannot change your data. We call that true immutability, which zero access to root. So when you're thinking about immutability, make sure that there is no way for those facets to be changed.
Christophe Bertrand
>> Is that an extension of zero trust backup? When you think about some of the messaging, some of the actual capabilities you see maybe on the Veeam side of things are extending that in a way that is very unique.
Sterling Wilson
>> Yeah. One of the premises of Object First of course as well is the segmentation of the backup mover, the data mover and the backup storage itself. So making sure that, once again, if all secrets are known, somebody has taken that high level account and they go to that backup storage to either encrypt it, egressive data, anything even more nefarious, they're unable to do so. That to us is true immutability.
Christophe Bertrand
>> Okay. I think we've established what immutability is, and I'm sure it will continue being a discussion in the industry, but I think the idea is that what you want to do is you want to render the data essentially absolutely unchangeable regardless of the type of attack that comes in, whether it's an AI-fueled attack by some very smart cyber attackers, or you're protecting infrastructure, databases, lots of different workloads can be protected in the environment. What I'd like to do is maybe double-click now on what's behind the technology. What about object storage? What about some of the secret sauce that you use, and what about security more importantly?
Sterling Wilson
>> Yeah, absolutely. So when we talk about the true immutability or when we talk about the tenets of true immutability, one of those is absolutely S3 storage. The S3 object storage obviously brings immutability by design, it's an open protocol that allows you to do that, and it also allows you to do a governance mode or a compliance mode. Now, compliance mode is the mode to lean into here. It does not allow changes. And when I say that immutability can be seen in different ways, that governance mode and compliance mode is a very real piece of that, so we double down on that compliance mode as well, and we want to make sure we educate everyone when you're using these architectures with S3, that brings that natively as well.
Christophe Bertrand
>> Right, because not all immutability is born equal. This is very important because one of the things that's happening right now is we're seeing a resurgence or an emergence of very, very smart attackers. I mean, this is really about ransomware and other type of attacks, people trying to extract data from the environment, trying to modify the data. We see the beginning now the nascent AI infrastructure itself, creating data and potentially being subject to prompt injections and things like that. Can you guarantee that my data will not be affected?
Sterling Wilson
>> The only way to guarantee that is to remove the ability for any high-level accounts to even make those changes. I think what makes us a little bit different from other solutions are other solutions still at the bottom level, they assume that there is some good actor there, meaning they allow an account to reverse changes that have been made. If you go into an architecture and you lock down an architecture because you want to provide immutability for a certain data set, the other solutions will still leave a way for a high-level account to go in and reverse that. Now, in some occasions, that may have seen smart in the past when you get to a certain place and need to reverse something you've done. But in this world, in this age of nefarious activity, you no longer can assume that when all of your secrets are known, that the bad actor won't use that against you.
Christophe Bertrand
>> Right. And can you tell us about the zero delay on write? That's a pretty cool feature.
Sterling Wilson
>> Yes, exactly. That is really what we consider another facet that really must be applied, and what that means is when that data is written, it has all of the features of immutability and encryption based right from there. Sometimes you have other solutions that will take that data, that will want to do things like dedupe that data or place that data in a landing zone so that it can group it with other sets of data before it's moved. Unfortunately, that actually creates a larger attack vector, and that will allow the bad guys to actually take that data when it is sitting on premises without the wrappers around it basically sitting wide open.
Christophe Bertrand
>> Well, I could see how that's a big issue, obviously. So you're designed for Veeam, obviously you have a close relationship. Can you tell me at a high level about the type of integrations that you have and APIs? Anything you can divulge beyond the very secret stuff?
Sterling Wilson
>> Absolutely. Well, as we said, we were written directly for Veeam and the founders are the same founders, so there is definitely some intelligence there. We have direct integration using the best APIs, and even an API that we've created together that was called the SOSAPI, which is the Smart Object Storage API. We leverage it in its full amount, meaning it is an open API that any of the storage vendors can use. However, we use it with an intelligence not to only move the data efficiently, but to also place the data across a clustered environment as data grows. Veeam itself is a very intricate, it is a very, I would say large data set or a large solution that allows you to place your data sets wherever you want to. And they have something even called scale out repositories that can be used. Smart Object Storage API allows us to integrate fully into those, placing the data where you need it, whether it's a performance tier or an archive tier.
Christophe Bertrand
>> That makes a lot of sense. And of course, you own the appliance and you have it in your data center or hosted somewhere, but on your behalf. I guess let's talk about recovery and recoverability. If you're immutable, I get it, the data will not be affected. How quickly can you recover? What are the type of metrics that you've seen in the field? You're a field CTO, and I definitely want to double click on your experience and expertise. What have you seen from clients? Can you give us maybe a few examples or anecdotes of the solution at play? Maybe you can't quote names, but at least based on attacks that you've helped with.
Sterling Wilson
>> Yeah, absolutely. The box itself is quite powerful. It comes in different sizes. As a matter of fact, we actually just announced several different sizes that were just incorporating to the lineup. We really have any size from 20 terabytes all the way up to over seven petabytes in a clustered environment, depending on what the client needs. We're able to provide the Veeam users, no matter how small or large they are with the immutability that they need. Being out in the field as a field CTO, what I see most of all is that there is an awareness that's coming around, but many people don't know where to go to get the type of security they need. We have some that have inherited environments. We have some that are working with insurance companies that need to prove that they have immutable backups, and they need to be able to prove that they can recover with a certain set of circumstances. We can help them do that by integrating directly into Veeam, dropping in without them having to be a security expert, and being able to use those APIs without having to change any defaults in Veeam. I think that's an important point. We run with Veeam as Veeam is intended. As I spend a lot of my time out in the field running workshops, listening to customers, helping our solution improve, we undoubtedly come across clients that need something for today, but have also used us to recover from something in the past. You tipped your hat a little bit to that in a minute ago speaking of some of these situations where we've had customers recover. There was actually one that I like to recall was a school system in Ohio where they actually had undergone a ransomware attack. In fact, they had taken down every single one of their solutions. They had Carbon Black edge devices, CASBs, zero trust in some ways implemented. You name it, they had it. The problem is you have to assume a breach, and the bad guys were already inside. They had gotten in by some certain ways, they had stolen the top level of accounts, and they had gone through the architectures and had effectively taken them down and rendered this school system useless. When it came down to it, when it came time after all the FBI forensics, they were ready to recover. We stood with them and their backups were intact. We're very proud of that. When all of the other issues or solutions that they had placed in there to take away some of these issues had failed. We stood and we were ready to recover, and we help them do that as well.
Christophe Bertrand
>> Yes, and in a context of AI fueled attacks, I mean, I can only imagine that it's going to happen more and more often, fortunately, so that's a great example. A couple more points I'd like to cover with you. This was helping with today and maybe the past, in this case, recurring from a backup. So what do you see moving forward? Maybe if you were to think ahead a few years, what is going to change? Is it AI? Is it more complex workloads? Is it more of an ecosystem play?
Sterling Wilson
>> That's a great question. I had a great conversation at RSAC with a couple of people about this. It's moving so fast, it's really hard to put your finger on a pulse of anything. I will definitely say that AI is here to stay. From my perspective, it's going to be how do we bring these edge AI security solutions together in a way that they continue to work together? Veeam has allowed us to bring some of those things together today, but many of them are still treated as edge solutions. How do we bring that together with the proliferation of agentic AI, but more importantly, right, because that's a double-edged sword, I saw your eyes go up there.
Christophe Bertrand
>> Oh, yeah.
Sterling Wilson
>> It's a double-edged sword. Having it help you fight the great fight, but also having it attack you from many different ways. That's going to change our landscape, A, number one, but also, which I would love to talk to you more about, is how do we help those AI workloads have their solvency intact? Make sure that they can recover from those LLMs and those models that they're backing up today.
Christophe Bertrand
>> And that's why you need immutability, you need Ootbi, and essentially a perspective or an approach that builds cyber resiliency by design, and I think that's really the message.
Sterling Wilson
>> Agreed.
Christophe Bertrand
>> Look, we've covered a lot of ground. Sterling, I'd like to thank you so much for giving us a better understanding of Object First. I mean, it's always fun for me to see what I would consider a young company, but that still brings this innovation that feels like it's been built on years of maturity, which it has in many ways because of the founders. No big surprise there. Great examples, I think in this age of ever-changing risks, AI-fueled attacks, workloads changing all the time, and of course, massive data growth across multiple segments of the market, small companies, big companies, there's only going to be more data. I think having immutability built in your backups is absolutely key. Sterling, thank you so much for your time.
Sterling Wilson
>> Thank you very much.
Christophe Bertrand
>> And to our viewers, thank you. Please stay tuned. There is more coming up in our Summit. My name is Christophe Bertrand, Principal Analyst here at theCUBE Research.
