HIPAA | VMWare | 100% SLAs | AWS | cloud | compliance | data center security | data center uptime | infrastructure | ISO 27001 compliance | PCI Compliance | Podcasts | public cloud | RFID systems | SDDC | SLAs | software-defined data center | SSAE 16 SOC 2 | virtualization
Today more companies are realizing the power of software-defined data center to better grow their business and their brand. SDDC allows better control of infrastructure and virtualization via software giving companies more power, flexibility, and security when choosing a data center. To discuss this in detail we have Tom Banta, Senior Vice President, Product Management and Development at vXchnge.
Ellis: Welcome to the vXchnge podcast. I'm your host, Ellis Booker. Today's topic is the software-defined data center, what it is and why it matters. SDDC may be a new term for you, so the first thing we're going to do is define it and then explore the benefits to businesses seeking power, flexibility, and security in their data center choices. We'll also take a look at some real world examples. Joining us is Tom Banta, Senior Vice President, Product Management and Development at vXchnge. Hello, Tom.
Tom: Hi, Ellis. How are you today? Thank you for having me on the program.
Ellis: Tom, first off, it looks like you're in prison there. What happened?
Tom: Yeah. It does look that way, yeah. I think our CEO put me in timeout today. But seriously, I'm in our Secaucus data center, one of our 15 data centers. And behind me is basically one of our secure cages for some of our customers.
Ellis: And we will be talking about security, physical and virtual, in this case. But I promised up top that somebody would define the software-defined data center. Can you do that for us, Tom?
Tom: Sure, I'll try to. It's a big topic. And sometimes when things are new, they get very broad terms. And initially, as you said, SDDC is a software-defined data center. The term was coined years ago by Steve Herrod over at VMware. But in its simplest sense, it really is about controlling infrastructure and virtualization via software, controlling the data center more and more through sensors, software. And at VX, SDDC is making it easier for customers to grow their business and their brand.
Ellis: Is the concept of SDDC fairly common at this point, or is it still on the bleeding edge?
Tom: SDDC, I would say, is somewhat in its infancy, many components that can apply. You've got software-defined networking and storage and security systems and RFID systems and compute power. So many companies are in different stages in the infancy of some of these components. Significant investments obviously are going into virtualization, software storage compute. Fifteen years ago, you think about it, we didn't even have VMware or AWS. And those are all multibillion dollar businesses now.
So the whole virtualization, Cloud, public Cloud, private Cloud, etc., is changing day over day. And so as we provide capability to the data center via SDDC, it's really gaining traction as customers want to get closer to their customers on an as-needed basis while the requirements around security and compliance get more complicated and actually grow every single day.
Ellis: And you mentioned vXchnge is a business for I think you said 15 data centers around the country. Is it fair to say that the scalability of vXchnge's offerings are enabled by software-defined data center?
Tom: Exactly. You'd think of what we're providing, and as I mentioned before, we're about brand protection and growth for customers. People go to websites, the abandon rate. If a site's not working, not performing quickly, it's very easy for them to go somewhere else, right? And so we're about providing that 100% uptime for customers, the right amount of resource that they need when they need it, where they need it.
And part of that is just being sure the lights are kept on, right? And the equipment is cooled properly. But it extends beyond this, because customers want to know when they're going to reach certain thresholds. They can anticipate where they're going to be and when they need more capacity throughout their system.
So for example, a customer could want just another server in a rack. They need to expand their pipe. Do they have enough power? Simple thing is, do I have enough power in that rack to power that server? And what capacity are we running at? Which location should I put it in? So SDDC really helps them have insight into that and manage those situations.
Ellis: Right. So in other words, you're able to right-size the network, the storage, the CPU, the power, everything.
Tom: Exactly. Securities, compliance, who has access to that, those are all elements that go into ensuring that those systems are up and running and safe and secure.
Ellis: Right. And vXchnge, if I'm not mistaken, offers 100% SLAs. Is that correct?
Tom: That's correct. So we're all about keeping the systems up and running, right? So we'd look at this as life support systems. In fact, we like to say we've hired a number of people that spend quite a bit of time in the navy and nuclear submarines. And the support systems in nuclear submarines really are life support systems. You're thousands of feet underwater. Those systems can't go down.
And we really view it as the same way. These people, their websites, our customers, their websites, their systems are life support systems for them. They'd pay their bills, and so we'd look at that as being just as critical to their business. And so, yes, we have 100% uptime SLA.
Ellis: Wow. You can't do better than 100%, I guess.
Tom: I would hope not, right?
Ellis: Right. But speaking of uptime and the security issue again, let's return to the physical security. The room that you're in is obviously hardened. There are multi-levels of security in your data centers around the country?
Tom: Yes. So you'd look at every data center we have, and, of course, security and compliance is paramount. Years ago, people would come to data centers, and they wanted to know that the data center was going to be cold and that the power would be up. And yes, we don't want somebody to come into the data center that shouldn't be in there. But the security side of things, due to lots of legislation that's come around as it relates to personal information, patient information, credit card information, that is becoming more and more critical. So every data center has a minimum of five points of authentication to get somebody physically into the data center.
So whether it's protecting physical assets, people coming in and having access to those servers, or protecting credit card patient information, personal information, it's all about having the processes and procedures for us to be able to manage that security and for the customer to be able to manage and have insight into who's been into their facility, who's had access to the facility.
Maybe I have a subcontractor who needs to come in on a temporary basis. So Ellis needs to come in next Tuesday and install a piece of hardware. So I want to be able to provide you limited access to come into that hardware for that period of time So we provide customers a way that manages the security and access to the systems through our portal 24/7.
Ellis: By the way, I'd rather come in on Friday especially because it's casual Friday, don't like wearing ties. But speaking of compliance, I'm right in thinking that vXchnge is offering HIPAA and PCI complying infrastructure already. You've already been certified for those things so a customer doesn't have to bring it with them. You're already waiting for them with it, right?
Tom: Right, Yeah. So as you've mentioned, all of our sites are SSAE 16 SOC 2, PCI, and HIPAA certified. We just kicked off this week, as a matter of fact, our ISO 27001 compliance. So we expect to be certified on that next year. And that's more about security as well, so further enhancing our focus on security.
And if you look at our business, the vast majority of our customers are technology companies. They provide SaaS offerings, whether it be business intelligence, ecommerce sites, etc. So their customers demand this level of compliance from them, so they in turn demand it of us. And so we spend significant amount of time with them reviewing our security and our compliance because their auditors demand it of them. So it's critical that we have all those compliances in order for them to be able to pass it on to their customers.
Ellis: And before we leave, one last question about compliance, it's something of a sidebar, but I think it's very important. This was the European Court of Justice ruling just recently, I think October, around the safe harbor principle, basically avoiding it, saying that American companies, U.S. companies can self-certify themselves as being compliant with the EU's data privacy, data exchange rules. Is that throwing a gigantic wrench into providers who want to offer a global footprint? Or how is vXchnge? You're getting a lot of questions from your customer base around that ruling.
Tom: Yeah, we are getting questions about that because websites are global entities in most cases, right? And so customers have their website, but they may have their customers in Europe, for example, or South America. So we're constantly being asked to provide a level of compliance that safeguards those assets and that data, right? And so that's one reason we're really looking at the ISO 27001 compliance is to have a broader reach about the protection of data as it relates to people outside the United States.
Ellis: Right. And I get your sense that this is going to sort itself out through standards bodies. Yeah, great. I promised up top that we'd talk about a real customer using software-defined data center that you guys offer to solve a business problem. Can you share an example with us, Tom?
Tom: As you can imagine, customers are always sensitive to publicity to some degree. But this is one, talk about B&H Photo, which is here in the New York area, a big electronics provider. And they recently last month won an award for the best mobile shopping app at the Mobile Shopping Summit in Palm Springs.
And their comment to us was, "We can't be the best without having the best partners." And we really take each of our customers to heart in terms of we really look upon their success as us playing a role with them, right? And they said they are ready to provide flexible solutions, security and compliance really within their micro data centers. And the flexibility that SDDC delivers really provided that resiliency and creates the revenue-generating opportunities that they want.
Ellis: And congratulations to you and your partner on that award. That's going to have to be the last answer because we've run out of time. I'd like to thank Tom for joining us today. And if you'd like to hear other vXchnge podcast episodes or suggest show topics, please visit vxchnge.com. Thanks for listening.
Tom: Thanks, Ellis.
As the Growth Marketing Manager at vXchnge, Blair is responsible for managing every aspect of the growth marketing objective and inbound strategy to grow the brand. Her passion is to find the topics that generate the most conversations. If you have a topic idea, feel free to reach out to Blair through her social platforms.