Wednesday, April 27, 2022
Story of my son
Rubrik Origin Story
Published on April 21, 2022
John Quinsey
John Quinsey
VP of Sales, Americas Mid Market at Rubrik, Inc.
I recently watched a video of Rubrik Co-Founder & Chief Architect, Soham Mazumdar, presenting the Rubrik origin story at Tech Security Field Day (link embedded in the comments). Soham did an outstanding job of articulating our journey from data management company to data security company, and it got me feeling quite nostalgic. As I often like to remind people, I was part of the founding sales team at Rubrik, and there’s not too many of us left :) That said I thought I would try to capture Soham’s main points while adding in some color from my own Rubrik journey
Rubrik was launched in 2014 around the following problem statement: Legacy backup & DR were fragmented, complex & highly insecure leaving your backups exposed. They also lacked automation and recovery was too slow (too much focus on ingestion). Rubrik aimed to solve all this by simplifying and modernizing backup
When I first joined the company in the fall of 2015, we addressed a single use case. We backed up VMware and archived it out to AWS. That was all we did, but we did it better than anyone else. And we did it w/ a unique approach to backup centered around a web scale, hyper-converged architecture. We were essentially creating a bunker in a box where your backups could never be compromised. Additionally, the platform was built on a rest API so you could easily automate all tasks associated w/ data protection. And finally, we introduced the concept of live mount so you could quickly recover your data sets regardless of their size. Given the limited surface area of the workloads we addressed, we would invite customers to go on a journey w/ us while hinting at the future possibilities of leveraging metadata to release business value from your backups. Sounded pretty incredulous at the time :)
In the early days our competitors actually used our approach against us to create FUD, saying we created vendor lock-in and took away the freedom of choice from our customers. Conversely, they touted their superior ingestion speeds and de-dupe rates along with a bring your own back-up software approach to maintain freedom of choice. Despite the formidable competition, we actually did quite well in the early days. Which is a bit surprising considering the problem we solved was difficult to attach to a business outcome. Also given the constant rock fights we were in w/ our competitors. Initially our moral high ground was automation through our open API and extremely fast recoveries via live mount. We also shined around simplicity & ease of use which was the number one reason customers partnered w/ Rubrik in the early days. What we lacked was a clear differentiator which would allow us to win the market unambiguously. Turns out it was right in front of us the whole time, and we never even talked about it which was a huge miss
Data Security for the win! When our engineering team first imagined Rubrik, security was baked in from the ground up. They took the approach that failures would happen so the backups must be immutable. They also took the approach that networks would be compromised so they would use no open protocols. Hyper converged infrastructure by design assumes failure so it was a natural choice. A native air gap w/ our web scale architecture provided yet another layer of security making Rubrik the most robust data protection solution on the planet which was to be Act 1 of our company
Looking back, it’s kind of funny. The security first approach of our engineering team was actually a hindrance to sales in the early days. I remember constantly complaining to our PM’s about delays in feature releases costing us sales :). What it ultimately came down to was building it right versus building it fast. Turns out those design decisions early on would become serendipitous just a few years later when Ransomware hit the world
2017 was the first time one of our customers was hit with Ransomware. We didn’t even know what it was. Our initial premise was that if you had a clean copy of your data and the ability to recover it, you’re good. Turns out that’s just one piece of the puzzle. Based on what we learned from that very first attack (and every one since) our customers also need:
* Visibility to what data was impacted (the blast radius) so they know exactly what to recover
* Clarity on any sensitive data that was in scope to assess legal exposure and any regulatory fees & fines
* Visibility to exactly when the attack occurred, so they know what point in time to recover from
* Knowledge of exactly where the malware is lurking in the system so they can recover to a clean system free of malware
Simply being a super secure custodian of data wasn’t enough. So, our engineers got to work and even though security was still just a germ of an idea in 2017, it would soon lead to Act 2 of our company
Our position in the technology stack provides Rubrik w/ a unique advantage when it comes to solving the Ransomware challenge for a couple of reasons:
1) We have a historical view of your data across the enterprise
2) We have the infrastructure to analyze your data for changes & search for suspicious activity
This essentially means that by pairing an already super secure data backup platform w/ our purpose built observability suite, we’ve now created the best data security platform on the planet. We are essentially the easy button for Ransomware remediation & recovery. And unlike other security solutions which are focused on playing perimeter defense, we’ve brought security to the point of data. At Rubrik we’re all about Zero Trust Data Security. We assume the bad guys will get in. And when they do it’s our job to make sure your data is secure & to get you back up and running quickly & efficiently. We’ve honed these capabilities over time and now we’re so confident in our ability to help you recover, that we’re offering a $5M Ransomware recovery warranty to back it up. Hit us up if you’d like to learn more. Or better yet come to our annual user conference next month (link to register in the comments)
#Don’tBackUpGoSolveRansomware
Courtesy: Linkedin