SNIA Experts on Data
Listen to interviews with SNIA experts on data who cover a wide range of topics on both established and emerging technologies. SNIA is an industry organization that develops global standards and delivers vendor-neutral education on technologies related to data.
SNIA Experts on Data
Data Protection in the Ransomware Era: Strategies and Insights
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
The impact of ransomware has upended how organizations approach data protection strategies, causing significant shifts from traditional operational recovery. Many CIOs and data center managers still have the perception that their current backup strategies are sufficient until a bad actor sneaks into their network to make sure that the backup is useless, so they have no way of coming back.
Mounir Elmously, a senior manager at Ernst & Young, is on the front lines, helping organizations across industries navigate the complexities of data protection in a world full of ransomware risks. Hear his expert perspective on:
· The consolidation of backup vendors and the evolution of solutions
· Shifting to contemporary ransomware preparedness strategies
· Distinctions between resilience, redundancy, and recovery in IT infrastructure
· The realities of zero downtime
SNIA is an industry organization that develops global standards and delivers vendor-neutral education on technologies related to data. In these interviews, SNIA experts on data cover a wide range of topics on both established and emerging technologies.
About SNIA:
Welcome to the SNEA Experts on Data podcast. Each episode highlights key technologies related to data.
Speaker 2All right, welcome everybody to the SNEA Experts on Data podcast. My name is Eric Wright. I'm the Chief Content Officer at GTM Delta and host of the SNEA Experts on Data podcast. I'm extremely excited and honored to be welcoming Munir to the stage with me today. We're going to talk about a lot of very interesting stuff around data protection, data management, the world of ransomware and wildness that's going on. We've got a lot of changes in how we've seen the patterns of exploitation and risk and ultimately then technology's way of bringing forward stuff that we'd already had in the past and sort of revisiting it, and also fundamentally new application patterns. So, munir, if you don't mind, give a quick introduction of yourself and you get started with SNIA as well. It'd be a great place to open things up. All right?
Speaker 3So my name is Munir Mousli, I am currently holding the position of a senior manager in Ernst Young and I have a very great passion of storage. I've always had that. Everywhere I went in my career it was storage related. I've been working with almost all the high-end vendors that do storage and the good part of my life is when I joined ey I started to learn the business side and the the value of storage in business and the critical nature of business, and I'm very happy to be hosted by Eric and I'll be glad to participate in this event.
Speaker 2Yeah, and you brought such a perfect starting point, this idea, that we always say that it's not about the speeds and feeds. Now it is, but it also is about taking those technical capabilities and matching them to requirements that are going to drive business outcomes. Expert technologists, and also you know yourself who splits the line between having experts in technology but understanding the how to map it against business value and kind of where the industry is going. So, with that, looking at data protection and you know sort of the what we call the modern workloads, what are you seeing today, munir? And then maybe even we'll go into the Wayback Machine and talk about how we got here.
Speaker 3All right. So, from my perspective, what I've seen in the industry recently is the point that has changed from the actual traditional operational recovery to ransomware. Everybody has a ransomware on their mind. Every CIO is having a portion of his mind dedicated to ransomware. Now. Now, interestingly enough, over the past three weeks, I've got five projects that are related to ransomware. I never had that many projects in the same time.
Speaker 3I used to have one now and then, but having five together in all industries healthcare, financial sector, commercial manufacturing it's on the top of the mind of the CIO the ransomware, some of them a couple of years ago. I remember Some of them. A couple of years ago I remember I spent a lot of time trying to educate my customer or help him make a decision that ransomware is becoming a real concern that they need to consider. And we kept going back and forth, back and forth. And one day I was on a call with him and he said, excuse me, there's something urgent in the data center and I need to respond to that. I'll come to you in 15 minutes. He came back in 15 minutes say we're hit with a ransomware, which was too late already.
Speaker 2Yeah, that's the tough part. It's like the. I'm an older gentleman so I remember when the check engine light used to just be. The check engine light would go on and then the engine would practically explode about 30 seconds later. We've gotten better with diagnostics since then, but ransomware is effectively, by the time you see it, it's too late.
Speaker 3It's too late, exactly, and many CIOs and data center managers actually still have the perception that they're good until you know it's too late. As you said, no, we have a good backup, but they don't know that the first step for a bad actor when he sneaks into your network is to make sure that your backup is useless, so you have no way of coming back.
Speaker 2Yeah, this is the new target, you know, and an absolutely optimized target.
Speaker 2Really to think about this want to do damage to a business or apply a ransom and sort of have the greatest hold on them, removing their capability to recover is. It's pretty amazing to me that the very same companies that are trying to protect the workload themselves are now at risk. And it's an interesting time as a vendor, because now you're not only having to deliver ransomware protection for your clients, but then a lot of them have SaaS services. There's other adjacent connections to other cloud and multi-cloud SaaS control planes and those are now subject to risk. And we saw very recently with to call it a situation I don't mean to pick on a vendor, but people will obviously know about Microsoft and the CrowdStrike updates that triggered an issue where, all of a sudden, people who were using a protection platform it suffered a human error that led to a significant impact for clients, and now they may have thought the thing I'm using for protection is my protection, not realizing they needed to also protect it. Such an interesting problem to see in reality, exactly.
Speaker 3Although it was not a ransomware or a virus, but it was a mistake from an operator or an engineer, just an old-fashioned, as they say, a fat finger configuration, change right or a virus, but it was a mistake from an operator or an engineer, just an old-fashioned, as they say, a fat-finger configuration change, right, but that same effect.
Speaker 2You look at if this was ransomware and there was no recovery mechanism, like God help them. It's absolutely terrifying.
Speaker 3Yeah, there are actually. I've seen many organizations go out of business because of a ransomware. They shut down the doors and go out of business completely. Some of them are you know. They have the depth and the budget to recover with some problems, but I've seen some startups that they shut down the business down the business.
Speaker 2Yeah, that's, it's a and the pattern I'll say are like the, the persona and profile of companies that are subject to this risk. We used to think it's only going to be large enterprise companies that have vast amounts of data or something of value to sell, but ransomware is now an SMB problem, Like it's actually moved much more down market. Ransomware has apparently got better go-to-market strategy than any other product in the world because they are successfully moving into other areas.
Speaker 3Actually, I have an interesting story that I was working with a data center manager in one of the companies and she's a lady and she says my son was hit by ransomware where they blocked his Facebook and they're asking for $170 to recover it. So on all levels, everybody is subject to attacks.
Speaker 2So when we look at the enterprise protection sort of mitigation strategies, we saw a lot around early work with you know, obviously, replication Some people are using, you know, asynchronous or even as close to synchronous mirroring as possible. We see the sort of 3-2-1 backups for off-sites and alternate sites, not adding immutability. Yet, looking at those three protection styles, what do you see as still valid, Muneer, and what do you see as needing update?
Speaker 3Well, the idea here is the operational recovery will always be there, whether it's today or tomorrow or for the foreseen future. You still need operational recovery for a day-to-day operation. A person with fat fingers deletes a file, a disk failure that was not mirrored, a replication error that results into data system corruption all this, at the end of the day, might require you to invoke a recovery from a local backup. So this is not going away, at least for now. It's only the pendulum is shifting that in addition to this, another avenue is coming, which is the recovery from a bad actor or a malware person. I remember when I started my career, there was a healthcare company that keeps the cancer genome records. They keep it for years for research and they had a disgruntled, but that was long before inventing the ransomware and they had.
Speaker 3They left let a person go and he was the backup operator and before he leaves he made sure to delete everything. They have records that are kept for 20, 30, 40 years that this company went out of business.
Speaker 2Simple as that, yeah.
Speaker 3So a human factor is still there. It's not going to go away, it's only getting more complicated. So replication, sync or async, and 3-2-1 rule still valid, but it needs to be slightly updated. That's the point line.
Speaker 2Yeah, and interestingly you know, I was using mirroring products back in like software mirroring from between two sites. I had a location in Toronto, a location in Vancouver, so heavy geo protection and near zero replication and it was an interesting problem that somebody on the source side of course went and they just accidentally they thought they were moving a folder but they actually deleted it. And then my IT manager at the time says, hey, okay, no problem, let's just go to the secondary site and recover the files. I'm like, no, no, no, we're mirroring the changes, we mirrored the deletion the moment it happened, like it's that the deployment was not designed to protect that type of recovery. It was to protect losing access and having to recover from the secondary site, not proactively deleting files which were then proactively deleted from the targets. It was a hard lesson and same with viruses. If we had a virus then we would just be asynchronously replicating the virus. It's very efficient.
Speaker 3If your cadence of replication, of asynchronous replication, is delayed for quite some time, you might have a chance. You might have a chance, but it might be too late Now. The good news is, if you look at some vendors who do especially with the NAS replication is they do journaling and replicate the journal Right and replicate the journal and they keep the journal for any time they like, like one day, two day, one week, whatever they like they might end up. If it was invoked by ransomware, they might be able to go back in history on those mirrors or journals and get the latest good update, maybe one day ago or something depending, when they realized that they were impacted by something.
Speaker 2Yeah, and I think that's it was an interesting shift in that we could replicate immediately but then retain like three sort of local changes in the journal. On the other side there's I get like that. That pattern began to emerge, but not even by design. We figured it out in practice, which is what's interesting now with ransomware, because the way in which it spreads it's not land and spread Like it's generally land. Lay and wait, then spread. That's the Trojan horse.
Speaker 3Yeah, that's why Trojan horse, yeah, that's why they call it Trojan. Now, if you remember, the first ransomware that the industry knew about was Sony. They realized that they had the ransomware virus in their systems nine months before the invocation Wow. So every backup they could not reach. At that time they were not mature to manipulate the backups, but every backup, because nobody has a retention of that long. Every backup was infected. So every time they tried to recover they get reinfected.
Speaker 2Incredible. Yeah, and that was like you said. Even ransomware was such an odd word at the time and people you know. We just thought you have to be as big as Sony. We hear about stuff like Sandworm and sort of the large botnet type of attacks, but they always seemed like someone else's problem because the scale of the target seems to be something that we perceived has to be huge.
Speaker 3Exactly.
Speaker 2You mentioned a few great examples, munir before of like. This is not a giant enterprise problem anymore, this is an everybody problem.
Speaker 3Correct. Probably the small and mid organizations are less prepared, hoping that they go under the radar. But everybody has money is in the radar, regardless of your industry. If I can squeeze $10 from you, I'll do it. That's how it works.
Speaker 2Now we've had a lot of consolidation in the industry, which is a natural wave. Uh, we saw some new developments around specific like ransomware platforms and products that came to the market. Uh, some people that targeted different types of backup protection, so like containerized workloads or, uh, you know, serverless and then what is often typical is those companies reasonably do well, they do commercially okay, but then a larger company will come along and pick them up and say, hey, let's add you to the portfolio. So we've seen a lot of that. But I'm curious on your thoughts in the industry approach to that. Muneer, how successful are you seeing some of those acquisitions and how ready are these acquisitions large incumbent, traditional backup vendors for these new types of attacks and protections?
Speaker 3Well, let's stay within the context of the data protection and not the actual integration of the industry or the business. So they normally, before they start the acquisition process, they actually evaluate the current capability of the acquired organization. So in many situations, days after the acquisition, the effective acquisition everybody lives in his own world for a month, for three months, six months, until they merge. Now, during that time the small company that has been acquired is still using its own day-to-day operation and day-to-day production until the governance and regulations coming from the mothership gets introduced and set on them. Now, as I told you before, the small organizations generally are a little less prepared from once in a while. This is actually because of either lack of human resources to support a new avenue of data protection or lack of funds, or both.
Speaker 3Small organizations don't have deep pockets of large organizations and actually the industry makes a major difference. So financial services industry are the fastest in this avenue. The merger and the evolution of integration of the data protection happens in a very fast fashion. Healthcare organizations, manufacturing organizations they normally take much longer time. I've seen companies running with two or three backup software solutions for a couple of years. I actually I'm working with one of them now. They decided to keep every backup software running at its own location until they have a TSA technology exit plan, maybe a year or something. This is the time they will shut down one of the backup operations to standardize across the operation one of the backup operations to standardize across the operation.
Speaker 2It's an interesting implementation pattern. So storage and data protection both have this interesting problem. There's a lot of legacy in what they do and there's a lot of history that gets implemented as part of it. When I remember being in a data center operations and when we would bring a new storage vendor in to have a discussion, it was generally seen as like okay, we're going to commercially talk with you guys Once we confirm that we're going to buy. We're going to basically buy a whole set of racks, port all of our data over, get rid of the old gear and like it was very much a rip and replace and we wanted to shorten the time frame implemented because they were large sands they were.
Speaker 2That was a bit of a deployment pattern. But then, all of a sudden, over the course of the next decade, we had many bezels in the storage. You know you didn't have to get rid of your vendor one in order to acquire vendor two. You just started to do purpose-built storage or you would share it on virtualization. So there was less dependence on having one single interface back to your storage. Now, when it comes to the data protection side, what are the reasons why it is hard to get rid of your existing backup product.
Speaker 3The main reason is, in many cases backups are considered company archive and they might need it for a very long time, like, for example, pharmaceuticals and healthcare. They keep some of the data for 20, 30, 40 years. I've worked with a pharmaceutical company that had a backup from a vendor and they switched and they have 370,000 tapes to migrate from the backup vendor A to backup vendor B, which is a mountain of data and years of operation. So the normal average life expectancy of a backup software in an organization is like 15 years, give or take, maybe 10, maybe 20. But what I've seen in general, 15 years is the life of a backup software During that backup software, if the organization and remember 10 years ago, 20 years ago, there was no concept of a separate archive solution, so the only thing they had was a backup and they keep the backups for 20, 30, 40 years, maybe they will never, use it.
Speaker 3but sometimes in a regulation, they come and inspect you and they say, okay, show me the data of this product at this time and if you fail, you are getting a fine. So that was prior to the invention of the concept of a separate archive. Backup had a very long life expectancy. Now, with the introduction of new backups and the separation between backup and archive, it's much easier to switch backups, not every 15 years, you can do it in every two years if you needed to, because your retention is normally a month or two, not anything more than that. So, shutting down Now, by the time you recycle the backup media, two months would have gone and all your new backups are coming on the new product.
Speaker 2Yeah. So with changes in that pattern, muneer, what are we seeing around now? I'll say the new paradigm. I hate to say that word, I sound like an analyst. We're reusing or making use of archives, backup images, in order to do new things, like maybe train LLMs or reuse the data for financial reporting or shipping archives and then loading some into you know, redshifts and Databricks, and so there's a. We're using data post protection differently than before. It was just like we back it up and it's we need to be able to restore it. Okay, now I've seen I'm seeing more people trying to make use of those. You know whether it's object stores or or you know structured and unstructured data. What are you seeing as this now backup and archive becoming production data?
Speaker 3Well, as you said before, there is a plethora of data in the archive platform. So, depending on your industry and depending on your need to keep data, you might have seven years, ten years, 15 years of industry data that you can help normalize and get actual statistics and analysis passed to an AI for making decision. You cannot rely on that on a backup beyond one month. So if your data extent retention extends beyond one month normally, now I will give you another example. If you think of how frequently do you need to access backup from an older backup, like a month ago Now, most of the normal recovery happens within the first week of the backup. 99% of the recovery happens from that week. Now the 1% might happen beyond that, but beyond the month.
Speaker 3Every customer I spoke to they said if it's a backup, I would, I don't think I will ever need it. If it's a backup, I don't think I will ever need it. If it's a data retention governance regulation requirements, then look into the archive. Don't come to the backup Now. That actually improved the backup efficiency a lot, because now you don't need to keep a long history of backups that you never use. So your backup storage got more efficient and you can put the rest on an object storage, as you said, or s3 or blob whatever technology news and you can keep extending those and this is pay as you go, actually, so it becomes very cost efficient as well. So the idea here is for an AI implementation data analytics. You need to look into the history of the company In addition to governance and regulations. I think you should go to the archive For operation recovery, ransomware recovery. The first month is all you need. That's the way I've seen it and done this.
Speaker 2So in seeing that now. So, munir, as if you, if somebody, were to come to you, you know they're a CIO, they're evaluating new platforms and they have to weigh a new platform that's tackling the problem in a you know what we believe to be a novel way, so that some new vendor comes along and they've got what looks like a novel approach, but they generally won't attack the traditional backup problem but then, at the same time, the incumbency you know of the traditional vendor may not have the skills or technical capabilities yet for this new, novel approach. What do you see as the challenge for both incumbents and newcomers to the market? I like that. I like that question a lot.
Speaker 3The industry is the. The incumbent that have been the leaders for the past two decades are now left in the dust. They took a very long time to adapt to the changes in the industry. I stay away from the vendors name, but they become a niche players in my customer path theers, regardless of the name. Again, they have a much better vision that has the right approach to protect from the new malware, ransomware, in addition to keeping your backups in the operational way the same way. So both of them come together. The new vendors have that in a very nice way.
Speaker 3Now I'll give you another very funny example. I'm working with a backup vendor that's a very small startup backup vendor that's specialized in cloud and under the hood. When I spoke to the vendor, they said we are taking the backup product from the leader and putting some covering around it and some services around it because it has been proven for years 20 years, 30 years that's very stable, very robust. You can depend on it until the ransomware came. So we complement the gap of the ransomware but use the right development and investment that that vendor has put in the platform.
Speaker 2Yeah, there is, and in that I guess there's probably a lot of IP that's been there for a long time but hasn't necessarily been necessary. Do you see this as an opportunity that some of those incumbents and the large vendors like they should be reinvesting in R&D? What do you see as kind of the opportunity in the coming couple of years for R&D those larger traditional vendors?
Speaker 3All right, so the major two backup vendor that I've seen in the industry. They actually contributed to 70% 10 years ago of the market. They were left in the dark for a couple of years. The last time I met with them, they said this is our new platform, this is our new design and this is how we deal with the winds of change coming to the industry. So they keep reinventing because, remember, backups are the most stickiest product in your data center. You would keep it for a very long time time.
Speaker 3So, because they have the benefit of being in the customer, they understand the business. There is a natural love between the customer and the vendor. However, they still the customer thinks is that there is a gap, so they're trying to fill in this gap to stay in place. Some of them lost. I remember one of the leaders today before they acquire a company that specializes in ransomware. I was working with a financial institution and they had that vent and the CIO told me I'm dumping that backup solution vendor because they missed the train for the ransomware and they dumped them and they got a new player but, like in a couple of months later that leader and he's still leader, by the way acquired a ransomware company, cloud ransomware company, and their name started to shine again and in a very good way, and actually in a couple of projects that I worked with, I highly recommended them to the client so I think it.
Speaker 2It does look like a great opportunity ahead. But if you're an incumbent, they they need to be acutely aware of the risk to the business. There's no more guarantee that, hey, we already own their backups. It's not like they can get rid of us. That is not the case anymore, right?
Speaker 3No, if you think this way, you're doomed, because the CIO and his team is always out looking for something new.
Speaker 2Yeah, and it's interesting that even in looking at my career early on, the sunk cost fallacy was incredibly strong and now the ability for people to shift and change you know platforms, vendors, clouds, there's you just don't have that anchor anymore that they used to be able to say like well, they have no choice, Like we're, they're running in our cloud, they're running in our backup products, they're running on our storage, they have to stick with us. It's like no, they don't.
Speaker 3That's too late now. If you think this way, you're not going to last in the industry.
Speaker 2What's the reality of zero downtime, zero data loss? When you hear phrases like that, munir, what does it say to you? You know we've been in the industry and I know I'm a marketer and a technologist and I'm always torn by what I say and what I know I can do Now let's agree on something the infrastructure, the hardware, the software, are components, are vehicles to deliver the service.
Speaker 3The responsible party of the IT is required to provide a non-disrupted operation to the data and to the services. But internally, failures will always, always happen. You know it's not when, it will Not if, but it will. It will happen. You will have a disk failure, you will have a data corruption, you will have a lost connection that results in data loss, you will have an inconsistent database. The list goes on and on and on and on.
Speaker 3The idea here is you build enough recoverability and resiliency that if this happens and it happens your service continues to deliver and meet the customer expectation. But zero downtime is maybe in heaven. It's not going to happen in our age.
Speaker 2And time and time again. I've always been amazed, no matter how many times I ran operations for a couple of large companies and our MBOs are built around uptime protection etc. But it was so wild that when you're not thinking about that full time, some people can very easily confuse resilient infrastructure with recoverable infrastructure. How often are you seeing that problem of sort of the words being confused and confusion in general in practitioners?
Speaker 3I see this every day with my tears. I always cry when I see this. The vendors are responsible. They always mislead the customers that resiliency is redundancy or recovery the fact they are not. Resiliency is redundancy or recovery the fact they are not. But they misuse the names, misuse the definitions and they say we educate the industry so we say what we say. But the fact is they are completely are not the same.
Speaker 3Resilience means non-disruptive operation. No matter what happens, the IT or the service delivery continues. Recovery or redundancy means you might encounter anything more than zero downtime and anything more than zero data loss. Depending on how bulletproof your design is. You might have a much shorter loss of service or loss of data. This becomes a redundancy resiliency solution. But if you I'll give you, for example, a simple design of you will the storage controllers, dual disks doing mirroring you might lose one disk at any time or lose one controller at any time, but customer access to read and write will not be impacted. Right, so this is resilience.
Speaker 3But if you switch platforms from product A to product B and because of a failure, there is a time to restore services on the other side of the house, like if you have a cluster. Now the good cluster design design. There is a heartbeat that keeps monitoring each other and makes the failover and they lose. Probably I've seen it losing maybe a half a ping, which is not a major problem to customers except for the financial industry and trading floors. But in other situations healthcare and other industries half a ping is not a major problem, so they can think of themselves as resilient. But when you talk about recovery, this means they lost and somebody has to invoke the failover. That takes maybe an hour, two hours, depending on your industry and your business needs and how much you invest.
Speaker 2By the way, yeah, and I guess this is a reminder to folks that that is, know how to protect it but also know how to recover it. And you know, we as practitioners in that company have to match that to the business requirements, because what we believe is like, hey, this application needs to be up and running every day. You're like, well, in the case of disaster, we may find that it actually has a, you know, RPO of five days. That's not really rapidly updated RTO 48 hours. We can get by with other processes for that one. So it's not just the nature of data but the nature of the applications and processes that use that data. So, given your experience, Muneer, I'd love to close on this. So, given your experience, Munir, I'd love to close on this. What would you suggest to a person that's coming into an organization and they've been charged with protection and resiliency and backup? What are the things that they should do as a person to be as ready as possible for that situation?
Speaker 3The first thing I would think is that he needs to understand the risks he is subject to. So risk impact analysis is required as a first step. So probably he doesn't need to plan for an earthquake in a stable geography, he doesn't require to plan for a flood in the center of the continent there's no flood there, right? So he's not subject to such risk. But first thing, he needs to know what risks he's dealing with.
Speaker 3Second, now I've seen in the industry, across all industries, there are some limited number of applications or business processes that are critical to the business and in this situation, for financial sector it's between 15 and 20, for healthcare it's like 15, and for manufacturers, like 10. 10% of their business applications require very resilient recovery capability. So for such percentage, you need to make sure that you understand exactly what is your option for extended downtime, what's the appetite of the end users for downtime and accepting that versus cost, because every time you improve your recovery capability, this comes with a cost, right? So the first minute you talk to, let's say, a business X is running SAP application, to, let's say, a business X is running SAP application and you tell him what's your appetite for downtime and data loss, he will definitely, even if he's using an application, he's plays games. I don't have an appetite for downtime, it's zero. I don't accept anything more than zero downtime, zero data loss, right. Then we tell him okay, I can do that for you for $5 million, and the fact is the application is $20,000, for example. Then he will go back and think again to select the right acceptable level of resiliency, redundancy in his environment.
Speaker 3So tiering the application between different tiers that can be treated differently and protected differently is the next step. In my point of view, any application that has recovery point objective and recovery time objective of 24 hours or more, it is not a good idea to replicate those and put them in a mission credit, because you have a good backup. That's 24 hours ago. You can use that. But for applications like trading, like financial transactions, you cannot tolerate downtime. So this one might put you in one hour RTO, rpo or whatever numbers your business is willing to have, and every time you make this shorter you make sure you have deep pocket to support that.
Speaker 2That's right, it's an equilibrium. That's right, it's a it's an equilibrium, but, as you say, muneer, it's the connecting of you know what can we do, what do we need to do and what is the cost to do it. That's such a fantastic sort of three part question to go through as we look at that business requirements. I can do this all day I really wish we had an hour or two to I. I've got so much we could. We could chat and this has been really helpful. Munir Happy to participate.
Speaker 2For folks that want to connect with you, what's the best way they can reach you to chat more?
Speaker 3I think it starts with SNEA. I'm on SNEA in members and if you happen to be in Ernst Young or have an Ernst Young relationship or a customer of Ernst Young, we have an internal communication network you can reach me at. But outside Ernst Young I think the best way to come is through SNEA.
Speaker 2It's such a fantastic way to meet great people like yourself, muneer. Thank you very much. It was a pleasure to chat and, yeah, for folks that do want to find out more, definitely get involved with SN. It's a fantastic way to meet great people like yourself, munir. Thank you very much. It was a pleasure to chat and, yeah, for folks that do want to find out more, definitely get involved with Sneha, if you're not already. You can connect with amazing folks like Munir and other folks from his team who participate, and just, it's such a fantastic community.
Speaker 2And, of course, we've got developer events that are coming up. We're moving to quarterly regional events there. Developer events that are coming up. We're moving to quarterly regional events. There's all sorts of new things that are coming. So it's great chances to meet both online and in person, and I thank you very much for the conversation, muneer. It was a real pleasure and a great reminder of what we need to think about. It's not just about pressing back up. There's a lot more involved and thank you for sharing your insights. I appreciate it. Thank you, so up, there's a lot more involved and thank you for sharing your insights.
Speaker 3I appreciate it. Thank you so much.
Speaker 1It's a pleasure. Thank you for listening. For additional information on the material presented in this podcast, be sure and check out our educational library at sniaorg slash library.