In this episode of the Futurum Tech Webcast, analysts Shelly Kramer and Steven Dickens discuss the recent announcements out of BMC Software, targeting security, an Open Mainframe, and facilitating developer agility.
I’ll note before touching on our conversation that the IT Infrastructure Management Software Market is growing at a rapid rate in 2021 and that growth is very much expected to continue. The key players in that space are: CA Technologies, Oracle, IBM, EMC, Microsoft, BMC Software, Dell, LabTech, Symantec, Apple, HPE and SAP. Precision Reports has a new study out on this topic and you can get a sample of the report here. Seeing this focus by BMC is exactly what we would expect.
In this short conversation, Steven and I discussed the rise of malicious threats in the market as a whole and how attacks like SolarWinds, the JBS meat production facility and, most recently, the REvil group’s attack on a managed IT software provider, Kaseya are forcing a focus on protecting from malicious insider threats, especially as it relates to the mainframe. With Steven’s vast experience in the mainframe industry, his insights here, and his take on the path BMC is taking, are invaluable.
You can find our conversation about BMC’s recent announcements here:
Or grab the audio here:
Steven covered the BMC announcements in depth in this article: BMC Announces New Capabilities Aimed at Security, a Modern Development Experience, and Promoting an Open, Collaborative Mainframe
Steven is the podcast host for the “I am a Mainframer” podcast series as part of the Linux Foundation’s collaborative project, The Open Mainframe Project, where he interviews everyone from CEOs to software vendors and explores careers of those in the mainframe ecosystem and keeps his finger firmly on the pulse of the industry about which he is so passionate. He’s a firm believer in the value of open source and how it can transform a customer’s business and for anyone looking for insight into the mainframe industry and modern mainframe insight, Steven’s your guy.
Disclaimer: The Futurum Tech Webcast is for information and entertainment purposes only. Over the course of this podcast, we may talk about companies that are publicly traded and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors and we do not ask that you treat us as such.
Shelly Kramer: Now we are going to talk about BMC software and some of their new announcements. I know that the company announced some new capabilities targeted, helping clients, hardened security, modernized app development and also achieve some greater visibility across the IBM Z platform, which I know that you’re very familiar with. And then also focused on promoting an open and collaborative mainframe. So talk to us a little bit. This is about a year past the time that BMC acquired its longtime collaborator Compuware so talk to us a little bit about these announcements coming out of BMC and what you see.
Steven Dickens: I think the most interesting thing, and you just mentioned Compuware, they’re almost exactly to the day a year on from closing that acquisition. I think the interesting thing for me is, and watching the two organizations closely over that interim year, it’s been still BMC and Compuware. They’ve been using both brands. Chris O’Malley the former CEO of Compuware was very vocal for probably the first six or seven months still out there as a cheerleader for his prior organization. I think what was really interesting for me that came out of this was it was very clear that this was the first BMC driven announcement of their new capabilities. And I think it’s going to be interesting to see how they tidy up that branding. Some of the former DevOps tools from Compuware have still got Compuware in the name of the product.
So it’s going to be interesting as they clean that up from a branding point of view but I think what was interesting for me was one of the things that Compuware used to be really vocal about and those in the mainframe space know Chris O’Malley hasn’t got a particular style for being vocal. And one of the things that was really interesting of how they used to position themselves was we’re doing quarterly updates. The mainframe space has obviously been around for decades and they took a strategic opinion that they were going to update their products every quarter. It’s interesting for me to see BMC adopt that same release schedule. So it’s kind of a merging of the best of both worlds from BMC and Compuware which I think is encouraging for the mainframe community, that the good things from Compuware haven’t been dropped as BMC have taken over and it’s really a fusing of the two pieces.
Shelly Kramer: Yeah. That is really interesting. One of the things that I paid particular attention to of course coming out of this announcement is focusing on security, right? And protecting the platform from malicious insider threats. So let’s talk a little bit about why this is so important today. We’ve got the SolarWinds attack that we’re still reeling from and we’ve got the JBS attack, the global meat producer, and we’ve got this week’s REvil attack on Kaseya, an IT management software that’s designed for MSPs and IT teams and why that’s particularly important at least to me anywhere of interest to me anyway, is because when we talk about the SolarWinds attack was and is so relevant because of all of the many government vendors that the SolarWinds software platform served. Right? So the Kaseya, Kaseya, Kaseya, I’m not sure I’m pronouncing that right.
Steven Dickens: Your guess is as good as mine Shelly. I wrote the piece on the REvil attack and I don’t know how it’s pronounced.
Shelly Kramer: I would say Kaseya. So that’s how I’m going to save it, by gosh. So many of customers are companies who are in the small to midsize space who don’t want to mess with or aren’t able to mess with all that’s involved in terms of managing their IT systems and everything else, which is great. That’s the beauty of working with managed service providers, right? They bring the expertise, they bring the IT skill, they bring the capabilities, the infrastructure, all that sort of thing. But when you have an attack on the software provider that provides these services, that is a very big deal. And so anyway, so how does this focus on security from a BMC standpoint? What jumps out at you there? I know that we’ve got some new options within BMC AMI security, how does that work? Why does it matter so much?
Steven Dickens: Well, I think there’s a misnomer that the mainframe. Whatever you say about the mainframe, it’s got a rightfully earned reputation as a very secure platform. But I think it’d be a misnomer that you don’t have to do work to backup that reputation. Whilst it’s, and I know the security professionals say it’s the most securable platform rather than the most secure platform, and then make that distinction because you still do have to do work. And I think even though the mainframe is typically buried behind DMZs and kept on purpose as a system of record away from public facing internet, you’ve still got to secure it. And I think what was interesting for me about the BMC piece was that they were making that distinction and specifically going after one threat vector for me, which is that insider threat. These are highly credentialed individuals that got in a lot of cases, quite elevated access rights to do big actions on the mainframe and if that’s a system of record, a database team or a system administration team can really have access to the crown jewels of information.
That’s typically what a mainframe has running on it. It will be the system of record for a bank or an insurance company or a large government department with a lot of PII data typically on it. So I think focusing on those highly credentialed, super users, further locking down and providing monitoring software of what those users are doing and looking for nefarious actions is really important to know. I was really interested to see BMC kind of play into the noise that’s going on in the industry around the cyber security space. But I mean, that was an obvious ploy, but I think what was more interesting is they’re not just going after the marketing headlines, they’ve really gone and done the product development work to further add capability to what’s a very mature space, but add further capability into that space because it’s needed.
And I thought that was really encouraging. I mean, there’s a lot of detail in the piece and we’ll put the link to my coverage in the show notes, but I think it was really interesting to see they’ve gone and done that hard out and R&D and engineering work and the development work to further bolster those CIS admin type tools. So now it was really sort of interesting for them to go below the marketing hype and really talk about some of the hard development work they’ve done in that space.
Shelly Kramer: Smart and strategic. That’s kind of what I thought when I read it.
Steven Dickens: Yeah. Definitely.
Shelly Kramer: So I want to wrap up our conversation about BMC’s announcements with… When I touch on the open mainframe, I know that’s one of your passions.
Steven Dickens: Subject to my heart.
Shelly Kramer: Absolutely. So talk a little bit about that, if you would.
Steven Dickens: It’s a really interesting dynamic the world that’s going on in the mainframe world right now. Obviously the platform has been around for coming up on 60 years. It’s been probably the poster child in its early few decades for proprietary closed source, very big vendors providing software for that space, right? But over the last five or six years, the platform has gone through a real transformation, embracing open sources as a way to crowd source code and the open mainframe project, which is a Linux foundation collaborative project is kind of really leading that charge. And it’s interesting for me to see BMC announcing with so much pride their membership of the open mainframe project because I think there’s a relatively small number of vendors in the mainframe space and I think it’s really directionally important that that space gets more collaborative, that some of the competitive pieces where there’s not need for competition really become a collaborative effort.
And I know one of the big areas there is Zowe. So BMC has been on the fringes of looking at this space for the last three or four years. It’s really encouraging for that space overall to see what is now that sort of third biggest software vendor jump in with both feet into that open source community and really start to push forward because if the mainframe is going to be around for the next 60 years, it needs to be an open platform and it needs to embrace open source. It can’t be like it was in the last 60 years. So I think that is directionally important for where that platform goes. And as it continues to be that system of record for thousands of large organizations around the world, open is going to be a key phrase in that space.
Shelly Kramer: I knew that was part of that news that would make you very happy.
Steven Dickens: Definitely.
Shelly Kramer: Absolutely.
Steven Dickens: Hold on projects still dear to my heart Shelly.
Shelly Kramer: Absolutely. And OMAP will be.
Steven Dickens: Yes, I’m still the host of their podcast show, so.
Shelly Kramer: And you know what? We’ll put the link to that show in our show notes as well. So if that, like Steven, that is your passion, you will be able to track what he’s doing there in that space. So that’s awesome.