Pure Storage Delivers Critical Cyber Outcomes
“We don’t have storage problems. We have outcome problems.” - Pure customer in a recent cyber briefing No matter what we are buying, what we are buying is a desired outcome. If you buy a car, you are buying some sort of outcome or multiple outcomes. Point A to Point B, comfort, dependability, seat heaters, or if you are like me, a real, live Florida Man, seat coolers! The same is true when solving for cyber outcomes, and often overlooked is a storage foundation to drive cyber resilience. A strong storage foundation improves data security, resilience and recovery. With these characteristics, organizations can recover in hours vs. days. Here are some top cyber resilience outcomes Pure Storage is delivering. Native, Layered Resilience Fast Analytics Rapid Restore Enhanced Visibility We will tackle all of these in this blog space (multi-part post alert!), but let’s start with the native, layered resilience Pure provides customers. Layered Resilience refers to a comprehensive approach to ensuring data protection and recovery through multiple layers of security and redundancy. This architecture is designed to provide robust protection against data loss, corruption, and cyber threats, ensuring business continuity and rapid recovery in the event of a disaster. Why is layered resilience important? Different data needs different protection. My photo collection, while important to me, doesn’t require the same level of protection as critical application data needed to keep the company running. Layered resilience indicates that there needs to be different layers of resilience and recovery. Super critical data needs super critical recovery. We are referring to the applications that are the life-blood of organizations, order processing, patient services or trading applications. These may only account for 5% of your data, but drive 95% of the revenue. Many organizations protect these with high availability which provides excellent resilience against disasters and system outages. But for malicious events, such as ransomware, protection is needed to ensure that recoverable data is available if an attack corrupts or destroys the production data. Scheduled snapshots can protect that data from the time the data is born. Little baby data. Protect the baby! Pure Snapshots are a critical feature, providing efficient, zero-footprint copies of data that can be quickly created and restored, ensuring data protection and business continuity. Pure snapshots are optimized for data reduction, ensuring minimal space consumption. This is achieved through global data reduction technologies that compress and deduplicate data, making snapshots space-efficient. They are designed to be simple and flexible, with zero performance overhead and the ability to create tens of thousands of snapshots instantly. They are also integrated with Pure1 (part of our Enhanced Visibility discussion) for enhanced visibility, management and security, reducing the need for complex orchestration and manual intervention. Snapshots can be used to create new volumes with full capabilities, allowing for mounting, reading, writing, and further snapshotting without dependencies on one another. This flexibility supports various use cases, including point-in-time restores and data recovery. In events that require clean recovery, and secure recovery at that, it would be much more desirable to leverage snapshots for recovery, where you could scan and determine cleanliness and safeness, often in parallel efforts and the reset time for going to an earlier period of time is a matter of seconds rather than days. But not even these amazing local snapshots are enough. What if your local site is rendered unavailable for some reason? Do you have control of your data to be able to recover in that scenario? Replicating those local snapshots to a second site could enable more flexibility in recovery. We have had customers leverage our High Availability solution (ActiveCluster) across sites and then engage snapshots and asynchronous replication to a third site as a part of their recovery plan. Data that requires extended retention and granularity is typically handled by a data control plane application that will stream a backup copy to a repository. This is usually a last line of defense in case of an event, as the recovery time objective is longer when considering a streaming recovery of 50%, 75%, or 100% of a data center. Still, this is a layer of resiliency that a comprehensive plan should account for. And if these repositories are on Pure Storage, these also can be protected by SafeMode methodologies and other security measures such as Object Lock API, Freeze Locked Objects, and WORM compliance. And most importantly, this last line of defense can be supercharged for recovery by the predictable, performant platform Pure provides. Some outcomes of this layer of resilience involves Isolated Recovery Environments to incorporate even security and create those Clean Rooms to isolate recovery to ensure you will not re-introduce the event origin back into production. In these solutions, the speed benefits that Pure provides is critical to making these designs a reality. Of course, the final frontier is the archive layer. This is a part of the plan that usually falls into compliance SLA, where data is required to be maintained for longer periods of time. Still, more and more, there are performance and warm data requirements for even these data sets, where AI and other queries can benefit from even the oldest of data. One never knows what layer of resilience is required for any single event. Having the best possible resilience enables any company to recover, and recover quickly, from an attack. But native resilience is just one of the outcomes we deliver. Come back to read how we are delivering fast analytics outcomes in an environment that seeks to discover anomalies as fast as possible. Exit Question: How resilient is your data today? Jason Walker is a technical strategy director for cyber related areas at Pure Storage and a real, live, Florida Man. No animals or humans were injured in the creation of this post.Complexity Creeps. Let’s Audit It Before It Breaks You.
Complexity in IT isn’t built overnight—and it won’t be unwound that way either. This blog walks through a practical, no-fluff approach to auditing and simplifying your IT environment. From building a visibility map of your tools and integrations to prioritizing what to fix, executing cleanly, and proving the value with real metrics—this is about intentional, incremental change. Win big. Choose simplicity.Getting Started: 5 Steps to Get the Most Out of the Pure Customer Community
Welcome! You've taken the first step and created an account here. What to do next you ask? Here's five simple steps to take after registering to ensure you're getting the most out of this community. Fill out your Profile: Let the community know who you are! Click on your avatar in the top right corner of this window and select 'My Settings' from that dropdown. Fill in your name, location, and bio information. Plus select from one of several default avatars or upload your own image. Write an Introduction post: Head over to the Social Space and write your intro post. Tell us about yourself, your role at your company, and your goals for participating in this community. What have you been thinking about a lot lately at work? (And we won't shy away from pictures of your pets either!) Follow a couple of Forum areas: Find the products you use most and solution areas you're most focused on in our Forums and be sure to click the bell icon in the upper right of those forums to be sure you get notifications on the latest activity in those areas. If you work in Finance, Healthcare, Public Sector, or Telco there's groups dedicated to the unique needs of your industry areas too. And if you're an open source or automation fan, Cloud Native and Kubernetes devotee, or a Pure Partner, there's dedicated group you can join for each of those areas too. Join your local Pure User Group: Click on Groups in the top nav and select Pure User Groups. (fka FlashCrew) Select your region & find the group for your local area. Click on that group and then click 'Join Group'. This will ensure you hear about any Pure events happening in your local area, including when & where the next meetup is. Pick 3-5 tags to follow: This community makes heavy use of tags. As you browse a forum, you'll notice each thread has tags. That is because we require them for every post. Find the tags most relevant to your interest areas and click the bell icon on those pages so you can keep up to date with the latest posts in those categories, regardless of what forum or group the discussion happens in. Finally, feel free to ask questions! Your friendly admins (bmcdougall and Ludes) are here to answer any questions you have and take suggestions. And we have deputized experts across Pure Storage to be on hand to answer deep technical questions. So don't be shy, there's always someone around to help you out.Why Are We Still Designing IT Like It's 2012?
Let’s talk about complexity in IT. Not the fun kind—like building a Raspberry Pi-powered coffee machine or arguing over whether Terraform should be capitalized. I mean the kind of complexity that slows teams down, bloats your stack, and makes security people question their career choices. You know the type: five backup platforms, three monitoring tools, two storage vendors “for resilience,” and a bunch of scripts someone wrote in 2019 that nobody’s brave enough to touch. We tell ourselves it’s “best-of-breed,” “cloud-first,” or my personal favorite—“strategic.” But let’s call it what it is: chaos without any direction. Enter Conway’s Law (aka the Mirror You’ve Been Avoiding) Melvin Conway dropped this gem in 1967: “Organizations design systems that mirror their own communication structures.” Still true. Still brutal. If your company has six teams that don’t talk to each other except through passive-aggressive Jira tickets, your architecture is going to reflect that—fragmented, redundant, over-engineered, and impossible to secure. Conway’s Law isn’t just a quirky observation. It’s a diagnostic tool. If your architecture feels like a group project gone off the rails, chances are it’s because your org works that way too. Cloud Chaos: Now with More Vendors! And just when you thought it couldn’t get worse—we bring in the cloud. Or clouds. Somewhere between “cloud-first” and “cloud-only,” we lost the plot. We started treating hyperscalers like interchangeable gas stations: need compute? Just pull over at the nearest one. We’ve seen it: Migrations from AWS to Azure to GCP like it’s some weird tech pilgrimage Applications lifted and shifted with zero refactoring Hybrid architectures that “just sort of happened” Look, the cloud’s not the problem. I like cloud and I believe it is here to stay. But designing 100% for the cloud without actually understanding your why? That’s Conway’s Law, just with bigger invoices. Even worse? Bouncing between cloud providers because someone read a Forrester report and got nervous about lock-in. That’s not strategy—that’s cloud-induced panic. The Two-Vendor Lie We Keep Telling Ourselves Ah yes, the old two-vendor strategy. Meant to be safe. Designed to reduce dependency. What it really does? Doubles your complexity and halves your team’s sanity. Two vendors = two playbooks, two consoles, two support teams blaming each other It’s not more resilient—it’s just more confusing Gartner even calls it out: more vendors = more risk, not less If you think managing multiple tools with overlapping functions is safer than consolidation, congrats—you’ve just invented the world’s most expensive “Oops” button. Manual ≠ Secure. It Just Feels That Way Let’s talk about the weird rituals we still do in the name of security: Manually copying data to “safe zones” Turning off network access like it’s a security blanket Spinning up siloed sandboxes to avoid risk It’s not protection. It’s procrastination. Manual controls introduce human error, waste time, and don’t scale. If your “strategy” depends on someone remembering to toggle a firewall rule every Thursday, you're not secure—you’re just lucky. And outsourcing that chaos to a vendor doesn’t make it better. Handing over management to a provider that’s Frankensteined a bunch of loosely integrated tech with bailing wire and hope isn’t a strategy—it’s just renting someone else’s mess. If there’s no real roadmap, no cohesion, no architectural vision—it’s not a partnership. It’s a future support ticket waiting to happen. Hybrid Cloud Needs Purpose, Not Permission Hybrid isn’t a backup plan. It’s a design decision. Too many shops end up hybrid by accident—because apps don’t refactor, budgets don’t stretch, or politics get in the way. The result is an environment that’s technically working but operationally exhausting. A good hybrid strategy is opinionated. You should know: What runs where (and why) How data moves What your north star architecture looks like If you don’t have answers to that? You’re not doing hybrid—you’re doing hope. So What Do We Do About It? We simplify. On purpose. Relentlessly. Design like a startup, not a committee. Keep the stack lean. Less is more when you have tools that actually integrate. Use Conway’s Law in reverse. Want systems that work together? Build teams that do too. Break silos before they become dependencies. Treat cloud like architecture, not an escape route. Cloud is amazing if you design for it. Otherwise, it’s just someone else’s complexity in your billing statement. Stop solving people problems with platform purchases. Most complexity isn’t technical—it’s cultural. No vendor can fix your org chart. Final Thought: Complexity Is a Tax. Stop Paying It. Every extra platform, every vendor “just in case,” every manual handoff is a tax. And it’s compounding interest on your ability to execute. If you want to move fast, secure your data, and stay sane—you’ve got to design with purpose. That means fewer tools, better alignment, and architectures that reflect how you want to operate, not how your politics force you to. You want resilience? Start with intention. But what I’m really curious about is your perspective: How are you dealing with complexity? Is hybrid working for you—or just holding you hostage? Have you successfully simplified your architecture without sacrificing flexibility? Let's make this a real convo—not another “cloud is the answer” thread. —Zane Allyn
Pure's Founding 15 Architectural Decisions
When Coz and team set out to build the first Pure storage system they had a mission to "fix everything that was wrong with data storage." That's a rather bold task if you ask me, and having cut my teeth early in my career deploying and supporting some of the storage systems of the day I can tell you there was plenty to fix. Managing multiple tiers of drive types, RAID decisions, planned maintenance, which compromises to make between features and performance. Then on top of it all once every 4 years or so I would get to start planning a major migration project to retire old hardware and move to the shiny new stuff. I think back to those days and can't help but imaging what kind of projects I could have worked on with all that time wasted RMAing the weekly pile of failed HDDs. HDDs that by the way were typically just reset and sent right back out to me as referbs the next time I had a failure. But that's a different blog post. So what are the 15 decisions? These are the foundational architectural principles that drove the early development of Pure's technology and they still remain relevent today. I believe we can draw a direct correlation back to our consistently high NPS score (a measure of customer satisfaction) to these decisions and the impact they have on your day to day life as a data platform admin. When Ludes , andrew , and I sat down to brainstorm our offshoot of The Pure Report we pretty quickly realized this would be a great story to share. It's a story that takes a lot of time, not something that would typically get discussed in an EBC or FlashCrew user group presentation; and the podcasting format gave us the perfect opportunity to finally dig deep into these decisions and share those with the world. We took each of the 15 decisions and did a deep dive episode by episode; unpacking what it meant for our product development and what it means for you in terms of outcomes and experience. We started 3 years ago and tied a bow on it with the final recap episide published at the end of 2024. For those of you who joined us on this journey, thank you. It's been tremendously rewarding; and for those of you just discovering The Pure Report now, I present to you in it's entirety: The 15 Decisions on The Pure Report Podcast. Built in Simplicity Most Efficient Architecture At Scale Consumer Flash (MLC) Data Reduction Stateless Controllers Front End Active/Active and Back End Active/Standby Streamlined Code Paths Immutable, Usable Snapshots Realistic Efficiency Metrics Adaptive Flexible RAID Security & Encryption: All the Data, All the Time Metadata: The Secret Sauce Simple Install & Upgrade Proactive, Predictive Support Non-Disruptive Everything Recap EpisodeEBC ya at Pure HQ
What a whirlwind! I just made it home a few short hours ago after a quick, unexpected, and incredibly rewarding trip to Pure's Headquarters in Santa Clara. The reason for my side quest?... to support a whole day of customer meetings at our Executive Briefing Center or as we say in the biz, EBC. EBCs are one of the perks of my job. They give me an excuse to see all of my friend and colleagues at Pure's HQ, I get to talk about cool stuff, I get to hear about the cool stuff OTHER folks are working on; but probably the best is that I get to spend all day really getting to know one of Pure's customers (or sometimes a future customer) on a very deep level. And we host a LOT of them at Pure. Most EBCs I'm invited to are a highly structured affair. Our amazing EBC team at Pure Storage are absolute pros when it comes to creating engaging agendas, inviting all of the best speakers, and in general just creating an experience that makes our visiting customers feel like the honored guests that they are. This was not like most EBCs. On Friday I received a phone call from one of our Field CTOs that went something like this. "JD, can you be in Santa Clara on Wednesday? We've had a sudden change in roster for an EBC and I need someone to help me run the day 1 agenda." Turns out we had a customer CTO and CIO decide to join at the last minute but our schedule was full of deep dive technical content that was probably not going to hit the mark with them. Well the good news is that everyone rallied to the cause and in the end we had a fantastic set of meetings that day before continuing the discussions at the 650 Tavern (yeah, Pure HQ has it's own tavern where the intro theme from Cheers plays every time you order a drink). By the end of the day I felt I had made several new friends. So what made this such a great event? I wanted to write this post to share some of my own insights that you can hopefully bring to your next EBC, wether you're a Pure account team or a visiting customer. First, and probably most important is to understand the personas of the attendees. Are we hosting all C-level execs or is a mix of executives and technical folks? In my story above we thought we knew the personas but we got thrown a curve ball at the last minute. Clearly setting expectations for what you want out of the EBC can make all of the difference. Are you a C-level who wants to build relationships and better understand the company vision and strategic initiatives? Are you an IT architect who wants to hear from our thought leaders and subject matter experts? Having this clearly defined as you're crafting an agenda and inviting presenters can ensure you build an agenda that meets the needs of everyone in the room. Second, be prepared! I was a little late to the party for this EBC and I knew that it would be so much more impactful if my discussions and presentations came from a place of understanding. So I reached out to our internal System Engineering Center of Excellence and asked that they send me a Pure Value Review (aka PVR) for this account. If you're a current Pure customer I'm sure you've seen this document before; likely presented by your local System Engineer. It contains a great deal of useful information pulled from Pure 1, our cloud-based as-a-service data management platform. I was able to gain some great insights into the environment including things like what kinds of capabilities were enabled; what were the most recent support cases, and what kind of systems and environments were being supported. While this document as a whole is probably a little to deep for a non-technical audience; it empowered me with a deeper understanding of the customer from which to base my questions and discussions early in the day. And boy was it powerful! I called back to facts I had learned in this report several times throughout the day. Lastly, ask lots of questions. The EBC is a highly customized experience. I wouldn't give the same presentation or have the same discussion with every customer. By learning about my guests I was able to weave specific elements of their business and their goals into the conversation at several points. By the end we were engaging in a dynamic discussion of the future for both companies and how we would continue to work together as partners sharing in each-others success. In my role as a leader at Pure there are few things that give me more pleasure than building new relationships with our customers. I can't wait for the next EBC and who knows; maybe I'll see you there.
