E239 - Saumya Gupta, AVP at Platform 3 Solutions, Data Archival, Governance, and Compliance in APAC (Singapore)
[00:00] Debbie Reynolds: The personal views expressed by our podcast guests are their own and are not legal advice or official statements by their organizations.
[00:12] Hello, my name is Debbie Reynolds. They call me the Data Diva. This is the Data Diva Talks Privacy podcast where we discuss data privacy issues with industry leaders around the world with information businesses.
[00:24] Need to know. Now I have a very special guest on the show today, all the way from Singapore, Saumya Gupta. She is the assistant Vice President for APAC and Japan of Platform 3 Solutions.
[00:39] Welcome.
[00:40] Saumya Gupta: Hi. So glad to be here.
[00:44] Debbie Reynolds: Yeah, I'm glad it took us a while to get this organized, but thankfully we were able to get this together. And thank you for staying up late in Singapore for doing this during this call.
[00:56] I really appreciate it. Your profile interested me because of the things that you focus on, especially around data archival, legacy data governance and compliance, especially in the APAC region. And so I want you to tell your story about how you came to be the assistant vice president for Platform 3 Solutions.
[01:20] Saumya Gupta: Perfect. I love to talk about my story. So it's. I started off as a hardcore developer coder, a person who writes Java programs and does, actually does the encryption logics and designs the key management systems, etc.
[01:36] And from there as a developer I became lead, I went into the product, then I became the product head and the business analyst. Now I'm totally on the business side of things and right now I am the VP for the data Lake practice.
[01:52] So as you said for APAC in Japan. And I am more on the big picture privacy now. So we have our own products and solutions that we work on that are around data archival, data discovery lakes, data lake houses, and it's all a very comprehensive package.
[02:13] And why I get interested in privacy is because now when I hear about privacy, I feel privacy should not be an add on. Right? I feel privacy has to be a baseline, it cannot be a bonus.
[02:26] So that's where it gets very interesting for me when people talk privacy and they say that, okay, we have to put pets on top of this. Pets is very much discussed now, right.
[02:36] And I feel that every provider, every vendor should really be considering it, this as a baseline and everything should happen from here. The first idea should be to make sure that the data is kept privately, computed properly, transited properly, and then we should be talking about offering the solution,
[02:56] right? So that's where I come around this. And when I say that I lead the Data Lake practice, so it's obvious for me to make sure that the data is private, privately handled between all the stakes.
[03:09] And so I'm more on the big picture, privacy. But I've seen, I've been through the channels and the rivers in the middle.
[03:17] Debbie Reynolds: Thank you for that. And I love that you're talking about data lakes. I don't think we've had anyone who, who can on the show who can really address that. So yeah, let's talk a little bit about data lakes.
[03:28] And I talk about it a lot, especially around things like unstructured data. So for example, like when I work appliance or I talk to people who are doing privacy and trying to assess their data within house, they say, well, I have a map of all the applications that we have,
[03:46] all our data. And I always tell them like statistically most data in organizations is not in applications. So the majority of data that companies have are structured and they're not, they're a lot of times they're not properly secure.
[04:03] People don't know who has them. They don't understand what should happen to them. So talk to me a little bit about that challenge and kind of the data lake way.
[04:11] Saumya Gupta: So perfect right now, a data lake. So I don't call it structured data or unstructured data. I just like to call it enterprise data, right? And an enterprise data has to have structured, unstructured, semi structured.
[04:24] And what we normally do in the practice is we make sure that all your applications that are legacy applications. So I feel, Debbie, by the way, that my major, major concern in terms of data privacy today is, is that the legacy systems are the biggest threat to the privacy of any organization,
[04:46] right? So what we try to do is we make sure that all the legacy systems that are contained, that are being used currently in the organizations that they have to be modernized.
[04:57] And when I talk about modernization, that's where data lakes come in, right? So what we try to do is we try to make sure that and every organization must make sure that all their data in the legacy applications which are not properly maintained, which were not purpose built for legacy,
[05:14] for example, SSNs, right? Today SSN Social Security numbers are the most important and secure and private information today. But early on when we had legacy systems, SSNs were being used as primary keys.
[05:29] So basically everybody knew it. Basically everybody had to have the SSN number to be able to query data from the database, right? So that's where it becomes imperative for us to talk about modernizing these legacy systems and bringing all that historical data, active data and all of that into a data lake.
[05:49] So what I like is not only data lake, I advocate data lake houses, right? So a data lake house is a combination of a data lake and a data warehouse.
[05:58] So basically a warehouse is used mostly for analytical purposes and takes in only structured data, Whereas data lake takes in all sorts of data. Like a lake can absorb whatever you throw at it.
[06:10] Right? So it can take structured, unstructured, semi structured. But a data lake does not have a solid metadata to it. Okay. And that's where a lake house marries the warehouse and the data lake.
[06:22] So it takes in a lakehouse will be able to take in all the data structures, all the data types, and along with it it can maintain a metadata on top of it.
[06:33] And like that's the most beautiful thing you can do to an enterprise data picture because it makes your system very self sustaining and streamlined to take to take in any data that could come in.
[06:46] Debbie Reynolds: Now, although I know more than most people know about metadata, but just to make sure the audience understands, tell people why metadata is important.
[07:01] Saumya Gupta: Okay, so metadata must be captured at multiple levels. So basic metadata would be name of the table, name of the column, type of the column, okay, row count, maybe number of records.
[07:14] Whereas now how we should be capturing metadata is at multiple levels. This is the technical metadata based metadata that is available from the schema of the database itself. Whereas there should be others like domain classification application.
[07:28] Okay, how much is the, how much data of this entire thing is related to my, let's say I'm talking of an insurance system. How much of this is claim related data, how much of this is policy related data and, and things like that, right?
[07:43] How much is customer data? So that is another categorization of metadata. I have about five categories how I classify it. So the second categorization is business domains. Right. Then the third has to be quality of the data that also must be captured in the metadata.
[07:59] I call it the open metadata model, where the metadata should be evolutional that I started off, I knew only the technical metadata. Now I've added these capabilities. Now I see, okay, how is the quality, how unique is the data and are there only nulls in the data?
[08:15] So the quality of data is not really good. So then you move on from that to.
[08:21] So when you are in data lake, this is what I called operational metadata. This is my fourth category. And operational metadata is that when you are trying to query something again and again and it's taking a long time to respond, you have to capture that, okay, and you have capture it and you report it back that,
[08:38] okay, this metadata, this particular record is timing out again and again. So that will be something that will give insights to the database designers or whoever to make sure that there is something wrong with this, you have to correct it.
[08:52] And this is all being captured in the metadata. And there is so much information that you can capture from between the lines. You don't even have to go and search the entire data for a few things, right?
[09:04] Then there is sensitive information. How much of my data is PII data? Based on this particular privacy regime, gdpr, how much of my data, how much percentage is location data, how much percentage is emails?
[09:15] And that also must be captured in the metadata. So these are like the five categories that I call as my open metadata categories. You have to keep capturing it, and then this metadata becomes your holy grail to make sure that you are able to drive governance on top of that data compliance on that data life cycle,
[09:35] of that data life cycle, again is, I feel,
[09:39] very, very important. And so, because I come from a very strong archival, data archival, data preservation background, right? We make sure that none of the data is kept for more than how much time it should be.
[09:54] And basically that's why I say that data archival must be the. It has to be the key strategy. Data retention and data archival has to be the key strategy for data privacy.
[10:07] Today we don't talk about it so much and you see 95% cyber attacks, 95% of the vulnerability attacks and of hacking and cyber attacks that happen, they happen on top of old historical data.
[10:25] Now imagine that data was not even supposed to be there and you just got yourself into the problem by not retiring it on time, by not archiving it on time.
[10:35] And there are so many plethora of problems that come with lack of data stewardship and governance on old data,
[10:43] right? And so basically what you are doing is if you are not retiring data, if you're not archiving data, you are just increasing your surface area of problem. You have like so much data that can be attacked today, right?
[10:57] It's not even production, you're not even using it. You also don't know why it's lying there. So that's why I feel that is like the key strategy. If enterprises think about it upfront, they will be able to reduce the vulnerability space.
[11:11] Debbie Reynolds: I agree with that a lot. And I've talked a lot about legacy data and why I thought that was kind of the company's biggest risk. So I agree with you and I follow a lot of the data breaches.
[11:23] And you're right, a lot of them, the majority of them are from legacy data. And part of that is that sometimes I tell companies data with the lowest business value often has the highest cyber or privacy risk.
[11:38] Because a lot of times companies aren't really protecting that data the same way that, you know, they're protecting the stuff they think is more important. I think also companies,
[11:48] you know, the way that applications have developed over the years in my career has been you didn't delete anything, you kept everything, right? And so now we're saying don't keep everything.
[11:59] Like have a data life cycle. Like data should have a life cycle. It has an end of life strategy. But I think companies, especially after we went over the kind of big data phase, people got in their head that more data is better.
[12:14] We have keep data as long as possible. It's so invaluable. And now we're seeing with data privacy laws are saying they're some of the first say don't keep data forever, get rid of it after a certain, after your purpose has expired.
[12:28] And so I think we have this tension going on where you have some companies feel like data is, is everything. It is so. Data is the lifeblood of organizations, but bad data creates more risk that is unnecessary within the organization.
[12:46] So tell me your thoughts about that.
[12:48] Saumya Gupta: I mean, it is an irony, right, if you think that AI promotes data maximization, as you said, that data is everything and we need to have data, whereas privacy is an advocate of minimization that take only what you need.
[13:05] But AI says the more I have, the more I can train, the more better, the better I can get. So it is an irony. And see the way that we have to, we have to handle this right, is by identifying.
[13:18] So there is a concept of business complete data. And so business complete data is your active data and there is passive data, right? So the way that I look at it is it's very important to identify how much data is business complete.
[13:32] Okay? As in for example, a data that has finished its use case life cycle, for example, that insurance, right? In insurance there are laws that say that after a policy has been closed, you don't have to keep the data of the corresponding people for a very long time after they even have,
[13:51] like after five years, you should not keep it. So if you are not letting that data go, you are basically going out of compliance. It's not data maximization anymore. You are going out of compliance.
[14:01] You could be a subject of breach today and you will not be able to produce any clarification on that. So yes, when it comes to gathering more and more data, you have to make sure that innovation goes in handshake with compliance.
[14:16] Because today it's not only the Brussels effect today, right? It's everywhere.
[14:20] I mean, we have it in Singapore, we have PDPA in India. They have this DPDPA act standard starting up. It's taking effect this year. So do as much as you can do, but you have to make sure that the compliance is met.
[14:33] That's the only way you can scale up.
[14:36] Debbie Reynolds: How do you change people's or companies ideas about how they have to handle data? So what we're preaching is something completely opposite of the way companies have traditionally handled their data.
[14:51] And I think what has happened is that companies are having challenges with data because they have so much data and it's hard to manage. So they have to find ways to better manage it.
[15:04] And so to me, it makes it a good opportunity to deal with or come up with a strategy for legacy data. But just how do you convince companies that they need to take these types of legacy strategies on board?
[15:19] Saumya Gupta: We say that you should divide and protect. That's how we call it. Which means that to start with, first of all, you have to make sure now depends on legacy systems, right?
[15:29] Like for example, content management systems. Early on, content management systems were very popular. They did that job of keeping all the documents together in a way that they separate. They separated out outlay of the document, overlay of the document, that's a form format of the document and the content of that document separately.
[15:48] So they don't have to keep saving heavy PDFs again and again. They can save these two things differently. And the overlay can just needs one copy and the content can keep repeating, which makes it very easy, which makes sure that the storage is very optimized.
[16:02] Right? So, but now in today's age, content management systems are getting over it like obsolete. They are getting obsolete because today storage is very cheap.
[16:13] Early on storage was very expensive. So everybody had that focus on how to make sure that the storage is better utilized. Now storage is that cheap that they people are thinking that if I take all of these documents, even with the the entire content also I will not be incurring as much cost as I'm incurring with the license cost of my cms,
[16:35] of my content management system.
[16:37] So which makes them understand that okay, it's better to move to S3 to A data lake and be able to leverage more modern technologies and downstream analytics on top of it, which I cannot do in CMSs.
[16:52] CMSs are only serving the purpose of storage and storage and producing the documents and making edits, etc. Whereas the same thing if you try to do on data lakes it's much more scalable.
[17:04] So scalability is another reason where people go in. The other reason where people go in is. Let's talk about very old systems like mainframes, right? So mainframes has its own problems.
[17:15] Number one, it's very, very expensive. You know, they're like big, big computer boxes.
[17:20] But still it's like the majority of Fortune 500 companies even today still run their legacy workloads on mainframes. And a lot of them being banks. We have personally spoke with those bank and worked with those banks and they are trying to get out of their systems.
[17:37] It could be DB2s, it could be VSAM. So these are all the different types.
[17:41] Now there are issues with it. Number one, cost. Okay. Number two, maintenance. There is a big talent gap in the middle. Now mainframe required COBOL developers and people with those niche capabilities.
[17:55] But now everybody has tried to move to Python, everybody is moving to newer technologies, which has created a big talent gap in the market which,
[18:04] which is causing them to not be able to maintain those old systems. Right. And so that is one other trigger that Bhai, let me move out of this. It's not sustainable in the long run.
[18:14] I'm spending so much money for it and I have to find better technology.
[18:18] Then there has to be. So privacy, up to a point I can say. So it's very debatable if I say that mainframes are not secure. So because they are supposed to be, arguably they are like the most logged systems and nobody else can enter it from outside.
[18:35] But considering the pace at which the technologies and the hacking system is all growing, the cyber risks are growing and the vulnerabilities are growing and it has made it very vulnerable for the mainframe systems to be able to catch up to that.
[18:53] I'm not saying that they are not secure enough, but they don't have enough talent to be able to support and to update all the security considerations because of which they are becoming more and more weak.
[19:05] Right. So that this all becomes a trigger for them to move out of legacy and to move to be able to leverage the benefits of more modern architecture.
[19:16] Debbie Reynolds: You touched a couple times on privacy and I, I agree with you and I like what you said. You said that privacy should be, should be a baseline and not a bonus.
[19:28] I thought that was like a perfect line because as people, you're working with data, you're seeing that the types of problems that you have in the privacy arena can't be solved after the fact.
[19:41] Right? Because it really the value, especially in governance, we Were thinking about governance. A lot of the things that you can avoid if you think early about privacy at a foundational level can really help your lessen your risk downstream.
[19:59] But I want your thoughts on it.
[20:01] Saumya Gupta: When I went to this conference, okay, So I was not up. So these terminologies keep evolving, Right. I didn't know what is pets, okay.
[20:10] So when I went into a few conferences and I heard people talking, this is like maybe two years back, okay, when I heard people talking about pets and I heard that, okay, privacy enhancing technologies and privacy preserving technologies, I was surprised that.
[20:27] Why are we talking about privacy enhancing technologies on top of existing data? I'll explain. So I feel that they're talking about fully homomorphic encryption, they're talking about multi party compute.
[20:38] I feel that this all should be inbuilt into provider, into the software. And instead now the way that the arguments are going is like it's baffling for me because they are saying that, okay, now you have, now there are new vendors coming up to provide fully homomorphin encryption on top.
[20:57] Okay. And I feel that this should be implicit in the product. Like for example, when I was a developer and when I was doing all of this, it was a mandate for me that you have to make sure that all the encryption, masking, key management, all of that is handled here upfront before you roll it out as a product at all.
[21:17] Does it make sense to you?
[21:18] Debbie Reynolds: I agree. Right. I agree it should be baked in. But I think, and actually to your point,
[21:25] and maybe this isn't happening fast enough, but eventually, I think a lot of what PETS is trying to do is try to take systems that aren't built for that and try to add that on top.
[21:39] But eventually I think the way that the software lifecycle should go is that some of this stuff should be foundational. You won't really need pets at that point because they'll be in products.
[21:51] Saumya Gupta: Yeah. And if it's not there, they are not doing a good job.
[21:55] If it's not there inside the software, then how can you talk about data upfront and build something for data without considering the privacy angle to it? But I understand that it's coming on top because there is a problem.
[22:07] So that's why I said it has to be a baseline, it doesn't have to be a separate add on or a separate bonus to it.
[22:13] Debbie Reynolds: Yeah, that's my personal thoughts. So what's happening in privacy right now, anywhere in the world that's concerning you now?
[22:25] Saumya Gupta: What's concerning me is the data maximization. Minimization problem also that you spoke about, right? That AI promotes having more and more data available, aggregated to be able to learn on top.
[22:38] That is completely against our concepts of minimization. So that that is one thing. Then again, concerns are again that the old system designs have inbuilt loopholes in it which have to be addressed by moving that data into modern technologies.
[22:56] Otherwise we will not even know where it's failing. I mean the old softwares have things like they'll have sensitive data coming out in log files. Okay, how much will you control?
[23:05] I mean people hardly care about logs. And they imagine that can be there in a public file directory. How much would you control? Then there are about this whole, all the private data that is contained in the flat files.
[23:19] So many of legacy systems use flat files as their base, right. Instead of using databases or Microsoft SQLs or MySQLS. So and those flat files were not encrypted to a level that.
[23:32] So from the software you can get in, but if you want, you can go into the file directory and a hacker today can just go, go and hack it. It's not encrypted up to as, you know, as updated with the current technologies.
[23:45] So I feel legacy data is still the biggest threat. Why I say that is because in today's now whatever is evolving and now whatever software that being created are still, people are still mindful of privacy because it is a big problem.
[23:59] They get held by compliance. But anything that was there before, people didn't care about it. And it will create more problems than it is all.
[24:08] Debbie Reynolds: Yeah, I think so. What do you think about artificial intelligence? How does artificial intelligence in your view make privacy harder?
[24:19] How does it raise the risk or reduce the risk in your view?
[24:23] Saumya Gupta: Okay, so artificial intelligence is definitely making it better. Because if you think about it, it has opened better discovery, it has opened better options for prediction of risk and prediction of a system failure.
[24:43] Right. That's where I think in terms of identifying the data quality, in terms of identifying. So we call this data observability, right? That AI will be able to look at the patterns and based on the metadata.
[24:58] Metadata is again the center point for it. Based on all the metadata is predicting it will be able to tell that this particular area could be a problem in terms of both operational efficiency and privacy.
[25:11] So I feel just identifying the privacy threats that might be coming and identifying the current stature of our privacy portfolio. I think yes, AI is definitely helping out. But yes, the whole concept of passing data into machine learning models that are openly hosted it all increases the threat of being of being exposed more.
[25:39] So there are pros and cons and I feel that's the only place I feel that pets does marvelously. I mean it, it helps a lot with making sure that everything for multi party compute and for everything, I mean it just makes sure that AI is one use case that it will definitely guarantee to govern.
[25:59] Right.
[26:00] Debbie Reynolds: I agree with you. I guess there are two sides of AI I think are interesting. So one is that there'll be more capabilities within applications to do things like you say, like predictive and being able to see things.
[26:15] And for me I think there's going to be a lot more metadata as a result of AI that we're going to be able to add to AI. So I think that'll be interesting and good.
[26:25] I guess on the other side of that would be people putting their personal data AI systems laws around privacy saying you have to track people's data. And some companies, once they start using certain AI tools, they lose control the private data and they don't really know what's there, they don't know how to protect it.
[26:46] And I think that's kind of a new challenge. But I want your thoughts.
[26:50] Saumya Gupta: So another thing about sensitive data, right? Like what we do is everybody wants to move to data lakes and everybody wants to move to cloud, okay? But there is a big threat because data lakes today are advocated heavily on cloud and everybody is especially banks are a little skeptical about the whole movement because they.
[27:09] They also have laws and compliance rules that say that this particular data can only lie on prem on physical hardware which is particularly governed by their proprietary security standards.
[27:22] And because of this it inhibits innovation because they cannot move their data to cloud. So another way that we handle this for sensitive data is by creating different bunkers like data bunkers is how I try to call it, which makes sure that you anonymize your data from.
[27:42] Anonymize your sensitive data from your operational data, transactional data and make sure that your sensitive data per se that is contained inside an on prem data bunker and everything else that you need to keep the system running, which can be operational, must be moved to the cloud.
[28:02] This enables multiple things like anonymization. First of all, it's there on the cloud, it's anonymized and based on your GDPR mandates. Also it is required, data segregation is required to be able to differentiate sensitive from non sensitive.
[28:15] Then data access is very regulated because there will be no way that anybody can access this data that is lying on prem inside a Data bunker, they have to have to go to only that channel.
[28:27] And authorization is further regulated by. When they come in through that channel on the cloud and they try to access the data, they are again verified, their authorization is again verified, whether they can access that data or not.
[28:39] And that data bunker is in itself encrypted. So they take that key and they go to the bunker, they again take a key from a different key store and. And they convert the already encrypted data of bunker and then that data gets produced.
[28:55] So I think ever since I have started talking about data bunker, this is the most practical way people feel they can take their data to innovation without exposing it to vulnerabilities.
[29:09] Debbie Reynolds: I never heard anyone talk about it in terms of a data bunker, but that makes total sense.
[29:15] Saumya Gupta: Yes, because many a times I was talking to a South America company and this was their challenge. They were a reinsurance company and they wanted to move to the cloud and their regulations did not allow it.
[29:29] So we were actually not being able to. It was stuck at a process. They were trying to go to their compliance team, trying to convince them that we have to be moving to cloud.
[29:39] And then they would say, no, it's not allowed. So it was a back and forth. And then we proposed this to them that why don't you consider making an on prem bunker?
[29:47] That way you get the best of both worlds. I mean, this access will be more regulated than only having it in on prem and people just cannot break in. It's all anonymized.
[29:56] Debbie Reynolds: Yeah, I love that idea. So, Saumya, if it were the world according to you and we did everything you said, what will be your wish for privacy anywhere in the world?
[30:07] Whether that be regulation, human behavior or technology?
[30:13] Saumya Gupta: My wish for privacy would be first consider privacy as your baseline again, that anything that you are doing, it should not be. Let me get my work done and then I will talk about or think about privacy.
[30:27] Like today, the whole argument of having data protection officers where they are sometimes kept in the backseat and not considered in the main discussions. And I keep hearing this and I feel that this is supposed to be considered very important, but people are not understanding currently and they will understand when they face a litigation and then they will go to the same DPO and hold him accountable,
[30:50] which is not fair. I mean, they have to understand that why talking about privacy is more important than ever today is majorly because of the advent of AI and why these laws are getting more discussed now.
[31:04] They would say that, okay, 10 years back I didn't have a DPO and I was surviving. But now why do we have an AI Act? Why do we have privacy laws coming everywhere?
[31:13] Why do we have everybody talking about their own cross border rules? It's because that AI has confused a little things when it comes to different, different nations. So people have tried to make sure that they have their own regulations that safeguard them.
[31:30] And I feel that's but obvious because today, in, today in this landscape we have the fear of unknown. We don't know what can go wrong. So we have to be extra careful in terms of.
[31:42] Because the whole cyber landscape is evolving in both the good and the bad ways and you never know what could go wrong. So you have to make sure that the TPOs and all the privacy discussions are kept upfront and treated with high regard in your technology selection, vendor selection,
[32:00] all of that. And then that would be in organization, hierarchy, structure wise. And then divide and protect again. You have to make sure that you divide, you identify that this is my complete data.
[32:15] This much of my data must be migrated, modernized and moved. Okay, this is my operational important data. Number two, archive. This much of my data is required only for compliance reasons.
[32:30] This is not operational, but I cannot get rid of it. I should archive, identify the right storage, the right medium, archive that data. Number three, retire. You have to make sure that you identify this all is passive data only above.
[32:45] This is my business complete data. This is like this is all passive. Now you have to make sure that you defensively dispose that data and defensible disposition is another big, big topic.
[32:57] So you defensibly dispose that data of and so that you have the right surface area to worry about. So three, three things to do. Identify what to migrate, what to archive and what to retire.
[33:10] And your whole footprint will become much, much lighter. And the stewardship can be maintained, the governance can be maintained. Right. And yeah, so these are my two main things.
[33:23] Debbie Reynolds: Yeah, well, this is great. Thank you so much. So you've taken a really complicated topic and made it much simpler for people to understand. So thank you.
[33:33] Saumya Gupta: With all the technology going out of support, with all the softwares being, you know, suddenly they say that this is end of life and people are like, oh my God, if there's no support, how will I manage the data?
[33:44] How will I manage compliance? So they have to consider moving that data. Modernizing. So modernizing today I see is very, very important. Moving out of legacy. And I've seen you talk about it.
[33:55] If you remember there was one of your podcasts, they had beautifully framed it. I wish I had that in my notes. I would tell you and you have replied to it also that yeah it's very beautifully framed.
[34:04] It was also on data discovery and classification so makes a lot of sense. I love what you thank you so much.
[34:13] Debbie Reynolds: Well thank you so much. This is fantastic and I'm sure that the audience will love it as much as I do because I think these are really the discussions that are happening in almost any every type of organization so this would be a great episode for any company to listen to.
[34:28] Yeah.
[34:29] Saumya Gupta: Not so somehow this is not considered very sexy.
[34:34] Debbie Reynolds: Right right.
[34:36] Saumya Gupta: It is very important for people to start thinking about it so they don't have to end up in fines and all.
[34:44] Debbie Reynolds: Totally I agree with that. Well thank you so much for being on the show and I'm sure we'll be able to chat in the future.
[34:51] Saumya Gupta: Yeah Debbie looking forward anytime I'm there in Singapore.
[34:56] Debbie Reynolds: Thank you. Thank you. Thank you.
