Transcript
for the secure agentic enterprise. We've talked about Okta for AI agents. And now we're going to ground it in one of those real concrete conversations with an amazing company, an amazing leader, and an amazing Okta customer. And this is a conversation with John Rose from Dell. John, come on up here. Thank you. Thank you. So let's start. I want to put Dell in the AI context. So how do you think about the industry, the Dell's place in the industry, how the industry is changing? Where does Dell fit into that? Yeah, we're fairly central because you cannot do AI with the infrastructure of the past. And so our business is building out the IT infrastructures of the world, compute, storage, networking, and all things associated with it. And that's been good for business. We're doing very well. We are finding ourselves in an entirely new world. However, just building infrastructure for someone else would be difficult because you wouldn't know what to build. And so a couple of years ago, we made the decision that we would be customer zero, that we would be the early aggressive adopter of this technology. And I took over. I've been the CTO for quite a long time, but I took over as the chief AI officer about two years ago. And in that two-year period. Was there another person? Or is that a new position? There was a person there for a very brief period of time that attempted to build consensus and didn't work. And then we decided to go top-down. We tried bottom-up, didn't work. We went top-down when I took over, which fundamentally changed our journey, which was, if we're going to build for this new space, we sure as heck better understand what this space is as a firsthand participant in it. We could spend a long time talking about our journey, but the punchline is, after two years of a very disciplined, if you go look at my YouTube channel and listen to me talk, you'll understand we are somewhat militant, and we are very focused on doing this thing in a very structured way that actually gets to outcome, gets to ROI. But after two years of doing that, we just had our financial reports for the second year that we have done this more aggressive adoption of technology, but also changing our people in the process and redesigning our company for this era. Now we have two years in which something happened that hadn't happened in 41 years before that. And that was our revenue grew dramatically. First year, about $10 billion. Second year, about $20 billion. And at the same time, our costs went down. We have never seen that happen. Every time revenue went up, costs went up with it. But when you redesign for the AI era, people, process, technology, funny enough, you decouple those two, because the unit of work is no longer just a human being. It's an augmented human being or an agent. And that gives you tremendous leverage to grow your business and actually improve your cost structure at the same time. Doing that was non-trivial. It required us to lean in to be as bleeding edge in terms of thinking as possible, but also very pragmatic about making sure that we didn't break the business, that we did things that matter. And so one interesting statistic is for all that progress, we never used a single agent yet. We built our first autonomous agents almost two years ago, but the ones in production are pretty minimal right now. However, given the fact that we've had that kind of impact without agents, we are extremely excited about this greater shift to autonomy, the kind of projects we can go after. In fact, we believe that AI can only be applied to a process. And the only processes we could go after with first generation tools are very simple processes that are very much tied to human work behavior. When you move into the agentic world, you can go after the complex processes. You can go after composite processes. You can go after autonomous processes. And that opens up just a gigantic surface area that we're fairly comfortable is going to define productivity for probably the next decade at least. When you think about the agentic technology stack, what are the key technologies? There's process. There's change management. There's strategic direction that has to be in line. And then there's the technology enablement. You mentioned a bunch of this stuff was done without even agentic. What are the key parts of the agentic stack? Yeah. You and I talked a while back. I don't think we had published it yet, but at the end of last year, in October, after working with these technologies and thinking about what would we have to put in place to do this, we wrote it down, interesting enough. We have an internal set of agentic standards. And they're not high-level, hand-wavy stuff. They're very specific. And in fact, they included things like we decided all MCP servers would be centralized because at the time, MCP is just too risky to use without putting it in a safe space. It's a fairly straightforward decision. We now make that part of our architecture. We made decisions about having two kinds of agentic platforms, ones that we wholly own and operate, which we call inner ring, which are our control points and our ability to do things very specialized for Dell. But then it would be surrounded by outer ring agentic platforms that existed within our partners and SaaS services. But we decided these would not be separate ships in the night. They would be part of one topology under one architecture. And probably the single biggest decision we made, which is what we were talking about, which I kind of shared with you guys and maybe gave you some encouragement to go on the journey you're on, is that we decided that every agent in the world that does work on behalf of Dell would carry a digital identity issued and operated by us. I don't care if the agent's in a third party. I don't care if it's a SaaS provider. I want control. I authorize it to exist. And the reason I wanted to do that is because I know agents will track where work goes on. And work goes on in more than just my data centers and my core businesses. But yet, I want to be able to have control over how that work is happening. And what we realized is I can't control the underlying infrastructure decisions because those are third parties in many cases. I can't maybe even control the data APIs as well as I could. But if I control identity, I can do things like a kill switch. I can make an agent go away if it behaves badly, even if it isn't running on my infrastructure and fully under my control. And so that stack that has now formed, which is very much a modern AI factory underneath it to provide the engine to basically run it efficiently and scale it, what we call a knowledge layer, which are the knowledge graphs and the graph databases and the RAG systems that basically enumerate data that agents can use. And then on top of it, a control plane. And that control plane includes registries. But it fundamentally includes identity and access management and authorization. And so that stack now is real. It is published. In fact, just recently, we started to provide it as a pseudo RFI to all of our partners to say, OK, you want to do business with us? This is our set of rules. And to my knowledge, we were the first ones to do that. We think the industry ought to take blueprints and use blueprints because if everybody agrees on the meta architecture, we can actually all align on getting it built because it doesn't fully exist yet. Yeah, it sounds simple. I'm an identity guy. You guys early on made the decision that agents have to have first class identities. We saw the survey I mentioned earlier that only 22% of companies are managing agents as real identity things. And it's good to hear that you're seeing success there. But it's a subtle thing that a lot of people don't get to. They try to treat them as more like software and their scripts and their service accounts. And it's a very profound thing that we can make it happen together. So when you talk about agents, you guys decided to the primary, the platform and the use cases, a lot of them are internal. How do you think about agents operating internally for your enterprise versus agents outside your enterprise accessing your systems and the internal, external trade-off there? Yeah, I would say our first thoughts about agents over a year ago, we had this belief that we could build one platform and run all the agents on it. By the way, we have a bias. We really protect our intellectual property and our data. I am very hesitant to let black boxes of magic touch my data. So I like doing things that I can control, whether they're in my data centers or in systems that I help design the architecture for a provider. But the bottom line is we very quickly realized, as I said, agents track. They are a entity that does work. And that work can exist in many places. Some of that exists in things I fully control, and some I don't. And so early on, we did pivot to have this two concentric ring model, where there would be platforms that we fully controlled. And there would be platforms that we didn't control the platform, but we could control the agents on the platform. And that's where identity and access management became kind of this universal substrate. I think, interestingly enough, I will tell you just to give you some industry dirty laundry, we don't have full consensus in the industry about what even an agent is. Stop, John. Stop. Breaking news. Breaking news, agent washing. But it's even worse, because some people believe agents are a feature of a model that's behind the black box of magic of the API, and you don't need to understand it. I completely disagree with that. We believe agents are software systems that can do autonomous work, and they do use large language models, but they also use knowledge graphs and other types of data expressions. They have a tool use interface, today primarily MCP. They have interagent communication with protocols like 8a. That is a system. And the one thing we're struggling is we haven't quite got to consensus about which of those is the right answer. Is it a feature of a model, or is it a software system that does work? I know where it's going to end up. I'm 100% confident the second is the right answer, but that creates tremendous confusion for people. It also makes it very difficult for me, interestingly enough, as I want to have ubiquitous identity and ubiquitous control, that if you believe an agent is a black box of magic hidden behind a master account that is owned by a provider, it's very hard to reach into there and do authorization for what appears to be a knowledge graph that I can't control. I've got to pull it out. So we are generally treating most of those companies, and they are our partners in this extended ecosystem, and we're deprecating them. They are not agents to us. They are just tools. And the intelligence and the reasoning will happen on our side until they expose that underlying capability. So I would say most of the enterprise ecosystem, we have 650 startups we're working with building enterprise AI stuff. They have all largely gravitated towards these have-to-be composable systems. They're software entities. They work together. They have this kind of composable architecture. That's good. Some of the bigger providers haven't quite got there yet, and so we have to figure out how to work with it, which is why it's so important in your framework that you don't just assume everything is a first-class agent. Some agents might not actually be expressible as agents because they're behind a firewall or unexposed to you. So treat them like a tool, and then control the tool use access, which is another authorization technique. It all blends together. So you're the CTO, so your job is to predict the future. So tell us what's going to happen. Well, here's the first thing. We have something in Dell called the two-year rule. Sorry, Todd. We treat all AI decisions of having no more than a two-year lifespan. And the reason for that is you win, you get us for two years, and then we re-evaluate because honestly, we can't predict that future. But what I will tell you is the one thing that is absolutely certain, and you kind of mentioned it in your keynote. We are in a period where autonomy is becoming the actual characteristic of these systems. It's not the technology by itself. It's that technology can operate autonomously. It will operate in low-grade autonomy like a better tool, or it can operate in high-grade autonomy like a full-on digital expert worker. It is inevitable that that is coming and is happening. And so the biggest shift that we can see is we have to prepare for that. We have to rethink work. We have to rethink our infrastructure. The other thing that's interesting, infrastructure, guys, years and years ago, it's like six years ago, I'm on the record of saying something along the lines of there will come a time where the majority of your IT infrastructure is actually in service of AI outcomes. And more importantly, when that happens, you will have to redesign your IT architecture to treat AI as the primary workload, not the secondary. We are actually at that time right now, but I will tell you the majority of the world's infrastructure was built before generative AI even existed. It was architected. We continue to apply architectural principles to it. So one of the biggest predictions is not only is this coming, but it is going to force a complete rethink of all the dimensionality of our IT environments, not just so that we can add a new capability, but so we can actually optimize the primary purpose of our infrastructures and IT systems to actually enable this autonomy. That is a big deal. If you read what I just said, clearly, you're going to have to rethink everything. In fact, we encourage customers today that if you have an existing infrastructure and IT strategy, this is a very good time to pause, because you probably made every decision in that list before generative AI ever happened. It's a great time to stop, to get educated, to rethink everything from identity, to access control, to telemetry, to infrastructure choices, to where the AIs run, and where the data lives, and what those data layers look like. That is probably a terrifying prediction because it means we have a lot of work to do, but it's also incredibly exciting because if we optimize for autonomy, this thing accelerates. And when it accelerates, I will guarantee you the result is dramatic impact on GDP, on lifespan, on health care. The amazing things that can happen if we get this right by doing it securely will happen quicker, and that's a very good thing for all of us. Yeah, very well said. I'm very excited. The way I think about it is there are 1.1 billion knowledge workers in the world. We spend about $30 trillion, and they produce about 65, 70 trillion of wealth. How about we cut the cost by 10% and produce twice the wealth? Exactly. That would be a pretty amazing future for everyone. Thank you so much, John, for being a customer and entrusting us with helping you build this, using Okta for AI agents to build this identity layer in your platform and be the foundation for the Dell secure agentic enterprise. Yeah, no, thanks for having us. We're super excited to see this go GA. We've been on the journey with you to build it, and I think if you haven't looked at it and seen what's going on here, this is a pretty important, kind of very early, real example of how to do this stuff. So congratulations on GA. John, thanks. Appreciate it, yeah. Thanks. All right. Thank you.
