Data-Protection-as-a-Service startup Calamu has just gained funding to develop double-encrypted, multi-site, multi-cloud, fragmented data protection technology that is self-healing, defeats ransomware, and meets compliance rules.
The company was started in 2019 by CEO Paul Lewis, incorporated in 2020, and took in two rounds of seed funding in 2021; $2.4m in April and an undisclosed amount from Dell Technologies Capital in June. It has just raised $16.5m in an A-round led by Insight Partners with Dell Technologies Capital putting in money again. Total funding is now more than $18.9m.
Lewis’s funding announcement statement said: “With billions spent on cyber resilience, the frequency of cyber attacks continues to escalate. Instead of trying to prevent an attack, Calamu is capable of absorbing an attack without impacting the business.”
How does this Calamu Protect technology work?
A file or other piece of data to be protected is first possibly compressed and then encrypted. Then it is split into redundant fragments and the fragments re-encrypted using different keys. The fragments are then scattered across multiple geo-dispersed sites, such as AWS, Azure, GCP, and on-premises storage (NAS and drives), as a Calamu diagram indicates:
The string of sites is called a data harbour and forms a redundant virtual storage environment.
The result is that if any one site’s copy of the data is accessed, all you as a malware actor or hacker get is a double-encrypted fragment of data with no key and no indication where the rest of the data fragments are located. It’s a string of meaningless bytes.
If this particular cloud or on-premises site goes down or is corrupted, Calamu Protect’s monitoring function will detect it, rebuild the list data from the other fragments in the other sites then store the rebuilt encrypted fragment in another location. In other words it is self-healing.
Because the data in its entirety is not stored in any one location and none of the storing locations can disclose the actual data they are storing, this technology can meet certain compliance regulations concerning data jurisdictions.
Lewis said: “Calamu enables data to be stored with jurisdiction-independence. This intrinsically provides compliance with regulations such as GDPR and HIPAA, and opens the door for many businesses who wish to migrate to the cloud but are fearful of non-compliance.”
Calamu Protect writes and reads data to the scattered locations using parallel engines so that access time for the data is typically faster than downloading the equivalent file in its entirety from any one single public cloud location; up to 30 per cent faster.
Users access a Calamu Console as a central pane of glass to create data harbours or add new storage locations. Calamu Drive operates with Windows File Explorer or macOS Finder to present items stored in Calamu Protect as familiar files in folders.
Data is written to/read from the multiple sites using Calamu Connectors, which support Amazon S3 buckets, local servers or database snapshots. They support a Docker or Kubernetes containerised architecture.
A Calamu document by chief software architect Rob Pledger discusses its technology. As the company only emerged from stealth last year and has just had an A-round, it is now developing its first real product version. You can request a demo here.
We found a downloadable patent US9405926B2 – “Systems and methods for jurisdiction independent data storage in a multi-vendor cloud environment” – assigned to Calamu’s Paul Lewis. It states: “This invention relates to data protection and security in a cloud-based environment. In particular, the invention allows data to be stored in a cloud environment whereby it is inaccessible to any third party and not subject to data privacy laws of any given jurisdiction.”