Transcript
My Matchett with Small World Big Data. I'm excited to be here today talking with an up and coming storage company that's got a new take on the way we might use storage going forward and that is to build multi hybrid protected data harbors. Let's find out what that is coming up with Calamu. All right, guys, Welcome today, Paul and Dean. Glad to have you here on the show. Good to see you, Mike. Thanks for having us. So Data Harbor is a bigger topic. It's in the category of cyber storage, cyber security, where we're combining the idea of data and storage and cyber protection together into solutions. I think that's what people want these days, is to have have have things sort of built together for them. But before we dive into Data Harbor, maybe you could tell us just a little bit about Calamu and how that how that got put together. And, you know, why are you excited about Calamu? Yeah, I'll take that. So Calamu, I created Calamu after being an incident responder for a number of years and working with companies all around the world that continue to get breached and continue to get attacked by the bad guys and just figured there had to be a better way. So over a period of time, working with, you know, several of my peers, we came up with this concept of how we can protect the data itself, not necessarily the infrastructure that protects the data, but the data itself. And we've come up with this concept that we call a data harbor. And when we put data in a data harbor, the data really is safe. All right. And Dean, how did you get hooked up with Kalama? You know, being a guy that comes from the data protection space, cloud storage. I learned a little bit about the intellectual property that Paul had and his team had had developed and just really identified that it's an evolution, maybe even revolutionary in terms of how companies can protect their data. The threat of ransomware malware, it's changing every day. It's evolving. We're talking about double extortion style attacks and all types of, you know, threats that that companies never had to historically worry about. And we truly protect the data in a way that's that solves for the threat of data exfiltration. And in addition to the traditional threats of ransomware with malicious encryption and deletion. So there needs to be a change out there. The industry is begging for this. Customers are begging for this, and I'm just happy to be a part of the organization. There's really two threats, right? It's the ransomware threat and but that's evolving into one in which the data can also now be stolen and exposed as well as encrypted on on your behalf. So we've got to be worried about that. And we see a lot of solutions that are really just focused on that ransomware part. So, yeah, precisely. 83% of attacks are really focused around the theft of of data exfiltration and the subsequent leak and sale of, you know, companies, crown jewels. So which is. Which is why, Mike, why we've seen ransom payments just skyrocket over the last 18 or so months. Right? Because it's not so much your data is encrypted and pay me to unencrypt your data. It's your data has been stolen. And if you don't pay us, we're going to leak the data. Right. Right. And it's a particular problem. My my health care provider got hacked a couple of weeks ago here, and I'm really upset about it. And it's like, how long have they known about ransomware and exfiltration and what's going on? People should be taking action. All right. My problems aside, when we talk about calamu, we're we start to introduce a lot of topics at first might sound difficult to get our heads around, but we're really talking at a usage level of its its object storage. Its an S3 compatible kind of endpoint. So it's not this huge hurdle of of other extraneous stuff we have to architect, right. It's it's, it's using, it becomes fairly, fairly straightforward. Yeah, we want to make it super simple to deploy, so we actually deploy in minutes. You build your data harbor using your storage, whether it's on prem or in the cloud and you've got all the protections, your data is really, truly protected. Very, very quickly. Kind of transparent to the end user or to applications. All right. So let's get into it a little bit. When we say data harbor, what are you doing that that's different than a than a different way to store data? So if I normally put data into, say, cloud storage, it goes up there and then it lives somewhere up in the cloud storage and it can be abused and hacked and attacked. What are you doing different with with this? So, so Jean and I will tag team this one, but I'll go first. So what we do is we combine physical security and cybersecurity. And what I mean by that is when we create a data harbor, we're using multiple physical locations. So multiple physical storage targets that we pool together and we combine together to be one virtual storage target. So the process that's kind of the secret sauce that we have in a very simplistic format, all patented Multi-patented is we take a data object and we run it through a series of of exercises where at the end of the day we've actually fragmented it, encrypted the fragments, each with its own encryption key, and then using our algorithms, we scatter the fragments of a data object across the data harbor. So it's going across these multiple physical locations. We do it in a way where we don't have everything necessary to reassemble the data in any single location, which is super important. Plus we have full redundancy so we can have a storage location get hacked, we can have it go offline, we can have a misconfiguration any number of problems. We just we just would eliminate that storage location from the data harbor, rebuild it or self-heal it in another location. And we've got full resiliency. So I missed a bunch there. But go ahead. No, that was great. What I would add is, is, you know, traditional immutability, traditional encryption are important. We don't claim to displace the need for that. We in fact, we take advantage of both of those technologies. But the truth is, neither of those technologies are solving for the threat of data theft, nor are they solving for things like cloud outages. So the list of benefits with Calamu from a security and availability perspective are very, very long. And when you couple those two things together, it's giving CIOs, CISOs peace of mind to know that their data is safe, that when there is a breach, there's no mandatory disclosure. The impact of that breach is is null when it's protected by by Calamu. And similarly, when there's an application that requires that data needs access to that data, there's there's a lot of reassurance in knowing that you're not reliant on any one storage vendor or location. The availability and data durability benefits with us are really unmatched. All right. So the so the data harbor essentially is a virtual conglomeration of multiple physical locations on the back end. So it's invisible to the user of the of the storage. But on the back side, we're we're spreading the data in an encrypted way so that there's no one vulnerable piece. And if 1 or 2 or some number of them get attacked or corrupted, you can recover that pretty fast. We we recover that. So we actually we absorb the attack. We absorb the attack happens. Right. So the attack occurred. The bad actor got to the data. Right? That's in the data harbor, which they don't know at the point but at that point in time. But it's useless to them. So the attack occurs, we absorb the attack. We then manipulate the data harbor where we actually self-heal it. So we, you know, we self-heal what has been attacked with no downtime. So the difference here is we've got zero downtime. So users and applications are working in real time even while the attack is occurring. And then the the other primary benefit is whatever the bad actor stole from that portion of the data harbor is completely useless to them. They don't know that they physically only have a handful of the fragments and they have to go elsewhere to get the remaining fragments before they could even start to reassemble any data. And not to mention the fact that it's encrypted fragments too. So there's encrypted. They'd have to decrypt things and then they end up only with partial and it's still bits and bytes and they don't know what they got. Right. Right. Okay. So, so we're protecting against any, any particular ransomware that comes in. Can't really take it out. They can't really steal the data effectively and end up with anything on the backside. Tell me about the front side a little bit. If I if I'm the client, don't I have a similar vulnerability to, say, a mounted a file system. If I if I if I've done this to ransomware. Yeah. So we've we've created a product that we call Calamu Drive, which is a virtual. Drive. It just looks like file explorer to the user. Just looks like the normal stuff. When you when the user or an application puts data into calamu drive, we process it and we do our fragmentation and our multi encryption, and then we scatter that out to the data harbor and we've replaced the native file with a symbolic link or what the user thinks is the file, right? So it looks like the file is still there, dormant on the endpoint, but the data is actually locked in the data harbor. So if the user then goes ahead and they click on that bad link in the email and it encrypts their machine, the data is locked in the data harbor. So while the machine is encrypted and the calamu drive symbolic links also would get encrypted, at that point the user would just need to get a new laptop reauthenticate into Calamu Drive and all of their user generated content is safe. Plus there's nothing to exfiltrate at that point, right? By the same token, there's no there's no data there to even steal. Anything on the endpoint, right? Nothing on the endpoint. Right. This is clever when someone wants to fold this into something that there some existing workflow or process that they have. You know, and object storage can be primary storage these days for a lot of applications, but it's also a big secondary storage target as well for a lot of backup. How hard is that? How what does that take? Go ahead, Dean. We're talking about a 30 minute deployment and configuration with Calamu. And it's really a few things are incredibly important to us and it's rapid time to value ensuring that our customers can recognize the benefits and the security of of Calamu in short order, it's avoiding any form of tool fatigue and it's fine tuned integrations and we achieve all that through our S3 compatibility. So out of the box we are compatible and work with literally tens of thousands of different applications. If they have a native S3 data mover, then out of the box they can send data and protect data into Calamu. And so that allows us to integrate with some of the leading backup providers out in the in the in the market, as well as archive tools and a host of others. Let's talk about cost a little bit. If I'm if I'm building a data harbor, then I want to I want to build my own. Virtual object Storage Calamu Cyber secure array. I don't know. You guys don't use the word array and I hesitate to give that tag to you, but let's call it that for the moment because virtual, uh, what can I bring along in the back end to put together obviously some clouds on my own, on prem storage. What sort of the constraint, what I put in that data harbor as physical assets and cloud assets. So we leave it up to our customers and it's complete flexibility and freedom of choice and how you build your data harbor. The only requirements that we have are s three compatibility on the back end as well as pre signed URLs, which creates a very long laundry list of potential options for our customers to build their data harbor. There's obviously the the fan favorites with the Hyperscalers and players like Wasabi, but Dell X and a long list of other, you know, hardware defined on prem options as well. And you can combine those. I think we're trying to come up with the right word for that. But if I have three cloud providers and some on prem locations scattered around, I can put that all into one data harbor concept. Yeah, absolutely. If you're in a position to repurpose prior investments in your storage, we fully encourage that. In fact, the hybrid model is a best practice that we recommend with a lot of our customers. Okay, great, great. We need we just need a minimum of three locations to get all the benefits of Calamu. So we and those three locations could be three logical locations on the same storage device, but we would recommend spreading those, you know, multi cloud or multi geo dispersed, right? Because you wouldn't you wouldn't get the same protection out of the resiliency if you put them on one physical device. But logically it would work. It makes sense. Do you do you run into something about I just have this question about compliance issues. If someone says, wait a minute, you know, I'm building this safe harbor, but it's spanning quite a big set of geopolitical territory. Does compliance come into it? Yeah, it's this is a big part of it, right? So when when Calamu was designed, we wanted it to be jurisdiction independent. And we do have some regulatory support. And there is there is a movement now that data in a data harbor should be considered to be jurisdiction independent. So think about that as being, you know, it's it's it doesn't exist anywhere in the world. When we process the data, we the native data is removed and the data is fragmented and pushed out. So think of it like international waters. So you know the data, if the data harbor is considered to be jurisdiction independent and the world agrees and countries agree, then data in a data harbor is automatically compliant. So you don't have to worry about keeping things in country any longer. You could actually put it in the cloud and not have to worry about the regulations because. Technically it's fragments and you would never have the entire ability to put something together. You know, no nation, actor or bad actor can nation state actor could could grab the data and do anything with it if if it's just in their one zone. Right. Yeah. And you know, the regulations are there at the end of the day to protect the consumer and the information that belongs to the consumer. So if we make it impossible for the attacker to get the consumer's information, which is what the data harbor does, then I think I think the world would be safe, would be, you know, fine saying that the data is safe in the data harbor. Oh, very cool. All right. So there's probably a lot more questions we could ask about resiliency. I think that's pretty high. It looks like just from the architecture. Can you say just one last thing about performance? If I'm spreading this thing a data harbor and I've fragmented it and I've encrypted it, how bad does performance get? Well, Dean gets this question all day long, so go ahead, Dean. Why don't you answer this one? Yeah. While security is first and foremost in mind, when we built the product and the problems that we solve, we certainly don't shy away from the performance of it. So our customers are reporting and our benchmark tests will indicate that we are no slower than what you would expect in working with, say, an S3 bucket, a traditional S3 bucket. In fact, in terms of a download or what we call reconstitution, there are some performance gains. We can take advantage of something called parallel streaming. Again, because we're not reliant on any one storage resource. We can pull our data, our fragments back from the storage locations with the best performance or the lowest latency. And so our customers are excited to share with us that when they're doing a backup restore or accessing an old archive, that they're able to pull it back faster than ever before. All right. So you can actually improve performance by scattering the fragments and then serving the customer from the fragments that are closest to where they are performance wise. And I assume that stretches into the cloud, too. So if I've got a backup in the cloud and I want to do D.R. into into, you know, host by cloud resources, I actually get a performance boost there too. Precisely. So there's, there's a lot of questions that I think people might have at this point because it's so interesting how I can just reformulate what I think of as an object storage service into something that is actually cyber secure in multiple ways and the end user will never know. In fact, we'll get a performance benefit out of it if someone wants to find out some more information. Paul and Dean, you probably have a website, but what would you what would you point them to if they seen this? So we do have a website. It's w-w-w dot com Calamu. We also have LinkedIn and we've got a lot of resources on LinkedIn. We have a lot of resources on our website as well, whitepapers and other materials. But we're here, we're friendly. We'd love to speak with you. So, you know, please reach out. All right. Well, thank you guys for both being here today. I've got some hints of some things coming on your roadmap. So do come back and let us know how those are developing and rolling out. But it's an exciting year. I think people are really going to enjoy having the cyber security features built into their storage rather than having to layer them on and always worry about where the edges and corners are, particularly if they're looking for hybrid multi-cloud architectures and you guys are delivering this, you know, complete, which is which is a great thing. So. Think think it's a bright future. So thanks for being here today. Yeah, great, Great. Thanks, Mike. We definitely appreciate the time. Thanks, Mike. All right. Take care, guys. Check it out.
