CASE STUDY
applications and other third-party services
that already support S3-compliant services.
“Cloudian’s market-leading, S3 compatibilty
was crucial for us as it ensured smooth
interoperability and integration with other
cloud services. Even though we reviewed
other S3-based products, Cloudian’s
HyperStore came out on top because it
allowed us to speed up the implementation
of additional services.”
Calligo has spent the last six years working with
large amounts of highly sensitive data. Box
said that considering this, the fact that GDPR
came into force this year and the emphasis
that the company places on value-added
services that it wraps around its solutions, it
made sense to further leverage HyperStore
in its global locations. The result is the
development of a service-focused consultancy
and portal-based solution for Calligo clients,
specifically for GDPR, to help the company
meet its obligations under this new law.
GDPR-as-a-Service
GDPR began on May 25 2018 and
represents the biggest regulatory change in
how personal data is processed and stored
since the inception of the Internet. GDPR’s
reach is global and its scope is significant,
as it covers companies and organisations
that utilise or store personal information
of European citizens globally and natural
persons in the EU or companies operating
in the EU. Therefore, its remit includes most
organisations anywhere in the world.
Box said: “For many companies, the concept
of GDPR is scary. The processes that need
to be followed and implemented to bring
systems in line can be overwhelming.
“This presented an opportunity for Calligo to
take advantage of our long history of a cloud
service with data privacy at its core and the
solutions we already have in place, to develop
a range of services designed to help and
support customers as they navigate towards
meeting their ongoing GDPR obligations.”
Considering that Cloudian’s HyperStore
was already in place, the provision of
essential storage of sensitive data naturally
underpinned the key components of the
GDPR-as-a-Service offering. Cloudian
HyperStore includes specific capabilities that
help meet GDPR requirements. These include:
www.intelligentcio.com
• Customisable metadata tags: To
ensure compliance, you must be able to
find information. Traditional file systems
only allow you to view limited metadata
information on a file, such as the owner
and the date created. With object storage
metadata, you have no limit on how you
tag your data, making it easily searchable
for data requests
• Scalability: When data is consolidated,
it’s much more easily searched and
checked for duplicate records. The
limitless capacity of object storage makes
it feasible to consolidate data to a single,
searchable pool
• Data protection features: Data must be
available at all times. With data protection
features such as erasure coding, replication
and multi-tenancy (to segregate users),
you can ensure that data can still be
retrieved no matter what situations arise
• Geo-location: Data must often be
maintained within specific geographic
boundaries. HyperStore stores information
within a specific physical cluster of nodes,
which ensures location. And if a cluster is
geo-distributed across boundaries, data
can be retained within one specific part
of the cluster. Integrated ‘Data GPS’ tools
let you verify the exact location of data,
providing assurance of compliance
Current GDPR services offered by
Calligo include:
• MyGDPR: A free online app designed
to be completed in two minutes, which
gives organisations a first contextual
guideline of how GDPR can affect how
they currently operate
• GDPR Jumpstart: A service designed
to steer organisations through the
GDPR requirements. It covers the
people, process and technology areas,
highlighting existing risks and providing a
remedial plan and strategy to
remain compliant
• GDPR Enablement: A service that
follows on from GDPR Jumpstart and
uses Calligo’s accredited consultants to
work with a company to build a suitable
GDPR plan which brings the client into
alignment for their obligation
• GDPR Cloud: This is an operational
framework with data privacy at its core,
designed to assist in the ongoing burden
of balancing operational velocity with the
rigour of meeting their GDPR obligations
• Data Protection Officer as a Service:
Calligo has a dedicated GDPR team
with the skills and experience in all
these areas which combine to provide a
comprehensive Data Protection Officer
with portal-based management to help
monitor the client’s ongoing obligations
and efficiently deal with GDPR requests
• EU Representative: Calligo operates in
multiple jurisdictions including the EU
and is able to operate as the appointed
GDPR representative for companies
outside the EU to meet their obligations
under the regulation
The future
Calligo has already seen a lot of customers
using its range of GDPR services. “We find
a lot of companies approaching us for help
with GDPR planning and implementation,
particularly in the financial, insurance
and legal sectors,” said Box. “For us, this is
affirmation that the decision to offer GDPR-
as-a-Service has been the right one and
aligns with our strategy of developing and
CLOUDIAN’S HYPERSTORE CAME OUT
ON TOP BECAUSE IT ALLOWED US TO
SPEED UP THE IMPLEMENTATION OF
ADDITIONAL SERVICES.
INTELLIGENTCIO
65