Intelligent CIO Europe Issue 9 - Page 65

CASE STUDY applications and other third-party services that already support S3-compliant services. “Cloudian’s market-leading, S3 compatibilty was crucial for us as it ensured smooth interoperability and integration with other cloud services. Even though we reviewed other S3-based products, Cloudian’s HyperStore came out on top because it allowed us to speed up the implementation of additional services.” Calligo has spent the last six years working with large amounts of highly sensitive data. Box said that considering this, the fact that GDPR came into force this year and the emphasis that the company places on value-added services that it wraps around its solutions, it made sense to further leverage HyperStore in its global locations. The result is the development of a service-focused consultancy and portal-based solution for Calligo clients, specifically for GDPR, to help the company meet its obligations under this new law. GDPR-as-a-Service GDPR began on May 25 2018 and represents the biggest regulatory change in how personal data is processed and stored since the inception of the Internet. GDPR’s reach is global and its scope is significant, as it covers companies and organisations that utilise or store personal information of European citizens globally and natural persons in the EU or companies operating in the EU. Therefore, its remit includes most organisations anywhere in the world. Box said: “For many companies, the concept of GDPR is scary. The processes that need to be followed and implemented to bring systems in line can be overwhelming. “This presented an opportunity for Calligo to take advantage of our long history of a cloud service with data privacy at its core and the solutions we already have in place, to develop a range of services designed to help and support customers as they navigate towards meeting their ongoing GDPR obligations.” Considering that Cloudian’s HyperStore was already in place, the provision of essential storage of sensitive data naturally underpinned the key components of the GDPR-as-a-Service offering. Cloudian HyperStore includes specific capabilities that help meet GDPR requirements. These include: • Customisable metadata tags: To ensure compliance, you must be able to find information. Traditional file systems only allow you to view limited metadata information on a file, such as the owner and the date created. With object storage metadata, you have no limit on how you tag your data, making it easily searchable for data requests • Scalability: When data is consolidated, it’s much more easily searched and checked for duplicate records. The limitless capacity of object storage makes it feasible to consolidate data to a single, searchable pool • Data protection features: Data must be available at all times. With data protection features such as erasure coding, replication and multi-tenancy (to segregate users), you can ensure that data can still be retrieved no matter what situations arise • Geo-location: Data must often be maintained within specific geographic boundaries. HyperStore stores information within a specific physical cluster of nodes, which ensures location. And if a cluster is geo-distributed across boundaries, data can be retained within one specific part of the cluster. Integrated ‘Data GPS’ tools let you verify the exact location of data, providing assurance of compliance Current GDPR services offered by Calligo include: • MyGDPR: A free online app designed to be completed in two minutes, which gives organisations a first contextual guideline of how GDPR can affect how they currently operate • GDPR Jumpstart: A service designed to steer organisations through the GDPR requirements. It covers the people, process and technology areas, highlighting existing risks and providing a remedial plan and strategy to remain compliant • GDPR Enablement: A service that follows on from GDPR Jumpstart and uses Calligo’s accredited consultants to work with a company to build a suitable GDPR plan which brings the client into alignment for their obligation • GDPR Cloud: This is an operational framework with data privacy at its core, designed to assist in the ongoing burden of balancing operational velocity with the rigour of meeting their GDPR obligations • Data Protection Officer as a Service: Calligo has a dedicated GDPR team with the skills and experience in all these areas which combine to provide a comprehensive Data Protection Officer with portal-based management to help monitor the client’s ongoing obligations and efficiently deal with GDPR requests • EU Representative: Calligo operates in multiple jurisdictions including the EU and is able to operate as the appointed GDPR representative for companies outside the EU to meet their obligations under the regulation The future Calligo has already seen a lot of customers using its range of GDPR services. “We find a lot of companies approaching us for help with GDPR planning and implementation, particularly in the financial, insurance and legal sectors,” said Box. “For us, this is affirmation that the decision to offer GDPR- as-a-Service has been the right one and aligns with our strategy of developing and CLOUDIAN’S HYPERSTORE CAME OUT ON TOP BECAUSE IT ALLOWED US TO SPEED UP THE IMPLEMENTATION OF ADDITIONAL SERVICES. INTELLIGENTCIO 65