Storage startup Calamu Wednesday exited stealth with $2.4 million in seed funding and a plan to allow data to be stored in such a way that it said makes the data immune to ransomware attacks and also provides self-healing should an attack happen.
The Calamu Protect technology is a scalable and automated data protection platform that protects data at rest, said Paul Lewis, co-founder and CEO of the Clinton, N.J.-based storage startup.
Lewis told CRN that Calamu’s use of the phrase “immune from ransomware” is a very strong statement.
[Related: The 20 Coolest Data Protection Companies: The 2020 Storage 100]
“It’s something we take seriously,” he said. “We don’t stop attacks. We just make sure nothing happens to the data by providing self-healing and redundancy. We’re protecting the data at the data level and not using traditional security approaches.”
Calamu Protect actually destroys the original copy of the data, breaking it up into multiple parts that are stored on separate public clouds, making the data unreadable to unauthorized users. The original file is replaced during the backup process with a “.cala file” that can pull together the individual parts for a restore, Lewis said.
“We destroy the data while giving the owner the ability to re-create the data,” he said. “We push the data into a virtual ‘safe data harbor.’ It doesn’t exist in any location. Instead, it exists as fragments in multiple locations across multiple cloud providers.”
The fragments, which Calamu suggests should number no more than three, is striped across the different cloud providers so that even if one provider goes down, all the data is still available, Lewis said.
“And we purge the original data files,” he said. “We want to be immune to data breaches, and so the original data can’t be kept.”
In the case of a ransomware attack or a complete outage of one of the cloud providers, Calamu Protect detects the issue and ensures 100 percent uptime by abandoning the compromised location and repopulating the data to another location, Lewis said.
“And in case of an on-prem ransomware attack, the user just needs to get a new laptop and log in, and the complete system is rebuilt on the new laptop in under one minute,” he said. “We don’t restore the .cala files. We rebuild the .cala files.”
Should Calamu be unavailable, for example in case of an acquisition, the data can still be pulled down, Lewis said.
“To pull the data down, you just need the Calamu engine,” he said. “Customers can always get their data. Calamu doesn’t see the data.”
Calamu Protect also safeguards against attacks by rogue users in the company that owns the data, Lewis said.
“The data is enterprise-controlled,” he said. “If the person who puts the data up leaves, the enterprise can get the data back. To disrupt the data from within would take multiple people inside the company working in collaboration with the data creator.”
Calamu Protect ensures there is redundancy in data, and so it eliminates the need to do backups for disaster recovery, although trying to get businesses to not worry about disaster recovery is difficult, Lewis said.
“The world is not ready yet,” he said. “So businesses will continue to run Calamu with their own backup software because there’s nothing new for end users to learn.”
Businesses that keep their data protection software will back up the data to a .cala file to process, Lewis said. Recovering the data through the data protection software will require an API so the two applications can talk with each other. Calamu is now testing APIs with Cloud Daddy and other unnamed companies, he said.
Calamu is in beta testing with several businesses and with a handful of solution providers, Lewis said. He expects the company will be 100 percent channel-focused.
“We’re heading towards an MSP play,” he said. “There will be service revenue opportunities. Calamu doesn’t have its own cloud, so the channel will set configuration.”
Among the investors in the $2.4 million seed round are some of Calamu’s new members of its board of directors, including Lou Ryan, a cybersecurity entrepreneur and former chairman and CEO of Edgewave, and John Stewart, former Cisco Systems senior vice president and chief security and trust officer.