Original Source: China Daily
The following article was written about CGCC member companies GOIP and Eton InfoComm Technology.
Securing cross-border data flows has become a strategic priority for enterprises expanding between China and the United States, where differing regulatory frameworks create complex operational challenges, according to Leung Chi-yuen, chairman of GOIP.
Founded in 2012, GOIP is an international telecommunications and managed service provider, serving as a critical link between the Asia-Pacific region and North America. The company facilitates secure and compliant data transit across the Pacific, acting as a managed digital bridge for businesses.
"Our role is to build the infrastructure and governance frameworks that allow enterprises to focus on their core business rather than regulatory complexities," Leung said.
Two-way growth
GOIP's services encompass the full spectrum of needs for enterprises establishing operations in new markets, from initial planning through ongoing management. The company's "one-stop" service model aims to simplify global IT management by providing coordinated solutions across network infrastructure, security compliance and operational support.
For Chinese companies expanding in the US, GOIP provides local support for infrastructure, compliance and operations. Similarly, for US businesses entering China, the company addresses connectivity, security and regulatory needs including compliance with the Personal Information Protection Law.
"Many providers are purely virtual; when a router fails or a cable is cut in a US data center, they open a ticket and wait. GOIP is different," Leung said.
"We have local offices and a professional team in the US, complemented by our long-term partner Eton InfoComm Technology. This partnership allows us to offer implementation excellence. If a Chinese client opens a new branch in the US, our local engineers are there to manage the rack and stack, the cabling and the configuration."
Unified protection
At the core of GOIP's value proposition is an integrated approach to network security and management. The company provides a unified platform encompassing network infrastructure, security protocols and operational monitoring. This integration allows for coordinated management of different system components, potentially improving responsiveness and reducing compatibility issues that can arise when using multiple service providers. The company's software-defined wide area network solutions are specifically engineered for trans-Pacific connectivity, addressing latency and reliability challenges that commonly affect cross-border communications.
The company's service model includes continuous monitoring through its proprietary network operations center capabilities. This approach aims to identify and address potential issues before they affect operations, providing enterprises with additional oversight of their cross-border digital infrastructure. Through 24/7 monitoring and response capabilities, GOIP seeks to minimize downtime and performance degradation for mission-critical applications such as enterprise resource planning and customer relationship management systems.
"Traditionally, companies hire one vendor for their network and a separate vendor for security. This creates 'blind spots,'" Leung noted. "GOIP manages VAPT (vulnerability assessment and penetration testing) and SIEM (security information and event management) directly, meaning our security protocols are built into the fabric of the network, not bolted on as an afterthought. Our VAPT is performed by our in-house experts who know the network's architecture intimately. Once we harden the perimeter, our SIEM provides 24/7 surveillance. Because GOIP manages the entire stack, if a threat is detected by our SIEM, our NOC (network operations center)can act instantly to mitigate it within the network."
Navigating rules
With governments worldwide implementing new data protection regulations and cross-border data flow requirements, enterprises face an increasingly complex compliance environment. GOIP's services include advisory support to help companies navigate these regulatory requirements while maintaining efficient operations. The company positions itself as a strategic adviser, assisting clients in developing data governance frameworks that address multiple jurisdictional requirements. This advisory function extends beyond technical implementation to include strategic planning for data localization, cross-border transfer mechanisms and compliance documentation.
Recent developments in regional cooperation frameworks, such as the memorandum of understanding on facilitating cross-boundary data flow within the Guangdong-Hong Kong-Macao Greater Bay Area, have created new opportunities for service providers specializing in cross-border data solutions. These frameworks aim to facilitate data flows while maintaining appropriate protections, requiring specialized expertise for effective implementation.
GOIP has developed specific service offerings tailored to leverage these regulatory developments, helping clients optimize their data management strategies within approved frameworks.
"The traditional model of hiring local IT teams in every city is inefficient and costly. GOIP solves this through our integrated ITSM (IT service management) and NMS (network management system)ecosystem," Leung said. "Because we have our own proprietary network operations center team and in-house engineers, we act as the client's extended department. We handle the 24/7 monitoring, incident response and performance tuning. Our AI-empowered NOC automates the analysis of network logs and performance data, which significantly increases operational efficiency and reduces human error and risk. This, in turn, allows clients to streamline their on-site IT manpower requirements. Our NMS identifies bottlenecks before they cause downtime, and our ITSM framework ensures every request is handled with professional precision. This 'Lean IT' model provides a smooth, fast and low-cost operation."
GOIP's integrated solutions are built upon a foundation of internationally and nationally recognized credentials. The company's information security management is certified to the ISO 27001 standard, while its security services hold the China Cybersecurity Review Technology and Certification Center's Information Security Service Qualification. Its operational capabilities are validated by Singapore's Cybersecurity Services Regulation Office, its accredited Penetration Testing Service, its System and Organization Controls certification, and its authority to operate as a facilities-based carrier in the US under Federal Communications Commission Section 214 & 499. Service delivery is guided by Information Technology Infrastructure Library 4 Foundation's best practices, and its strategic advisory team includes professionals with a Certified Information Systems Security Professional certification.