Far from their history in data backup, Commvault is firmly focused on enabling modern, cloud-first businesses to achieve continuous operation. This Gestalt IT Tech Talks roundtable discussion follows Commvault’s October 2024 Shift event in London, with attendees Stephen Foskett, Brian Booden, Jack Poller, and Tom Hollingsworth. Commvault has a decades-long history in protecting data for archive and backup, and is one of the most successful companies in this business, especially for larger enterprises. But the company has radically shifted its messaging and product development to enable business applications to recover from cyber attacks and other incidents. Commvault is also very focused on applications outside the datacenter, notably cloud-native applications, SaaS platforms, and even edge environments. This is reflected by recent acquisitions of Appranix and Clumio, which were featured at the event, and development of the rest of the Commvault stack on the foundation of their Metallic initiative. The attendees agreed that Commvault truly is shifting its approach and products to enable continuous business.
Commvault Angles towards Cloud-Focused Cyber Resilience
Every calendar year, cybersecurity vendors compete for the spotlight in the cyber resilience category. The total addressable market (TAM) which is projected to cross $300 billion in the next three years according to reports, sees a torrent of new security-assured point products land every few months. But companies still face an unusual degree of risk from threat actors.
A majority of these providers focus on prevention as the central theme of ransomware protection. At Commvault SHIFT London 2024, Commvault called this out as misplaced focus and proposed a new way of addressing the issue. CEO, Sanjay Mirchandani phrased it as “continuous business”.
Business interruptions attributed to cyberattacks wreak havoc across sectors globally. These events are a strong reminder of business’ rising cyber debt and the cascading effect it can have when an external actor exploits it to seize control of the data or the infrastructure.
Ransomware attacks and cyber exploits have resulted in business operation crashes, leading to halting of service availability worldwide. Almost always a fix is dispatched and with some luck, things return to normal but not before a certain time window during which everything hangs in the limbo. That period, according to Statista, is 24 days on average in case of a ransomware incident. Every minute of this downtime costs real dollars.
“The cyber security industry as a whole is focused on defense and preventing attacks than on what happens after an attack occurs,” said Jack Poller, analyst, echoing Commvault’s point while reflecting on the highlights of SHIFT that he attended virtually, during a Gestalt IT Tech Talk Roundtable discussion.
Continuous business refers to an always-on state where business is operational and available around the clock even after a disruptive event. The idea is premised on four principles – continuous security, continuous readiness, continuous recovery and continuous rebalance – a feat, if accomplished, will lead to continued operations through a crisis.
“Disaster recovery is no longer about disaster recovery from a mechanical or equipment failure or some sort of IT related issue. It’s from anything that takes your digital infrastructure down and that change in attitude is critical to thinking that we need to keep the business operating and we can’t separate cybersecurity attacks from any other IT issue that causes failure. Commvault’s taking the position that businesses need to continue operating regardless of what the cause of a catastrophe is, reflects that,” Poller commented.
Outmoded and enormously costly architectural constructs in the cloud-first century is the biggest impediment of businesses trying to get to a cyber-ready state.
In an open letter to companies, Mirchandani wrote, “This lack of vision and ambition comes at the expense of the customer and the vulnerability of the business. It’s a decision to stay the profitable, legacy course because of the belief that the effort outweighs the reward.”
Commvault, under the leadership of Mirchandani and a newly formed management team, is angling to have the old, overused playbook replaced with a new cloud-focused strategy. At SHIFT London, the company declared a decisive changeover from backup-and-recovery to setting a new course in data protection and infrastructure resilience.
Enabling Cyber Readiness and Resilience in a Cloud-First World
Many of Commvault’s prominent releases from the event rely on this new philosophy, including Cloud Rewind which was the crown jewel of the event.
Added to the Commvault Cloud Platform, Cloud Rewind is a solution that borrows advanced recovery and rebuild capabilities of Appranix which Commvault snapped up in a recent acquisition, and delivers quick automated cyber recovery of entire cloud applications and data environments. Commvault calls it a “cloud time machine” that can make organizations return to business as usual in just minutes after an attack.
The transition to hybrid multi-cloud has long been predicted, but businesses are encountering significant headwinds with protecting and managing data and applications across widely dissimilar platforms.
“Businesses don’t just sit in Google or AWS or one of these systems,” said Brian Booden, panelist, and CEO of DataGlow IT. “They’re spreadeagled across all of them and one of the quotes that resonated with me is that “if your business is in the cloud, cloud is your business”. That’s just extremely relevant today now as companies start to move off-prem and into the cloud.”
Commvault’s broad support for the hybrid multi-cloud includes GCP support, and now offerings on AWS. A vast number of AWS customers leverage Commvault’s data protection capabilities on the platform. Seeing the number grow continually, Commvault announced the complete Commvault Cloud Platform for AWS. This will allow customers on AWS to leverage Cloud Rewind for S3 data, Air Gap Protect for immutability, and Commvault’s Cleanroom Recovery solution for test and recovery of data assets.
Commvault further strengthened its cloud-first initiative with the acquisition of Clumio, a cloud-native data protection company that lends it easy-to-consume and powerful backup and recovery capabilities, besides a spectrum of security features like air-gapped backup and encryption.
The third biggest release was a joint compliance solution with Pure Storage. In partnership with Pure Storage, Commvault has developed an integrated cyber solution aimed at assisting customers in the finance sector to meet the compliance requirements and regulations of Digital Operational Resilience Act (DORA).
Wrapping Up
Overall, the theme of cloud-focused cyber resilience and continuous business resonated throughout the event, and it will likely be the North Star for Commvault’s journey here on out. As Poller rightly said, “Commvault is saying wherever your infrastructure lives and wherever you have critical data, we’re going to protect it. That message came across loud and clear.”
Check out the Tech Talk Roundtable to hear the panel’s impression of the announcements from SHIFT London 2024. For more conversations like it, catch Stephen Foskett in conversation with Max Mortillaro and Chris Evans at SHIFT, and Daniel Newman and Patrick Moorehead’s sit-down with Mirchandani. Keep your eyes peeled for more articles on Commvault SHIFT publishing at Gestalt IT.
Tech Talk Information:
Stephen Foskett is the Organizer of the Tech Field Day Event Series, now part of The Futurum Group. Connect with Stephen on LinkedIn or on X/Twitter.
Tom Hollingsworth is a Networking and Security Specialist at Gestalt IT and Event Lead for Tech Field Day. You can connect with Tom on LinkedIn and X/Twitter. Find out more on his blog or on the Tech Field Day website.
Jack Poller is and industry leading cybersecurity analyst and Founder of Paradigm Technica. You can connect with Jack on LinkedIn or on X/Twitter. Learn more on Paradigm Technica’s website.
Brian Booden is the Managing Director at DataGlow IT. You can connect with Brian on X/Twitter and on LinkedIn. Learn more about DataGlow IT on their website.
Gestalt IT and Tech Field Day are now part of The Futurum Group.
