Commvault Cloud Unifies Data Protection, Security, AI And Recovery

By Patrick Moorhead - November 27, 2023

Ask any CIO or CISO, and they’ll tell you that protecting, securing and, if necessary, recovering data are major points of concern. Having a strong data and security posture is vital for maintaining data integrity, customer confidentiality, business operations and an organization’s cyber resilience. Yet the challenges around data security are only getting harder in a world where companies increasingly operate in hybrid, multi-cloud IT environments, while bad actors use everything from ransomware to generative AI to threaten enterprise data.

Hackers now have nation-state budgets to draw from, and hacking as a service is a very robust business. The security centerpoint has shifted from solely perimeter defense of data, adding identification of the threat, adding removal of the bad actors, then adding recovery of the data and fixing the damage done.

The other trend we are seeing is the shift from one-off security and data protection packages to “suites” of software and services. ”Best in breed” solutions are great at first, but enterprises realize that by the time they have integrated the new bits, they are one to two revs behind. They have also learned that integration itself is causing security issues and consuming many resources. This is why the market is shifting to “suites.”

Commvault Cloud Fights AI With AI

With this in mind, I was glad to talk with Commvault CEO Sanjay Mirchandani about his company’s brand-new platform, Commvault Cloud. This new AI-powered offering combines the company’s SaaS and software data protection solutions into a single platform to provide control over an organization’s data with unified visibility. This new platform also brings together data protection, security, intelligence and recovery, with a focus on cyber resilience—which has never been more timely given today’s threat landscape.

“The world of data protection as we know it and data security as we know it is becoming one,” Mirchandani told me, “and when it becomes one, the real purpose behind what you’re trying to do is to give your business resilience.” Commvault Cloud does this by enabling data protection and recovery for any type of workload across any infrastructure in any location.

All of this is supported by Commvault’s new Metallic AI, a suite of AI- and ML-driven data protection and security solutions that enable faster threat prediction, faster threat response and clean data recovery. Commvault Cloud users can also access a new integrated AI copilot called Arlie (derived from “autonomous resilience”). Users can ask the assistant questions, and Arlie provides practical answers in natural language. Among other things, Arlie can provide real-time threat analysis, generate relevant code snippets for integrations, offer recommendations for optimizing cyber resilience or help a user verify a clean recovery point for an enterprise system. For starters, Arlie integrates with Azure OpenAI; other GAI integrations are slated to follow soon.

Reducing recovery time—ideally to just hours—after a cyberattack is vital, because longer downtimes can lead to significant costs and the erosion of trust from customers, potentially causing a loss of clientele and revenue. As part of addressing this critical need, Commvault has developed its new Cleanroom Recovery solution. By combining Commvault and Microsoft Azure capabilities, this service enables customers to recover a clean backup of their data in a “cleanroom” in the cloud to expedite the recovery journey.

Commvault is also preparing to launch Platinum Resilience, a fully managed service to help companies thwart cybersecurity threats and support disaster recovery. The service, which is being piloted with some customers through an early-access program this year, is planned for general availability early in 2024. Commvault is confident enough in the program that it comes with a warranty (the details of which we haven’t yet seen).

Hybrid Environments Need Hybrid Data Protection

Enterprises are seeking a single solution for data protection that offers security and improved efficiency across their entire IT environments, including on-premises infrastructure, private clouds and public clouds. Commvault addresses this need with its hybrid approach to cyber resilience. According to Mirchandani, Commvault’s philosophy is straightforward: no workload, new or legacy, is left behind or unprotected.

By covering all types of workloads across all locations, the company’s approach also doesn’t force customers into awkward choices between SaaS or on-premises software. The company also simplifies safeguarding data by implementing a single policy engine that covers every aspect of a business’ data.

Commvault, headquartered in Tinton Falls, New Jersey operates development centers in India, the U.K. and New Jersey. Commvault originated in 1988 as a data management, backup and recovery development group within Bell Labs. It was subsequently established as a business unit within AT&T Network Systems. Following AT&T’s reorganization, the group became a part of Lucent Technologies before being spun off in 1996 to become an independent company. It anticipates achieving revenue of approximately $820 million in its fiscal year 2024.

A Rapidly Evolving Market

Global spending on security and risk management is expected to reach $215 billion in 2024, a 14.3% increase from the estimated $188 billion in 2023, according to Gartner, Inc. This growth is attributed to factors such as the adoption of hybrid work models, cloud technologies, GAI and increased efforts to improve security governance and data protection. Spending on data privacy and cloud security is projected to grow by more than 24% annually for the next several years. Organizations are maintaining a strong focus on privacy due to new regulations that influence the processing of personal data, particularly against the backdrop of hype about artificial intelligence. Gartner forecasts that by 2025, privacy regulations will create legal protections for the personal data of 75% of the global population. This trend, along with the surge in cloud services usage, is driving increased investment in cloud security and data management.

Competitive Landscape

While Commvault is a recognized leader in data protection, the company has worked hard to bring together separate SaaS and software capabilities onto one platform, removing complexity and simplifying management. Moor Insights & Strategy will be tracking the execution, quality and customer feedback of these integrated parts. Commvault is one of many security vendors that have turned to AI to improve their cybersecurity products and services. Cisco, for example, employs AI for advanced threat detection and management across its security products. Symantec, now a part of Broadcom, integrates AI to strengthen its threat detection and response capabilities. Similarly, Microsoft leverages AI across its security solutions, including Azure Security, to augment threat detection and response efforts.

In the area of data protection solutions, Veeam is recognized for scalable options in virtualized settings, while Veritas is valued for its AI-driven anomaly detection, workload and cloud protection. IBM’s data products are notable for giving hybrid cloud environments a focus on governance and security. Rubrik stands out for its cloud-native solutions that prioritize encryption and immutability for multi-cloud data safety. Cohesity is known for its simplified, scalable, hyperconverged platform. Dell offers dependable, high-performing IT solutions across data protection and recovery.

AI Is Not Always Right

It’s important to know that AI-powered security platforms can come with potential issues. AI may produce false positives, creating invalid threat alerts and potentially wasting security team efforts. There can be biases within AI algorithms that may cause them to detect some threats more frequently than others, leading to overlooked vulnerabilities. For effective use, these platforms need to be able to explain their decisions to human operators, ensuring that the reasoning behind identified threats is clear and actionable. To minimize risks associated with AI-powered security platforms, organizations can use a layered approach to security with a variety of tools, both AI-driven and traditional. Continually monitoring these platforms is critical to quickly catch and correct any false positives. Regular testing is essential to confirm these systems’ efficacy and discover any hidden vulnerabilities.

Wrapping Up

In our view, Commvault is charting the right course with the Commvault Cloud platform, which enables a hybrid strategy for data security. Its focus on resilience is well-tuned to current market needs. Nonetheless, as the company embarks on its new initiatives, Commvault must tread carefully to fulfill its commitments without sacrificing quality, but still remain focused on the future and continued development of Commvault Cloud. While the growing reliance on AI brings greater efficiency, productivity and innovation, it can also bring issues related to data integrity and the essential need for ethical guidelines to ensure responsible AI use.

Commvault Cloud is available with multi-level SaaS pricing via several marketplaces, including Oracle Cloud, Microsoft Azure, Google Cloud and Salesforce AppExchange.

Note: This analysis was co-written by vice president and principal analyst for Enterprise Data and ERP, Robert Kramer.

Patrick Moorhead

Patrick founded the firm based on his real-world world technology experiences with the understanding of what he wasn’t getting from analysts and consultants. Ten years later, Patrick is ranked #1 among technology industry analysts in terms of “power” (ARInsights)  in “press citations” (Apollo Research). Moorhead is a contributor at Forbes and frequently appears on CNBC. He is a broad-based analyst covering a wide variety of topics including the cloud, enterprise SaaS, collaboration, client computing, and semiconductors. He has 30 years of experience including 15 years of executive experience at high tech companies (NCR, AT&T, Compaq, now HP, and AMD) leading strategy, product management, product marketing, and corporate marketing, including three industry board appointments.