Skip to main content
Arrow Electronics, Inc.

Arrow Quick Hit: Commvault Cloud SaaS data protection security

October 11, 2023 | Bryon Spaeth

What is it?

Commvault Cloud powered by Metallic AI provides comprehensive security for its SaaS data protection platform across all layers of its architecture. It employs a defense-in-depth approach leveraging industry best practices and certifications.

Why should you care?

Bad actors are getting smarter and bolder. As emerging and sophisticated ransomware attacks pose new threats to businesses, a proactive and well-rounded data security approach has never been more important. One that reduces the risk of an attack while lessening the impact of a successful breach. Commvault Cloud's multi-layered security delivers a hardened approach to data protection and compliance to comprehensively safeguard your critical data — wherever it lives.

Differentiation in the market

Architecture: Commvault Cloud separates the control plane (web interface, job management) from the data plane (backup/recovery operations) for optimization. Flexible storage options include fully managed cloud, bring-your-own-cloud, or on-premises appliances. Immutability controls like encryption and access restrictions prevent tampering with backup data.

Data security: Backup data copies are isolated in a separate security domain with a virtual air gap from production. Per-tenant encryption enables secure multi-tenancy. AES 256-bit encryption is applied in transit and at rest. Compression and deduplication provide added protection.

Identity and access: Least privilege and zero-trust models strictly control access. Multi-factor authentication (MFA), role-based controls and security assertion markup language (SAML) authentication enforce access policies. Customers fully manage permissions to their data.

Networking: Transport layer security (TLS) encryption secures all network communications. Outbound-only connections minimize surface exposure.

Application security: OWASP's Top 10 secure coding practices are followed. Extensive security testing and validation are performed through audits and penetration testing.

Compliance: Aligned with ISO 27001, NIST and SOC2 standards and certified for SOC2, ISO 27001, FedRAMP High, FIPS 140-2.

How do you position Metallic SaaS data protection security?

Commvault Cloud takes a robust, multi-layered approach to securing data, leveraging top industry certifications and best practices. The SaaS platform provides end-to-end defense, from the underlying architecture to network controls to data encryption, to safeguard workloads across SaaS, cloud and on-prem environments. For customers seeking a hardened SaaS solution to protect critical assets wherever they reside, Commvault Cloud offers uncompromising security standards and depth of protection.

More information

Commvault Cloud Security and Compliance site

Commvault Cloud Compliance overview

Commvault Cloud Security overview

Why Arrow

Arrow has a deep understanding of Commvault solutions and a dedicated team of engineering, sales and support.

As Commvault's longest-tenured and biggest distribution partner, Arrow is ready to help you leverage its portfolio to increase your revenue, pursue new markets and solve your customers' complex IT challenges.

Commvault Cloud is available on ArrowSphere, where partners can generate their quotes, see their margin and create a white-label store.


Subscribe to Arrow Channel Advisor
Sign Up