
Commvault unveils enhanced Cleanroom Recovery to cut downtime
Recent studies indicate that enterprises face an average downtime of 24 days to fully recover from a cyber incident, with much of that period dedicated to restoring not only data but also critical infrastructure such as databases, applications, and operating systems.
To address this challenge, Commvault has introduced the "Factory Reset" capability within its Cleanroom Recovery technology, aiming to expedite infrastructure recovery and reduce risks associated with ransomware and other cyber threats.
The Factory Reset feature allows organisations to rapidly re-establish their infrastructure within a cleanroom environment using a pre-defined, validated, and hardened image, providing the ability to choose a specific recovery point-in-time.
Unlike traditional reset procedures, this approach is designed to ensure that restored infrastructure is free from malicious alterations, enabling faster subsequent rehydration of data onto the cleaned systems. This separation of concerns allows IT administrators to concentrate on validating recovered data in a secure environment without needing to manage underlying infrastructure integrity during the critical moments following an attack.
Nate Hauenstein, IT Global Infrastructure & Operations Director at Chart Industries, commented on the practical benefits of Cleanroom Recovery, stating, "Commvault Cleanroom Recovery isn't just about having an isolated environment; it delivers tangible results that impact the business."
"Previously, recovery could take more than seven hours, causing significant disruption. Today, our Cleanroom environment ensures zero wait time for most applications—services are ready instantly. Reducing that downtime so dramatically is critical – it minimizes disruption, protects revenue, and proves the value of investing in advanced, validated recovery solutions like Commvault."
In addition to infrastructure recovery, Commvault has integrated its threat scanning capability, Commvault Cloud Threat Scan, with Cleanroom Recovery. This allows organisations to perform thorough scans of recovered data within the cleanroom environment, providing IT and security teams with additional assurance that restored data is free from remnants of a cyberattack. Commvault positions this as a measure to help enterprises sustain continuous business operations following incidents of data compromise.
Recognising the role of managed service providers (MSPs) in enterprise resilience planning, Commvault is extending the Cleanroom Recovery platform to MSPs, enabling them to incorporate these new features in their service offerings.
This move is intended to assist MSPs in supporting clients' recovery processes with enhanced control, threat detection, and reduced downtime.
James Watts, Managing Director at Databarracks, highlighted the value this brings to clients, stating, "One of the key benefits of Cleanroom Recovery is the peace of mind it provides. Our clients know that their data is being handled with the utmost care and precision."
"With these new capabilities, Commvault is delivering a controlled environment with increased accessibility and choice, real-time threat detection that helps minimize the risk of reinfection, and a recovery process that's as efficient and reliable as possible."
Greg Jehs, Vice President of Managed Services at Meridian IT, remarked, "We're thrilled for the new enhancements to Cleanroom Recovery. The integration with Commvault Cloud Threat Scan is a differentiator in the market, offering real-time threat detection and response. Plus, the automated recovery of file shares and the Factory Reset with pave/repave capabilities significantly reduce downtime and help ensure that our clients' systems are restored to a pristine state. Simply put, the continuous innovation and growth around Cleanroom Recovery enables us to provide our clients with the best service possible."
Matt Bynum, Senior Vice President of Managed Services at Verinext, commented on the broader implications for service providers, saying, "The integration of Factory Reset and Threat Scan into Cleanroom Recovery is a testament to the evolving nature of cyber threats and the need for resilience that spans infrastructure and data."
"These features will enable us to provide a more robust and comprehensive service, helping us ensure that our clients' infrastructures are not only restored but also free from any malicious elements."
Commvault's updated Cleanroom Recovery portfolio builds on previously announced tools such as AI-enabled Cleanpoint Validation, which helps customers identify the last safe recovery point, as well as customisable recovery sequences to manage data restoration in an ordered manner, and the ability for organisations to routinely test their cyber recovery plans across their IT estate.
Pranay Ahlawat, Chief Technology and AI Officer at Commvault, said, "When we built Cleanroom Recovery, we intentionally architected it as a cloud-native solution to fundamentally change how organizations approach recovery — not just after an incident, but proactively through automated, high-frequency testing."
"Unlike traditional approaches, cloud-based cleanrooms enable customers to spin up multiple isolated recovery environments in parallel, without concerns around compromised firmware or underlying hardware. And we're not stopping at data recovery — we're doubling down on infrastructure recovery, automation, and orchestration. As threat actors become more sophisticated, we're helping our customers stay ahead with aggressive innovation and operational resilience at scale."
Hashtags

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles


Techday NZ
08-07-2025
- Techday NZ
ANZ businesses overestimate cyber readiness amid resilience gap
A new study by Commvault has shown that most business leaders in Australia and New Zealand overestimate their preparedness for cyberattacks, with many experiencing confusion and delays following incidents. The annual report, titled "The State of Data Readiness – Continuous Business in Focus", was commissioned by Commvault and conducted by Tech Research Asia. It draws on the views of 408 business leaders across the region and examines the readiness of organisations to handle cyber threats and maintain business continuity. The findings reveal a critical difference between perceived and actual resilience. While most organisations believe they have robust plans to recover from cyberattacks, only 12% rate their ability to operate effectively during an incident as 'excellent'. Nearly a quarter rate themselves as 'bad' or 'terrible' when it comes to resilience during a cyber event. Widespread attacks According to the study, 70% of organisations in Australia and New Zealand experienced a cyberattack in the past year. Almost all were subjected to ransomware demands. Interestingly, while 54% of surveyed companies have policies not to pay ransoms, 15% of those still made payments when faced with real-world incidents. Expectations among business leaders around recovery times diverge significantly from reality. 80% expect systems to be restored within five days of a cybersecurity event. Almost a quarter believe their organisation can recover fully in a single day. In practice, IT leaders report it takes an average of four weeks to reach even a minimum level of operational recovery, with 55% of organisations requiring more than a week to restore key functions. Notably, 20% of respondents say it takes their business an average of 45 days to fully recover from a cyber incident, compared to a global average of 24 days. This mismatch underscores a resilience gap that presents particular challenges for organisations as they confront rising attack volumes and operate within the context of some of the world's strictest cyber and privacy regulations. Growth in cloud adoption and data sprawl, combined with emerging requirements such as artificial intelligence rules and increasing compliance pressures, mean that resilience strategies must continually adapt. "The data is clear - many ANZ organisations still treat cyber resilience as a post-incident task, and not a strategic priority," commented Martin Creighan, Vice President, Asia Pacific. "The rising frequency and impact of cyberattacks across the region should serve as a wake-up call. With recovery times stretching into weeks, the risk to business continuity has never been higher. Resilience must be driven from the boardroom - not just the IT team," added Creighan. Rising complexity and compliance While data growth in the region slowed moderately at 27%, the complexity of IT infrastructures increased. 62% of organisations now operate in hybrid or multi-cloud environments. However, over half of companies in both Australia (54%) and New Zealand (63%) report lacking full visibility into their cloud environments, including relationships, metadata, and system dependencies. This level of visibility is necessary for a coordinated and effective recovery when incidents occur. Compliance issues further complicate recovery efforts. 34% of businesses surveyed are subject to at least four different regulatory and compliance requirements, such as APRA and SoCI rules. 27% admit that they are uncertain about the regulations with which they need to comply to be fully legal. Additionally, 54% face conflicting regulatory regimes for cross-border data transfers, increasing the pressure to achieve resilience not only technologically but also through compliance readiness. Incident responses lag The research finds that although the majority (70%) of organisations have incident response plans, only 30% regularly test all mission-critical systems. This lack of comprehensive testing leaves concealed weaknesses in cyber recovery strategies. The consequences of such gaps can be severe. Three quarters of companies surveyed (74%) have experienced data exfiltration, and one third lost access to all data following a cyber incident. Only 32% managed to recover 100% of their data after an attack. "True resilience doesn't begin at the point of attack, it is built long before," said Gareth Russell, Field CTO, Asia Pacific, Commvault. "We need to shift from a response mindset to a readiness mindset where one must ask the hard questions: 'If we were hit tomorrow, how quickly and how cleanly, could we recover?' If that answer isn't clear, then investment and focus are urgently needed." Added Russell. The report is based on a survey of Chief Information Officers, Chief Information Security Officers, IT Leaders, decision makers, and their direct reports from across Australia and New Zealand. The snapshot highlights the continuing challenges faced by the region's organisations as they strive to strengthen cyber resilience in an evolving landscape.


Scoop
08-07-2025
- Scoop
Hidden Costs Of Ransomware: ANZ Businesses Admit To Paying Despite ‘No Payment' Policies
Ransomware is revealing the fragility of policy over panic. New research released today by Commvault has exposed how many Australian and New Zealand organisations are abandoning their official stances when confronted with real-world ransomware attacks. The report—based on responses from over 400 business and IT leaders across the region—found that while 54% of organisations had formal 'no payment' policies in place, 15% of them still chose to pay the ransom when hit. That contradiction highlights how operational pressure and reputational fears often override cyber response plans in the heat of the moment. In total, 70% of organisations reported experiencing a cyberattack in the past 12 months, with the overwhelming majority involving ransomware demands. Alarmingly, one in three companies lost access to all their data during the attack. Only 32% were able to recover 100% of their data. 'The fact that some companies are willing to pay, despite the risks and the policy, is a sign that they feel they don't have a viable alternative,' said Gareth Russell, Field CTO for Asia Pacific at Commvault. 'That's not resilience—that's desperation.' The report highlights the role of inadequate preparation and testing. Although 70% of respondents said they had an incident response plan, only 30% test it thoroughly across all mission-critical workloads. The result? Severe blind spots that only become obvious after it's too late. Ransomware payment is not just a moral and legal concern—it has long-term operational and compliance implications. Cybercriminals who receive payment are more likely to target the same organisation again, and paying may not guarantee full data restoration. The Commvault report urges organisations to shift from reactive playbooks to proactive investment in backup, testing, and cyber resilience planning. 'True resilience doesn't begin at the point of attack—it's built long before,' Russell added.


Techday NZ
25-06-2025
- Techday NZ
HPE & Commvault expand partnership to boost data resilience
HPE and Commvault have announced an expanded strategic partnership aimed at enhancing cyber resilience and data protection for organisations operating in hybrid cloud environments. The strengthened collaboration will see deeper technology integration and joint go-to-market strategies, targeting growing challenges such as cyber threats and data loss. The partnership builds on previous work between the two companies, which includes collaboration across HPE's GreenLake cloud and the Commvault Cloud platform. Technology integration As part of the expanded agreement, Commvault will integrate HPE Zerto Software into its offering. This addition supports Commvault Cloud customers in managing complex virtualised on-premises and cloud workloads. HPE Zerto offers Continuous Data Protection technology that delivers near-zero recovery point objectives and recovery time objectives, supporting greater operational resilience. Customers using Commvault Cloud will be able to leverage HPE Zerto's capabilities to adjust their cyber resilience and disaster recovery strategies according to their business needs, increasing flexibility and response capabilities in increasingly complex computing environments. "The expanded partnership with Commvault underscores our shared commitment to solve the most complex data protection challenges that enterprises face," said Fidelma Russo, Executive Vice President and General Manager of Hybrid Cloud and CTO at HPE. "Our combined innovations set a new standard for data resilience, helping customers navigate a rapidly evolving threat landscape." Sanjay Mirchandani, President and CEO of Commvault, said, "This partnership builds on the long history of co-innovation between Commvault and HPE. At a time when data is more valuable and vulnerable than ever, our collaboration is empowering customers to keep their business continuous by advancing their resilience and protection of hybrid workloads." Broader portfolio coverage The companies will also deliver enhanced integration between HPE's storage and data protection solutions and the Commvault Cloud portfolio. The focus is on safeguarding sensitive data, protecting against ransomware threats, and ensuring organisations can recover quickly from operational disruptions. For HPE customers seeking a cloud-based data protection solution, Commvault Cloud SaaS forms a key part of the new joint portfolio, offering coverage from edge-to-cloud and handling both source-to-target needs. Cyber threat response Organisations face increasing risks from ransomware, AI-driven cyber attacks, and evolving threat actors, requiring robust cyber resilience as part of any data strategy. Under the renewed partnership, HPE and Commvault plan to introduce a range of combined capabilities designed to address these ongoing challenges. The companies outlined three key joint innovations: Ultra resilience: HPE Alletra Storage MP B10000 features built-in ransomware detection, snapshot immutability, and air-gapped protection via HPE Cyber Resilience Vault. These capabilities integrate with Commvault Cloud's AI-enhanced anomaly detection and threat scanning, aiming to improve readiness and response to cyber threats. HPE Alletra Storage MP B10000 features built-in ransomware detection, snapshot immutability, and air-gapped protection via HPE Cyber Resilience Vault. These capabilities integrate with Commvault Cloud's AI-enhanced anomaly detection and threat scanning, aiming to improve readiness and response to cyber threats. Fast, clean recovery: Integrating HPE Alletra Storage MP X10000 – which uses data protection accelerator nodes – with Commvault Cloud allows enterprises to restore operations swiftly after an incident. This integration is intended to speed up recovery using rapid storage, high data reduction rates, and broad protection for hybrid cloud workloads. Integrating HPE Alletra Storage MP X10000 – which uses data protection accelerator nodes – with Commvault Cloud allows enterprises to restore operations swiftly after an incident. This integration is intended to speed up recovery using rapid storage, high data reduction rates, and broad protection for hybrid cloud workloads. Geographic protection: Commvault Cloud can coordinate snapshots and backups for two synchronously replicated HPE Alletra Storage MP B10000 arrays in separate regions. This approach aims to simplify workflows and improve recoverability for critical enterprise datasets. Ongoing collaboration The partnership builds on several existing integrations, including support for HPE StoreOnce backup appliances, HPE Storage Tape solutions for extended data retention, and HPE Morpheus VM Essentials Software for virtualised environments. The companies state that this collaborative work has been conducted with the goal of helping enterprises modernise their data protection strategies. HPE and Commvault's combined suite of services is intended to address data protection and cyber resilience at all stages of the enterprise data lifecycle. Through their joint work, the firms aim to help organisations mitigate risk, upgrade infrastructure, and sustain operational continuity in even the most complex hybrid and multicloud set-ups. Follow us on: Share on: