Analysis: Commvault Announces Cleanroom Recovery, Q4 FY2024 and Full Year Results

Analysis: Commvault Announces Cleanroom Recovery, Q4 FY2024 and Full Year Results

Chris EvansCloud Practice, Commvault Systems, Inc., Data Practice: Data Protection, Data Protection, Enterprise

Commvault Systems has announced full-year financial data for FY2024, which shows a 7% year-on-year growth in revenue, 23.4% growth in subscriptions, and $75 million in profit before including an income tax rebate.  The numbers look good, with new features like Cleanroom Recovery expected to bolster future growth.

Background

Commvault Systems has announced financial results for the period ended Q4 FY2024, including full-year data.  Over the year, revenue grew 7%, while year-on-year growth for Q4 was 10%.  The published data shows restated revenue and cost of revenue data for FY2023, which now uses categories best representing the evolution of the business – Subscription, Perpetual Licence, Customer Support and Other. 

Figure 1 – Commvault Financials FY2013-FY2024

Compared to FY2023, subscription revenue rose 23.4% (with a decline in perpetual licences by 23.1%), while annual recurring revenue (not shown on our charts) grew to $770 million, up by 15% year-on-year.

Pivot

As we’ve reported many times, Commvault is in a pivot towards SaaS-based data protection.  In November 2023, the company announced Commvault Cloud, the next stage in transforming the company into a primarily SaaS-focused solution provider.

Most recently, Commvault announced Cleanroom Recovery, a technology to both simplify and test the recovery of applications into a safe public cloud environment in the event of a ransomware attack.

Figure 2 – Commvault P&L FY2013-2024

Defeating ransomware and a general cyber-resiliency approach is the second Commvault pivot that is currently transforming the company.  Data protection companies initially focused on recovering systems in the event of data loss.  However, with ransomware attacks pervasive across IT, the process of recovery is much more complex, requiring validation, testing and fast recovery time objective (RTO).

Cleanroom

Cleanroom Recovery is built on Microsoft Azure (a Commvault partner).  The technology enables a customer to quickly define and build a recovery template that dictates exactly which applications need to be included in a test recovery process.  The definitions are created through a web-based GUI, using data derived from the customer’s live environment.

To test recovery, the customer simply kicks off a cleanroom build, which automatically creates and configures the target environment in Azure, including the post-boot configuration of virtual instances.

Figure 3 – Commvault Revenue by Quarter

Recovery Assurance

Why will technology like Cleanroom grow in importance?  The simple answer is recovery assurance.  A ransomware attack can be devastating to a business but is arguably worse than a “simple” disaster scenario.  Imagine, for example, a “typical” disaster that takes out an entire private data centre.  Recovery will either be instanced from a DR site or through the recovery of backups.  In both cases, the secondary copies and backup data are expected to be valid and unadulterated copies of the production system from (hopefully) a few hours earlier.

Now, imagine the recovery process following a ransomware attack.  The volume of data involved may be similar, but the business has no idea for how long systems have been compromised, so it can’t guarantee a recovery will revert to an untainted set of applications.  The impact of this issue means data could be much less consistent with the state of production systems when the incident occurred, resulting in loss of data or significant amounts of manual recovery or data re-entry.

Figure 4 – Commvault Revenue Stream Percentages

Recovery assurance, driven by cleanroom technology, enables a business to validate every backup through an automated process that optimises the costs involved while providing the business additional reassurance on the success rate of a post-ransomware attack restore.

While ransomware recovery might be an obvious test scenario, we shouldn’t forget that businesses change applications on a frequent basis, much more than a decade or two previously.  Every change introduces risk, so by definition, backups need to be validated more frequently.  Cleanroom Recovery provides the capability to justify frequent testing, including, for example, after any major application rollout.

The Architect’s View®

Commvault has posted solid results for FY2024, demonstrating a growth business that continues to pivot towards Software-as-a-Service.  However, without additional capabilities such as Cleanroom Recovery, the SaaS option would have insufficient differentiation compared to simply running data protection software on-premises.

The ability to introduce features such as Cleanroom Recovery is an example of the benefits that SaaS can deliver, which can’t be provided by on-premises software.  This is why we believe that SaaS is the future of data protection – and have been saying so for quite some time.

Where does Commvault go next now that Cleanroom Recovery has been announced?  The answer is to look at the recent acquisition of Appranix, which will add further capabilities to automate the recovery of any public cloud environment. After that, we think Commvault will place further focus on prevention, extending the capabilities of Threatwise and other proactive defensive tactics.  Future success for cyber-resiliency will be dictated by proactivity, not just reactivity. 

Copyright (c) 2007-2024 – Post #bce3 – Brookend Limited, first published on https://www.architecting.it/blog, do not reproduce without permission.