Global data protection and cyber resilience provider, Commvault, revealed today that its suite of SaaS (Software as a Service) data protection solutions has been awarded the highly regarded Infosec Registered Assessor Program (IRAP) certification at a PROTECTED level. This certification is governed by the Australian Cyber Security Centre (ACSC), designed to ensure that technology providers operate under the most exceptional safety and integrity protocols in accordance with Australian government information security standards.
IRAP works as a universal framework to validate a solution's security posture and resilience against complex threats. Following a thorough exploration of software architecture and security protocols, IRAP certification indicates that Commvault's SaaS data protection solutions meet rigid Information Security Manual (ISM) security requirements, instilling confidence in government agencies and contractors to adopt Commvault solutions. Additionally, this certification reinforces Commvault's commitment to global data security, further enhancing its position as the sole SaaS data protection portfolio to meet FedRAMP High (In Process) status, authorized by the Department of Treasury on July 12, 2023.
"While IRAP is an Australian-centric security framework, this certification emphasises the country’s global commitment to upholding first-class security standards, aligning with frameworks such as FedRAMP. Achieving IRAP certification is a testament to our mission of providing industry-leading protection of data against ransomware and the evolving cyber threat landscape," commented Martin Creighan, Vice President for Asia Pacific at Commvault.
As cyber threats continue to grow, both private and public sector organisations are compelled to fortify their data security and cyber recovery strategies. A recent report, commissioned by Commvault in collaboration with IDC, revealed that 61% of IT and business leaders recognised the persistent risk and serious implications of a cyber attack, predicting that a data breach due to increasingly sophisticated access within the next year is "likely" to "highly likely".
The IRAP certification is part of the security measures outlined in Australia’s Security Legislation Amendment (Critical Infrastructure) Bill, introduced to Parliament in 2023. This amendment manages risks particularly associated with foreign involvement in Australia's critical infrastructure, considering that a significant portion of Australia's infrastructure is privately owned.
All of Commvault's SaaS-delivered data protection solutions are IRAP-certified and integrated into its commercial offering. These enhanced security capabilities and solutions for cyber resilience aim to offer excellent compliance capabilities. Crucially, these measures also deliver swift recovery options – a necessity in a world of ceaseless and escalating cyber threats.