Commvault has announced that its portfolio of SaaS-delivered data protection solutions has completed an assessment by the Infosec Registered Assessor Program (IRAP) at the PROTECTED level. Administered by the Australian Cyber Security Centre (ACSC), the IRAP framework ensures that technology providers meet the highest security and integrity protocols in line with the Australian government’s information security standards.
IRAP provides a common framework to certify a solution’s security posture and resiliency from advanced threats. By conducting an in-depth examination of software architecture, design, and security protocols, IRAP certification ensures Commvault’s SaaS data protection solutions meet stringent ISM (Information Security Manual) security requirements, and that government agencies and contractors can confidently adopt Commvault solutions.
Commvault says it adds to its current position as the only SaaS data protection portfolio to meet FedRAMP High (In Process) status, with the approved ATO signed by the Department of Treasury on July 12, 2023.
With cyber threats continuing to escalate, private and public sector entities are under increased pressure to bolster their data security and cyber recovery measures.
In fact, according to a new Commvault report commissioned in partnership with IDC, both IT and business leaders understand the constant risk and dire consequences of a cyber attack, with 61% of respondents believing that data loss within the next 12 months is “likely” to “highly likely” to occur due to increasingly sophisticated access.[1][1]
Combatting these concerns, Australia’s IRAP assessment falls under the Security Legislation Amendment (Critical Infrastructure) Bill, introduced to Parliament in 2020.
The amendment has a National Security focus and was put in place to manage risks posed in particular by foreign involvement in Australia’s critical infrastructure, considering that a significant amount of the country’s infrastructure is privately owned.
