Minimum viability, sometimes referred to as a “minimum viable company”, means having a keen understanding of just the most critical assets and what it takes to restore them to be operational after a cyberattack or incident.

Developing a plan for minimum viability starts well before an attack and has basically three main phases:

• Accurate and aligned view of the core processes and dependent systems.
• Understanding the cost of downtime for those core resources.
• Clear and actionable plan to restore critical systems, data, and processes.

Commvault offers capabilities to help organizations get to minimum viability and beyond as quickly as possible. These include:

• Identity Recovery: Active Directory & Entra ID protection with forest-level recovery to rebuild the entire AD environment at scale required to rapidly establish minimum viability.
  Commvault offers automated, forest-level recovery of AD that includes the auto-generation of custom run books and point-and-click simplicity to recover complex AD environments in minutes or hours, rather than weeks.
• Communications Recovery: Backup and protection for Microsoft 365 and Google Workspace collaboration platforms.
• A huge coverage of protected workloads: On-prem, hybrid, and cloud workloads across apps, databases, VMs, files, objects, SaaS apps, and more.
• Cloud security with resource discovery and mapping: To find the hundreds or even thousands of cloud resources used by your organization, including serverless and containerized compute, NoSQL databases, ML and AI services, virtual networking, and more. Unprotected cloud resources, dependencies, and configurations extend the recovery times of restoring critical cloud infrastructure after an outage or attack – a risk that can be avoided with automated cloud resource discovery, mapping, and configuration protection. 
• Air-gapped, immutable backup storage: Keep data protected from ransomware attacks with airgapped copies.
• Isolated, on-demand testing via Cleanroom: On-demand recovery to secure, isolated locations on the cloud helped by automation, for testing, to conduct forensics, and initial production recovery directly from cloud-based immutable and indelible storage. 
• Cloud-scale recovery: Leverages cloud techniques (even for on-premises environments) to recover large datasets rapidly. Recovering critical data after a cyberattack requires a complex and cumbersome set of operations. However, modern cloud techniques – from the parallel nature of microservices-based to serverless scale – can help streamline large recovery processes to get businesses back online rapidly and reliably. 
  Commvault offers automated, cloud-scale recovery capabilities. From leveraging serverless functions for restoring billions of objects in cloud datastores to using containerized microservices to bring cloud-like speed and scale to on-prem recovery, Commvault gives customers cloud-scale recovery to enable reliable, rapid recovery at scale. 
• Recovery-as-code: Automates rebuilds of cloud application and infrastructure stacks (networking, DNS, compute) to accelerate restoring minimum viability.  
• Rapid recovery for AI workloads: Residing in object stores like Amazon S3 and S3-based data lakes. This kind of storage requires a new set of protection and recover capabilities to handle the necessary scale. Recovering billions of objects – and helping verify all objects are properly restored and correlated to a previous point in time – is a complex and compute-intensive set of operations.
 

Some specific Commvault products that can help to improve the minimum viability are:

• Cleanroom Recovery is a  new era in cleanroom technology introduced by Commvault on April 29th 2024 that allows continuous testing and refinement of cyber recovery processes, helping provide clean restores of critical applications in isolated cloud environments. Use the cloud’s elastic scale to store data, practice recovery, and conduct isolated forensic analysis to investigate and remediate threats. 
• Commvault Cloud Rewind continuously discovers cloud-based application workloads, automatically maps related network and security dependencies, and protects it all in a segregated, air-gapped environment. Rewind the application stack to a point in time before a breach or configuration error occurred, rebuilding environments through recovery-as-code that can easily integrate into CloudOps processes or CI/CD pipelines. 
• Commvault’s Clumio Backtrack offers protection of emerging workloads in S3, making it possible to recover billions of objects accurately, reliably, and with the speed necessary to minimum viability quickly. 

But is not only product related… also people and process are crucial. Traning, learning, testing, prove, improve are important phases. For this reason Commvault has introduced Recovery Range, powered by SimSpace, an in-person event providing hands-on training to restore critical business applications and data assets, not just simulate an attack. It integrates realistic attack simulations with essential cyber recovery exercises to unlock a new era in cyber preparedness.

Teams of four will collaborate to recover from an attack on Tekbite, a global manufacturing and retail business with online and brick-and-motor storefronts.

Premiering at RSAC 2025 with a 45-minute teaser, followed by Commvault-hosted roadshow with 2-hour long simulation.

For more information see also the Commvault’s guide to minimum viability.