Authorization by Tenant Administrators for Business Logic Workflows
With multi-person authorization you can enforce authorization from another user when backup data delete and restore operations are attempted. Multi-person authorization can help protect against insider threats as well as bad actors using compromised credentials to perform data exfiltration or destructive tasks with the Commvault management interface.
When an MSP administrator installs a business logic workflow on their CommServe, then the authorization email goes to the default master user and the users listed on the GetAndProcessAuthorization workflow. As an alternative, an MSP administrator can select tenant administrators belonging to different companies to authorize the action initiated by their respective company users.
For more information, see the following:
Commvault Certificate Tool Enhancements
You can now specify the key pair generation algorithm and key pair size. In addition, P7B files are now supported.
For more information, see the following:
Configuring Connectivity to Web Server and Workflow Engine in a CommServe LiveSync Setup
You can connect the remote Web Server and/or the Workflow Engine clients to the CommServe computer to ensure that the ODBC connection to the CommServe is established in the CommServe LiveSync setup.
For more information, see Configuring Connectivity to Remote Web Server and Workflow Engine Clients.
Detect File Type Anomalies in Backups
Files with a file type that is different from the file extension or that is invalid due to potential corruption are detected and listed in the Unusual File Activity dashboard as a File Type anomaly.
The file type discrepancies could be malicious in nature, or could indicate some other destructive activity on the system. When the number of file type anomalies exceeds 10% of the total files protected in a backup job, the software sends an alert to the administrator and displays an event message. These files can be viewed in the Unusual File Activity report. From this report, you can mark the file safe, download the file in its infected form for forensic purposes, or recover a previous good version of the file that was protected in previous backups automatically.
For more information, see Unusual File Activity Report for File Type Anomaly Detection in Backup Jobs.
Scan Backup Content for Malware to Perform Clean Recoveries
You can create a threat analysis plan to proactively scan backups for malware. With the threat analysis plan, you can identify and remove unwanted malware from your backup data, thus minimizing the impact of reinfection and impact on your recovery objectives.
For more information, see Threat Analysis.