Provider of cyber resilience and data protection solutions for the hybrid cloud, Commvault, is announcing enhancements to its post-quantum cryptography (PQC) capabilities.
These enhancements are designed to help customers protect their highly sensitive, long-term data from a new generation of cyber threats by providing an additional layer of protection.
Commvault doubles down on quantum threat
Commvault is building off its cryptographic agility (crypto-agility) framework, which enables customers to address evolving threats without overhauling their systems, via the Commvault Cloud platform. The announcements see Commvault adding support for Hamming Quasi-Cyclic (HQC), a new error-correcting code-based algorithm designed to defend against threats like ‘harvest now, decrypt later’, where adversaries are intercepting encrypted network traffic and storing it for a later time when quantum computers are powerful enough to decrypt it.
“The quantum threat isn’t theoretical,” said Bill O’Connell, chief security officer at Commvault. “We were among the first cyber resilience vendors to address post-quantum computing, and by integrating new algorithms like HQC and advancing our crypto-agility framework, we are providing our customers with the tools to navigate this complex landscape with confidence. Our goal is simple and clear: as quantum computing threats emerge, we intend to help our customers keep their data protected.”
While quantum computing has the capability to solve complex problems in a fraction of the time that traditional computing does, its advancements bring unique security challenges, including the potential for threat actors to use quantum computing to decipher and unlock traditional encryption methods.
The new expanded capabilities will help industries that require long-term data storage, such as finance and healthcare, by providing access to a variety of safeguards that help fortify network funnels against quantum-based attacks.
“Quantum readiness has become a business imperative, particularly for industries which handle data that remains sensitive for decades. The time when currently encrypted data can be decrypted using quantum technology is closer than many people think,” said Phil Goodwin, research VP at IDC. “Commvault’s early adoption of quantum-resistant cryptography and commitment to crypto-agility positions it as the forefront among data protection software vendors in proactively addressing quantum threats. Organizations with sensitive, long-term data need to prepare now for a quantum world.”
Commvault’s post-quantum cryptography capabilities, including support for NIST’s HQC algorithm, are available immediately to Commvault Cloud customers running software version CPR 2024 (11.36) and later, and enable seamless adoption of quantum-resistant protection.
“Commvault has been an invaluable partner in our journey to enhance cyber resilience,” said Jeff Day, Deputy CISO for the Nevada Department of Transportation. “Their leadership in adoption post-quantum cryptography, combined with their crypto-agility framework, is exactly what we need to meet stringent government security mandates and protect highly sensitive information from emerging quantum threats.”
The news of Commvault’s quantum work comes on the heels of the organization joining forces with Deloitte on cyber resilience. Read more about their joint capabilities for cyber threat management to recover from attacks quickly.