Privileged access management, MSSP

Commvault and BeyondTrust Partner to Secure Privileged Access in Backup and Recovery

Commvault and BeyondTrust have partnered to bring privileged access management (PAM) directly into the backup and recovery environment. The integration links BeyondTrust’s Password Safe with the Commvault Cloud platform, giving enterprises and service providers a stronger way to secure credentials, protect recovery systems, and reduce risks tied to unauthorized access.

Addressing the Risks of Machine Identities

Identity security challenges go beyond human users. Machine identities used by applications, scripts, and automated services now outnumber human accounts in many organizations, and their unmanaged credentials often become an entry point for attackers.

Alan Atkinson, Chief Business Development Officer at Commvault, explained to MSSP Alert how the integration tackles this threat.

"Machine identities used by applications, services, and scripts represent a massive and often overlooked risk. Without proper management, their credentials can be hard-coded or stored insecurely, making them prime targets for attackers looking to move laterally through a network. This integration directly confronts this problem by allowing automated services within the Commvault Cloud environment to request credentials from BeyondTrust Password Safe Just-in-Time (JIT)… Once the task is complete, the credentials are automatically revoked – eliminating the use of static, long-lived credentials for machines, while closing a common and very dangerous backdoor that attackers exploit," Atkinson said.

This approach reduces the risk tied to static credentials and strengthens overall protection for recovery infrastructure.

Cyber Resilience and Identity Security Together

Data protection alone is no longer enough in today’s threat landscape. Attackers are actively targeting the backup environment itself, using stolen or misused privileged credentials to compromise recovery systems.

Atkinson highlighted why the partnership is pivotal: “We see the combination of privileged access management and data resilience as the future of a true defense-in-depth strategy. You can’t have data resilience without identity security, and vice-versa. Attackers are increasingly targeting the backup infrastructure itself by compromising privileged credentials to gain access. It’s no longer just about securing the data but securing the entire cyber resilience ecosystem, including all of its access points.”

By embedding identity security into Commvault Cloud, enterprises can align their centralized identity policies with their most critical recovery systems. This ensures that when an attack occurs, backup data remains both secure and recoverable.

Value for MSPs and MSSPs

For MSPs and MSSPs, the integration also opens new opportunities to deliver secure, compliance-ready services. Multi-tenant environments create complex challenges around credential management, security enforcement, and auditability.

Atkinson described the benefits for partners: “This partnership creates significant value for our MSP and MSSP partners. When it comes to managing complex, multi-tenant environments, the two biggest challenges are often maintaining security and proving compliance across different client infrastructures. For our partners, this integration allows them to offer their customers a more secure and compliance-ready service by centrally managing all privileged credentials and implementing Just-in-Time access to drastically reduce the attack surface. It also provides a detailed, immutable audit trail, which is a powerful tool for MSPs to help their customers enforce security policies like meeting stringent regulatory objectives.”

By pairing identity security with data resilience, service providers can extend their offerings beyond standard backup services to deliver a differentiated, comprehensive cyber resilience solution.

Suparna Chawla Bhasin

Suparna is the Senior Managing Editor for CyberRisk Alliance’s Channel Brands, including MSSP Alert and ChannelE2E. She manages content development, sharpens editorial workflows, and ensures storytelling is tightly aligned with audience needs. With a background in technology, media, and education, she combines strategic insight with creative execution.

You can skip this ad in 5 seconds