With enterprises pushing more production workloads onto Google Cloud, backup conversations are changing. The main question is no longer whether data exists somewhere safe, but whether organizations can recover entire applications quickly, prove data integrity, and respond to regulatory requests without chaos when an incident hits.
Commvault’s expanded collaboration with Google Cloud reflects that shift, and now the focus is on recovery execution, isolation from attackers, and compliance readiness, not incremental backup features.
Understanding where cloud responsibility ends and recovery begins
One challenge many organizations still underestimate is the cloud shared responsibility model. Google Cloud secures and operates the underlying infrastructure, but responsibility for data, identities, configurations, and recovery remains with the customer.
Michael Fasulo, Senior Director of Portfolio Marketing at Commvault, frames the distinction clearly. He told ChannelE2E, “Google is responsible for securing and maintaining the underlying cloud infrastructure, components like the physical network, compute, storage, and overall availability of the platform. However, customers remain fully responsible for their data, configurations, identities, access policies, and the recovery of their applications.”
That gap becomes visible during ransomware events or large-scale misconfigurations. Native cloud tools often protect individual assets, such as snapshots or databases, but modern cloud applications are distributed, stateful, and deeply interconnected.
“This is where Commvault’s Cloud Rewind fills the shared responsibility gap by protecting your entire application stack, including the dependencies, configurations, and metadata, to accelerate clean complete recovery,” Fasulo said. “Recovering them is far more complex than restoring a single component.”
Recovery built around applications, not fragments
Cloud Rewind extends Commvault’s role beyond data restoration into application reconstruction. Instead of restoring files or snapshots in isolation, it supports rebuilding cloud applications to a known-good state, accounting for dependencies that often derail recovery timelines.
According to Fasulo, this distinction matters most under pressure: “During a ransomware event, that distinction becomes critical. Cloud Rewind doesn’t just restore files or snapshots; it reconstructs your entire cloud presence exactly as it was before the attack, in minutes.”
For organizations operating under tight recovery time objectives, that difference directly affects downtime, revenue impact, and customer trust.
Air-gapping still fails in many cloud environments
Immutability and air-gapping are now common terms in cloud security discussions, but not all implementations provide the same level of protection. In many cases, immutable backups still sit within the same identity and control plane as production workloads.
Fasulo explained why that matters: “Many cloud vendors now tout ‘immutability’ and ‘air-gapping,’ but these controls often still live within the same security and identity plane as production systems, leaving them vulnerable to credential compromise or API driven attacks.”
Commvault’s Air Gap Protect for Google Cloud takes a different approach by placing immutable copies inside a truly isolated environment with its own security boundary.
“Even if attackers penetrate production, they cannot reach, modify, or delete protected data,” Fasulo said. “Combining Air Gap Protect and Cleanroom Recovery gives customers confidence that their data is verified, uncompromised, and always ready to restore.”
This separation is especially relevant as attackers increasingly target backup infrastructure as a way to block recovery options.
Compliance search without operational sprawl
The expanded collaboration also enhances protection for Google Workspace by adding advanced compliance search capabilities to Commvault’s eDiscovery offering. Legal and compliance teams can locate and export emails and files directly from backups without moving data into separate systems.
For enterprises dealing with audits, investigations, or litigation, this reduces response times and operational overhead while keeping compliance workflows tied to protected data.
What this enables for MSPs, MSSPs, and channel partners
Beyond enterprise customers, the expanded integration has implications for managed service providers. Fasulo noted that Air Gap Protect and Cloud Rewind give MSSPs capabilities they can standardize and scale.
“With Air Gap Protect, partners can now offer a fully isolated, immutable, and indelible backup tier natively on Google Cloud,” he said, allowing them to package ransomware-ready storage as a differentiated managed service.
Cloud Rewind changes the economics of recovery services as well. “With Cloud Rewind, MSSPs can automate full-stack discovery, protection, and one-click rebuilds of cloud native applications,” Fasulo explained. “This eliminates the custom scripting and manual config capture that used to limit how many customers an MSP team could support.”
The result is repeatable recovery SLAs, automated resilience testing, and higher-margin services that are easier to operate at scale.
Commvault’s expanded work with Google Cloud reflects a broader market reality. Cloud resilience is moving away from isolated backup tools toward platforms designed for incident execution, verified recovery, and regulatory accountability.
For organizations running critical workloads on Google Cloud, the message is straightforward: protecting data is necessary, but protecting recoverability is what determines whether the business can actually resume operations when something goes wrong.