Commvault Cloud Unified Data Vault secures S3 data

Commvault has launched Commvault Cloud Unified Data Vault, a cloud-native service that provides a Commvault-managed S3-compatible endpoint for organisations that store backups and other datasets using the S3 protocol.

The company positions the service as a way for cloud developers and data teams to place S3-written data into Commvault-managed storage under a single policy framework. Commvault said the approach applies immutability, encryption and governance controls to S3 data.

Developers and platform teams often use S3 as a destination for exported backups from databases and SaaS services. Commvault pointed to tools such as CockroachDB and Greenplum, as well as services including Docusign and monday.com. It said this usage can leave backup data spread across multiple buckets with inconsistent retention and lifecycle controls.

Commvault said fragmented S3 backup stores can create compliance risks and slow recovery processes. Unified Data Vault aims to consolidate protection rules around S3-written data, rather than leaving retention and access patterns to vary by bucket and workload.

Commvault said Unified Data Vault provides an S3-compatible endpoint that Commvault operates. Workloads that already write backups to S3 can direct those writes to the Commvault endpoint. Commvault said organisations do not need to install agents as part of the service.

Commvault said data written into the vault inherits controls at ingestion. The company listed encryption, deduplication, immutability and policy-based governance. It also described the storage as air-gapped.

Commvault framed the service as relevant for application data and AI data. It said teams can use the service for modern and custom workloads. It also referenced emerging AI workloads that create large datasets and frequent backup activity.

“S3 fundamentally changed how data is stored. Unified Data Vault changes how that data is protected,” said Pranay Ahlawat, Chief Technology and AI Officer, Commvault.

“For the first time, developers and data teams can write directly to a Commvault-managed S3 endpoint and instantly gain encryption, immutability, and policy control - all without agents or added complexity. It's enterprise-grade cloud protection built for the builder,” said Ahlawat.

Commvault said Unified Data Vault fits existing S3 workflows and APIs. The company said this supports DevOps automation through native S3 patterns rather than new tooling. It also said teams can avoid creating separate data management silos for different applications and storage destinations.

Commvault outlined several product attributes, including “agentless simplicity” and “centralized policy governance”. The company said policies can apply across clouds, regions and workloads. It also said retention controls take effect when backups are written.

Industry analysts have tracked how S3-style storage has become a default target for application exports and backup files, including data linked to AI development and deployment. That shift has increased the volume of data that security and IT teams need to govern across distributed cloud estates.

“For many developers, S3 is the de facto data store for popular AI databases and applications. The need to bring a strong resilience posture to these large data sets is paramount,” said Archana Venkatraman, Senior Research Director, IDC.

“Unified Data Vault extends centralized automation, immutability, and air-gap protection to S3 data in a way that is easy for developers to use yet gives SecOps and IT teams peace of mind that end-to-end resilience is factored into the equation,” said Venkatraman.

Commvault said the service will be available through its partner ecosystem. It cited managed service providers, resellers and cloud service partners. The company said partners can use the service for S3-native workloads.

Commvault said Unified Data Vault is available via an Early Access programme. The company said it is targeting general availability in spring 2026.