Hi everyone,

Commvault is starting to offer solutions for customers to restore their operations under the metallic flag. One of them is the restore of your CommServe using a DR backup, if you enabled the cloud upload.

This got me wondering as accessing data from our Commcells or other data behind sso.commvault.com does not require tfa/mfa or offers the possibility of enabling tfa/mfa.

Especially in the use case when we talk about our DR sets containing encryption keys to our encrypted public cloud storage (S3, Azure, metallic storage, gcp storage, etc) I think we could be running quite a risk here.

What is your take on asking for TFA/MFA on sso.commvault.com?

Personally I think Commvault should enable it sooner rather than later, but curious to hear other perspectives.