canjoena -

Keeping Commvault on its toes in ASEAN

Backup and data protection software supplier is going after mid-sized companies and renewing its focus on partners to make deeper inroads in Southeast Asia

Like most established enterprise technology companies, backup, recovery and data protection software supplier Commvault has accumulated legacy ways of running its business in over two decades of operation.

The challenge for such companies is to continue to overcome legacy thinking, stay connected with changes in the market and try to avoid being left behind or disrupted by more nimble upstarts.

Faced with pressure from activist investor Elliott Management – one of Commvault’s largest shareholders – over the company’s share-price underperformance, a strategic transformation plan was initiated in 2017 to improve the company’s revenue and operating margins through subscription-based pricing and other means.

In an interview with Computer Weekly, Matthew Johnston, Commvault’s area vice-president for ASEAN and Korea, explains the thinking behind the transformation plan and how he is keeping the company on its toes in Southeast Asia.

How is Commvault doing in the ASEAN region, especially with the changes that have been made on several fronts, including organisational structure, product portfolio and pricing strategies?

Johnston: It’s an exciting time for us at the moment. When we last spoke late last year, we started looking at planning some of the changes you see now. We started to take a hard look at our business and think about how we can make it easier for our customers and partners to work with us.

With digital transformation efforts under way, more customers are now looking at how they can move from a capex (capital expenditure) model to an opex (operating expenditure) model. But our licensing structure didn’t fit into some of those conversations we were having with customers.

So, in November 2017, we started the Commvault Advance programme covering three key focus areas: simplify, streamline and scale. The first thing we looked at was how we could simplify our business from product, process and people perspectives in order to be more nimble, given that we’ve been in the business for over 20 years with legacy ways of doing things.

From a product perspective, we didn’t really change that much around our technology. What we looked at was how customers consumed our products and how we can leverage our channels more effectively. To be honest, we were very focused on the enterprise, particularly in North America, where we adopted a high-touch, high-named accounts kind of selling. We were missing out a little on the mid-market segment and leveraging our partners was the way to do that. This includes Huawei, HPE, Hitachi, NetApp and cloud suppliers such as Microsoft and Amazon Web Services (AWS).

We also looked at simplifying the deployment process and reducing any complexity, so that it will take just five clicks to install our products, for example. In addition, we looked at our licensing model, which was geared for large enterprises by providing a lot of flexibility with thousands of SKUs (stock-keeping units) that they can pick and choose from. That was way too complicated, so we turned the entire pricing model on its head and created four products.

The first is Backup Complete, which is exactly what it says – an entire backup portfolio available to customers as a single package, enabling them to take advantage of the full power of the product. Existing customers will also get the opportunity to upgrade to Backup Complete as they renew their maintenance or make new purchases. This throws down the gauntlet to our competitors that backup is our lifeblood.

Read more about data protection in ASEAN

  • A group of universities, certification bodies, law firms and data protection experts have banded together to form an industry network that hopes to shore up the data protection capabilities of organisations in Southeast Asia.
  • A large proportion of businesses in ASEAN will be affected by Europe’s General Data Protection Regulation, but awareness of the new rules remains low, even in countries with existing data protection laws.
  • Singapore is reviewing its personal data protection laws to keep up with the changing technology landscape, such as growing adoption of the internet of things where seeking consent from consumers for the collection and use of personal data may not be practical.
  • Veritas is upping its investments in Asia, and partnering with more local and specialised cloud providers in the region.

Next, we looked at the architecture of our product to support customers that are implementing web-scale infrastructure. We introduced a product called HyperScale that enables our customers to support backup at scale, in the petabyte range, using commodity infrastructure. That means they can take advantage of converged infrastructure, and not be tied down to huge storage-based infrastructure. This ties in nicely with a number of our hardware partners who are selling commodity servers well-suited for web-scale infrastructure.

We have also enhanced our reporting product to help customers comply with the GDPR (General Data Protection Regulation) and other data protection regulations across the ASEAN region. For example, with the right-to-be-forgotten provision in the GDPR, organisations need to be able to identify and erase personal information that had been backed up on potentially proprietary backup silos. And we can help them do that because of the way our product architecture works.

The way we go to market with our channels has also been turned upside down. We’ve taken our territory sales organisation and essentially pushed it to focus on named partners. In APAC, it’s not such a drastic change because we’ve always been heavily channel-oriented. In ASEAN alone, over 90% of our business comes from channels. The renewed focus means our sales organisation is even more incentivised to support our partners, who can now get in touch with our partner success desk if they have questions on anything from getting a quote to technology and processes.

While partners are clearly important, how do you ensure you are not completely detached from customers?

Johnston: That’s a good question. We have a named-account set of resources and we still retain our largest accounts. Our partner sales organisation still retains a customer list in conjunction with our partners. The idea is for us to train our partners, and remain in touch with our customers who still need to feel that Commvault is serving them effectively. We cannot lose touch with our customers, so we do health checks with customers, and help them take advantage of the new features in our products to maximise their investments.

What has the take-up of subscription licensing been like?

Johnston: I don’t have specific numbers for the region. Australia has seen strong take-up, but it’s been a little more conservative in Singapore. In other parts of ASEAN, we are seeing take-up of our appliances in developing nations, more so than subscription licences. In some industries, such as financial services and government, there is also less appetite for subscriptions at the moment because they haven’t quite worked out how to amortise assets that they don’t own.

But as soon as they start using more cloud services, they are forced into subscriptions anyway, because that’s the only way they can buy. That’s why we’re starting to work with the likes of AWS and Azure, where customers can buy data protection services from us to protect their cloud workloads.

Are there particular industries that you would consider as sweet spots for Commvault?

Johnston: It depends on the country. In Singapore, we’ve had good success with the government on our own and through our partners. With the new licensing model, we’ll probably see opportunities increase as more organisations see the need to protect their big data instances. Outside Singapore, we’re seeing success in financial services, manufacturing and education. New Zealand is also a fast adopter of web-scale technologies. The challenge is getting references from our customers, which we’re working on now.

Has the GDPR and growing cyber threats led to more conversations with customers?

Johnston: Yes, it has certainly raised a lot of conversations. In fact, the role of data protection is to facilitate recovery from cyber attacks. As for GDPR, there’s a risk that organisations don’t realise the extent of the reach of the data protection regime, although that will change as more countries in the region, such as Indonesia and Vietnam, look to roll out similar laws.

Read more on Data protection, backup and archiving

Data Center
Data Management