Druva Data Resiliency Guarantee FAQ

What did Druva announce today?

Today Druva announced a new data resiliency guarantee program that ensures customers’ data is always safe and always ready. The financially-backed guarantee provides up to $10M in coverage, and enables customers to protect against a wide variety of data loss and downtime events across five categories of risk, made possible by best-in-class SLAs:

 

RiskCyber riskHuman RiskApplication riskOperational riskEnvironmental risk
SLA100%
Confidentiality
100%
Immutability
99%
Reliability
99.999%
Durability
99.5%
Availability
DescriptionGuarantee that Customer Data will not be compromised as a result of a Security Incident.
See DRGA for term definitions
Guarantee that the last successful backup of Customer Data will be recoverable in the event of a Ransomware Incident.
See DRGA for term definitions
Guarantee that backups will complete successfully in accordance with Customer Policies.
See DRGA for term definitions
Guarantee that Customer Data backed up is recoverable. See DRGA for term definitionsGuarantee that Cloud Services
will be available not less than 99.5% of the time during a Reporting Period.
See DRGA for term definitions

 

RiskSLA
Cyber Risk100%
Confidentiality
Human Risk100%
Immutability
Application Risk99%
Reliability
Operational Risk 99.999%
Durability
Environmental Risk99.5%
Availability
RiskDescription
Cyber RiskGuarantee that Customer Data
will not be compromised as a
result of a Security Incident.
See DRGA for term definitions
Human RiskGuarantee that the last successful
backup of Customer Data will be
recoverable in the event of a
Ransomware Incident. 
See DRGA for term definitions
Application RiskGuarantee that backups will
complete successfully in
accordance with Customer
Policies.
See DRGA for term definitions
Operational RiskGuarantee that Customer Data
backed up is recoverable.
 See DRGA for term definitions
Environmental RiskGuarantee that Cloud Services
will be available not less than
99.5% of the time during
a Reporting Period.
See DRGA for term definitions

The Druva Data Resiliency Guarantee is designed to give customers confidence in their ability to quickly recover data, and minimize downtime, following a data loss or unplanned downtime event that financially impacts their organization. Through partnership with Druva, customers will benefit from comprehensive protection that includes internally-sourced and external, third-party ransomware and many other forms of cybercrime, accidental deletion, hardware failure, and natural disasters.

Why is this guarantee important for customers?

The Druva Data Resiliency Guarantee is important for three specific reasons:

Protection against all cyber threats (not just ransomware): The rapid growth of ransomware has put data protection vendors into the spotlight as customers look for solutions to protect their business data. But while some traditional vendors have protections that can cover limited use cases (such as external, third-party ransomware), few vendors can provide the breadth and depth of coverage that Druva can deliver via our cloud-native, SaaS-based approach. The Druva Data Resiliency Guarantee covers many other forms of cybercrime, including internally-sourced and external, third-party ransomware.

Coverage against many risk events: Cyber threats, and specifically ransomware, certainly make up the majority of data loss headlines today, but administrators know that data loss and downtime can be the result of many other risks. The Druva Data Resiliency Guarantee provides coverage across 5 categories of data risk including cybercrime, operational, human, application and environmental.

Confidence in data security and protection: Customers are still lacking confidence in their ability to defend and recover against the many forms of cybercrime and other risk events. We believe that this guarantee program represents another layer of protection for customers in their effort to minimize the impact of data loss and downtime. The Druva Data Resiliency Guarantee, like the Druva Data Resiliency Cloud, is fundamentally different from competitive offerings. Other providers do not offer a guarantee that is as comprehensive as our program. We believe the breadth and depth of our coverage will give customers confidence in their ability to effectively defend their critical data from loss and downtime.

How can prospects and existing customers take advantage of the Druva Data Resiliency Guarantee ?

For those customers that qualify, and choose to sign up for the Druva Data Resiliency Guarantee, they will immediately benefit from peace of mind that their data is secure, protected, and available. Contact us to learn more about the program.

Why is Druva launching this now?

According to an IDC survey conducted in December 2021, fewer than one-third of organizations that were victims of ransomware were able to fully recover their data without paying the ransom. The threat of ransomware has only risen since and collectively costs organizations billions of dollars in lost revenue, corporate reputation, recovery efforts and ransoms. 

Druva is committed to not only helping organizations strengthen their protection against ransomware, but enhance their data resiliency against all five key categories of risk: Cybercrime, operational, human, application, and environmental.

What Druva solutions are covered under the Druva Data Resiliency Guarantee?

Customers must purchase the Security Posture and Observability license.

How much data must a company have stored with Druva / how large of a contract must a company have with Druva in order to qualify for this guarantee?

There are no capacity minimums, however customers must meet an annual spend minimum, contract length, and Druva Health Check. Contact your Druva representative to learn more.

How long does the Druva Data Resiliency Guarantee last?

As of the release date, the Druva Data Resiliency Guarantee does not have an end date. Customer specific guarantees will be co-terminus with their service contracts.

Is this guarantee retroactive for existing customers, or does it only apply to new customers?

Existing customers are eligible if they satisfy the program criteria.  Existing customers should contact their Druva representative to learn more. For both existing and new customers, the guarantee will apply as long as the customer meets the annual spend minimum and the contract length criteria.  

What is the difference between the protection that eligible Druva customers obtain by signing the Data Resiliency Guarantee Agreement and the liability limit provided in Druva’s Master Customer Agreement?

By signing the Data Resiliency Guarantee Agreement, customers effectively expand their protection to include new confidentiality, immutability, reliability, and durability SLAs and increase the liability limit in Druva’s Master Customer Agreement. Druva’s standard MCA provides for a liability limit equal to 12 months of subscription fees whereas the Data Resiliency Guarantee Agreement provides a higher limit scaled to subscription fees and capped at $10M in the event Druva’s fails to meet certain SLAs, including the new immutability SLA, that is not covered in Druva’s standard MCA.

Is the Guarantee payout tiered? How are the tiers determined?
Annualized Total Amount of Subscription
Fees Paid by Customer for all Druva solutions,
including any Eligible Druva Solution
Payment Cap in U.S. Dollars (“Cap”)
$25,000 - $49,999$100,000
$50,000 - $99,999$250,000
$100,000 - $249,999$750,000
$250,000 - $499,999$2,000,000
$500,000 - $999,999$4,500,000
$1,000,000+$10,000,000
Does this apply to organizations which have purchased Druva through VARs, or channel partners?

The Druva Data Resiliency Guarantee will be eligible for all VAR led deals.

How does this work with key partners like AWS and Dell Technologies?

The Druva Data Resiliency Guarantee will be eligible for all Dell orders via ETC. However, Dell OEM orders are NOT eligible. Both AWS-led and AWS Marketplace led deals are eligible.

How does the Druva Data Resiliency Guarantee align with my cyber insurance program?

Each company must evaluate their risk profile and determine the depth and breadth of their cyber insurance program. The Druva Data Resiliency Guarantee may be viewed as an additional layer of protection that works in conjunction with a cyber insurance program. For example, in 2021 Druva was awarded the Marsh Cyber Catalyst designation by a panel of insurers, finding that the Druva platform can be highly effective against cyberthreats.

Where can I find the Druva Data Resiliency Agreement?

The Druva Data Resiliency Guarantee  Agreement can be  found here.

As a qualified participant of the Druva Data Resiliency Agreement, how do I submit a question/issue?

The Druva Data Resiliency Guarantee  Incident Report can be  found here.

Product Details
What’s different about Druva’s architecture that allows you to stand behind such claims?

Druva’s cloud-native, SaaS-based approach provides a number of unique security and protection capabilities that ensure customer data is safe at all times. In combination, these architectural, user built-in capabilities, and added services enable us to offer security best-practices inherent in all solutions:

  • Data access – The Druva architecture inherits security, vs. competitive architectures that need to be secured after-the-fact.
    • By design, Druva has no operating system with block level access. As a result, it is impossible to execute malicious code on environment, or propagate an attack across a multi-tenant environment
  • Users – built-in protection – Beyond native architecture design, data is protected with a variety of capabilities available to all customers Data immutability
    • Multi-factor authentication
    • Role-based access control
    • Encryption in-flight and at-rest
    • Customer rollback from accidental/intentional deletion
    • Physical air-gap (not virtual or logical air-gap)
  • Additional services – Additional services developed and delivered by Druva, across solutions, gives customers added confidence that any unusual activity is detected quickly, but also remedied immediately 
    • Security Monitoring and Observability
    • Accelerated Ransomware Recovery
    • Curated snapshots
    • Data sanitization
    • Malware/Virus scanning – Backups (at point of restore/recovery)
    • Malware/Virus scanning – Edge (at point of backup)