When you’re responsible for powering communities across southern Minnesota, cybersecurity isn’t just about protecting data. It’s about making sure the lights stay on. For Southern Minnesota Municipal Power Agency (SMMPA), implementing Commvault® Cleanroom Recovery was a strategic decision that transformed their approach to cyber resilience.
Meeting the Challenge Head On
SMMPA serves as an electric wholesaler to 17 municipal utilities. With approximately 50 employees supporting critical power infrastructure, the organization must maintain constant resilience against increasingly sophisticated cyber threats, where even a short disruption could have widespread impact.
After more than a decade as a Commvault customer, SMMPA faced a new wave of cyber readiness requirements. Cyber insurance providers introduced stricter mandates, including air-gapped backups and malware scanning at rest.
At the same time, the team needed confidence that it could rapidly recover mission-critical systems such as domain controllers, SQL databases, and application servers, without risking the restoration of compromised data.
“As our cyber readiness requirements evolved, we started evaluating Cleanroom Recovery more seriously,” says Alan Wagner, Manager of IT & Corporate Cybersecurity at SMMPA. “We were thinking about additional ways to safeguard and protect ourselves. Cleanroom sounded like it would be a good solution for that.”
Having relied on Commvault for more than a decade and recently expanding into Commvault Cloud SaaS protection for Microsoft 365, SMMPA viewed Cleanroom Recovery as a natural next step in strengthening its cyber resilience strategy and helping it meet new compliance expectations.
A Collaborative Implementation Journey
SMMPA’s Cleanroom Recovery deployment in March 2025 showcased the power of collaboration between its team and Commvault. Sam Mack, IT/OT and Cybersecurity Specialist at SMMPA, appreciated the responsive partnership: “The Commvault team was quick to address any questions we had during setup.”
The team worked together to optimize its VMware virtual machine configuration for the Azure environment. “We discovered we needed to install some additional tools on the virtual machines to get them running smoothly within Cleanroom Recovery,” Sam explains. This fine-tuning meant its recovery solution was calibrated for its specific infrastructure.
The result? A successful implementation that met all SMMPA’s requirements and positioned it for robust cyber resilience.
Protecting What Matters Most
SMMPA uses Cleanroom Recovery to protect its critical infrastructure, including file servers, application servers, SQL servers, virtual domain controllers, and print servers.
“We’re an Office 365 shop, and we use Commvault Cloud to back up that infrastructure,” Sam says. “In the event of a compromise, getting those domain controllers, file servers, and SQL servers is going to be our priority.”
The solution was particularly well suited to SMMPA’s environment. “I have to give Commvault and their teams a lot of credit for bringing Cleanroom Recovery to our attention,” Sam says. “Our cyber insurance policy is really big on pushing for air-gapped backups and malware scanning at rest, so Cleanroom Recovery was the perfect fit.”
The Value of Confidence
While SMMPA has been fortunate not to face a real-world cyberattack requiring Cleanroom Recovery, the solution provides valuable peace of mind to the team.
“It gives me a more secure feeling that if something happened, we would be able to get back up and running in a reasonable amount of time,” Alan says. “Cleanroom Recovery gives us confidence that we can restore our systems without worrying that something malicious is being brought back with the data. Nothing is ever 100% guaranteed, but since implementing Cleanroom Recovery, I’ve had far fewer concerns.”
The organization conducts annual testing of its Cleanroom Recovery capabilities, with plans to potentially increase the frequency to biannual testing. This regular validation helps keep the team familiar with the recovery process and maintain confidence in its ability to respond effectively to any incident.
“Cleanroom Recovery gives us a more secure feeling that if something happened, we would be able to get back up and running in a reasonable amount of time – without the concern, or with a minimal concern, that there’s something malicious in the data being restored.”
– Alan Wagner, Manager of IT & Corporate Cybersecurity, SMMPA
As SMMPA continues to refine its cybersecurity strategy, Cleanroom Recovery remains a cornerstone of its defense. The straightforward integration with its existing Commvault infrastructure, combined with the specific capabilities that meet its cyber insurance requirements, made it an obvious choice.
Cara Peterson is Voice of the Customer Manager at Commvault.
