Commvault, Pure Storage Partner to Help Financial Firms Navigate DORA

Financial institutions today face unprecedented challenges in maintaining operational resilience and data security. These organizations are all reliant on technology, and they're responsible for handling and storing large amounts of sensitive data, making them prime targets for ransomware and other cyberattacks.

Attacks like these not only put the sensitive data and financial interests of customers at risk, but also the operations and services they provide that are heavily relied upon by other sectors. Because of this breadth of impact, the European Union has enacted strict new rules in the form of the Digital Operational Resilience Act (DORA), a critical regulatory framework designed to set up the financial sector to withstand all types of ICT-related disruptions and threats.

DORA is designed to enforce the highest standards of resilience and readiness, requiring banks, insurance companies, investment firms, and other financial entities to implement advanced strategies for risk management, incident reporting, information sharing, and continuous operational resilience testing.

Pure Storage and Commvault have come together to build a joint solution that helps these organizations enhance their cyber resilience practices and address two key pillars of DORA: risk management and digital operational resilience testing. The solution is built by integrating the leading cyber resilience capabilities of Commvault Cloud with the highly secure, high-performance Pure Storage platform.

At the core of the solution is a modular design with four distinct components. As we understand that organizations inevitably will be at varying stages of maturity in their operational resilience practices, this is not a one-size-fits-all offering. Pure and Commvault have intentionally designed the solution so these different components can be added and scaled independently as organizations and their resilience practices mature and compliance requirements change.

The components of the solution include:

• The foundational piece, a cyber resilient vault that is air-gapped, isolated, and immutable, and has internal controls that limit communication when not in use.
• Isolated recovery environments for validating clean recovery, digital forensics, or to continuously test cyber recovery practices.
• A rapid recovery tier to restore operations to Tier 1 applications quickly, whether to an on-premises location or to the cloud.
• An ultra-low RTO recovery tier leveraging storage-based snapshots for near-instant restoration of mission-critical applications (e.g. payments).

The solution addresses articles in DORA through several key capabilities, including (but not limited to):

• Identification of sensitive and at-risk backup data
• Security built on zero-trust principles with encryption and immutability to prevent unauthorized access to data
• Proactive, AI-assisted threat detection and cyber deception to hunt threats for faster response
• Fast, flexible recovery of clean data
• Support for continuous testing of cyber recovery practices, including to on-demand cloud cleanrooms (with Commvault® Cloud Cleanroom™ Recovery) or to isolated recovery environments on-premises with Pure Storage FlashArray™ or FlashBlade® systems.

The result is assisting financial institutions in transforming their cyber readiness and operational resilience practices to meet aspects of DORA's compliance requirements.

While the primary focus of this collaboration is to help financial institutions fulfill DORA's operational resilience requirements, the principles and technologies employed are globally relevant. This makes the solution an ideal choice for financial institutions worldwide that are looking to enhance their operational resilience and data security to ensure theircustomers' private information is safe and they can provide uninterrupted services to the people, companies, and industries that depend on them.

As the financial sector continues to navigate through digital transformation, the importance of operational resilience cannot be overstated. This new Pure Storage and Commvault solution is purpose-built for cyber resilience and can aid financial institutions in their DORA compliance efforts. By integrating components of this solution into their operations, financial institutions can help protect themselves against ICT threats, enable continuous business, and foster trust among their customers and stakeholders.

For more information on operational resilience in financial services and the Pure Storage and Commvault partnership, click here.

Public link

Please use the above public link if you want to share this noodl on another website.