Commvault and Pure Storage partner to enable financial institutions in complying with DORA standards
Commvault announced a joint cyber readiness solution with Pure Storage that can play a key role in helping organizations comply with evolving and stringent regulations.
For example, the European Union’s (EU) Digital Operational Resilience Act (DORA), slated to take effect in January 2025, introduces a comprehensive framework focused on ensuring financial entities, including global banks, are not only prepared for unplanned events, but capable of recovering swiftly and effectively.
DORA requires organizations to report on cyber resiliency practices across a host of areas including, but not limited to risk management and operational resilience testing. Together, Commvault’s exceptional data protection and cyber resilience offerings and the innovative Pure Storage Platform help organizations address aspects of these regulations with an integrated solution that assists with compliance and keeps customers’ data secure in the face of cyber-attacks, bad actors, and rising ransomware threats.
Under risk management, DORA identifies several subcategories that financial entities should focus on as part of their strategy for securing customer data. Among them are protection and prevention, detection, and response and recovery. The joint Commvault and Pure Storage solution addresses these categories in the following ways:
- Protection – The Commvault and Pure Storage solution is built on zero-trust principles and includes advanced authentication, storage encryption, and compliance locks to safeguard critical backup data. In addition, the solution has multiple layers of software and hardware immutability, including Pure SafeMode Snapshots and S3 Object Locking on the Pure Storage Platform, for enhanced recoverability and additional protection against cyber threats.
- Detection – Commvault helps organizations easily detect and remediate risks, threats, and unusual activity. With proactive risk scanning, AI-assisted anomaly detection, and cyber deception technology that uses decoy devices to hunt threats, Commvault delivers early warning so organizations can coordinate response and accelerate recovery of clean data.
- Response and recovery – For the most critical systems (e.g., payments), one of the best ways to meet stringent recovery time objectives required by regulations is to use storage-based snapshots. Commvault integrates with Pure Storage to provide rapid recovery of mission critical systems from Pure Storage Platform snapshots that leverage Pure SafeMode.
Commvault also integrates with a wide array of leading cybersecurity and threat intelligence solutions to enable better threat recognition and faster, more coordinated response and recovery.
To address DORA’s operational resilience testing requirements Commvault and Pure Storage deliver the ability to continuously test cyber recovery in secure, isolated environments, so organizations can enhance recovery processes and readiness for breaches or outages. Whether testing is conducted on-demand in cloud-isolated tenants via Commvault’s Cleanroom Recovery solution or within isolated recovery environments with Commvault’s offerings and the Pure Storage Platform, organizations can easily deliver rapid, frictionless recovery of clean data to isolated environments with the flexibility needed to meet operational and data sovereignty requirements.
Enabling organizations to advance resilience is not only applicable to DORA, but supports compliance under other cybersecurity and privacy regulations like the EU’s NIS2 Directive and e-mandates from Reserve Bank of India (RBI) for recurring transactions.
“Commvault and Pure Storage are delivering a globally scalable solution for digital operational resilience,” said Alan Atkinson, Chief Partner Officer, Commvault. “Whether organizations are trying to comply with DORA or the multitude of new regulatory compliance requirements, we combine exceptional detection, forensics, and reporting capabilities with immutable and rapidly recoverable snapshots in one comprehensive solution.”
“The financial sector is under constant threat of cyberattacks that have the ability to undermine economies and consumer confidence. At the same time, cyber regulations are putting stretched IT and security teams to the test,” said Patrick Smith, Field CTO, EMEA, Pure Storage. “Through our partnership with Commvault, we are giving financial institutions critical tools that not only help comply with regulations like DORA but advance their cyber resilience to help ensure enterprise data remains secure, protected, and if necessary, recoverable.”