Commvault, a leading provider of cyber resilience and data protection solutions for hybrid cloud, has announced today a partnership with Pure Storage to offer a joint cyber preparedness solution that will play a key role in helping organizations comply with constantly evolving and increasingly stringent regulations.
A clear example is the Digital Operational Resilience Act (DORA) from the European Union (EU), which will come into effect in January 2025. This regulation introduces a comprehensive framework focused on ensuring that financial entities, including global banks, are not only prepared for unforeseen events, but also able to recover quickly and effectively.
DORA requires organizations to report on cyber resilience practices in various areas, including risk management and operational resilience testing. The joint solution from Commvault and Pure Storage stands out for providing exceptional data protection and advanced cyber resilience capabilities, helping organizations address key aspects of these regulations with an integrated solution that ensures compliance and keeps customer data secure from cyber attacks, malicious actors, and the growing threat of ransomware.
A comprehensive approach to risk management:
DORA identifies several subcategories within risk management that financial entities must focus on to protect customer data. The joint solution from Commvault and Pure Storage addresses these areas as follows:
1. Protection: The solution is based on zero-trust principles and includes advanced authentication, storage encryption, and compliance locks to safeguard critical data backups. It also features multiple layers of immutability in both software and hardware, such as Pure’s SafeMode™ snapshots and S3 object locking on the Pure Storage platform, providing enhanced resilience and additional protection against cyber threats.
2. Detection: Commvault helps organizations proactively detect and remediate risks, threats, and unusual activities. With risk scanning technologies, AI-assisted anomaly detection, and deception technology using decoy devices to hunt threats, the solution offers early warnings, enabling organizations to coordinate responses and accelerate clean data recovery.
3. Response and Recovery: For critical systems (such as payments), one of the best ways to meet the strict recovery time objectives required by regulations is to use storage-based snapshots. Commvault integrates with Pure Storage to provide fast recovery of critical systems through Pure Storage platform snapshots leveraging Pure SafeMode features.
Compliance and operational resilience testing:
To address DORA’s operational resilience testing requirements, Commvault and Pure Storage offer the ability to continuously test cyber recovery in secure and isolated environments. This allows organizations to enhance their recovery processes and be better prepared to handle security breaches or disruptions. Whether tests are conducted on-demand in isolated cloud environments using Commvault’s Cleanroom Recovery solution, or within isolated recovery environments with Commvault solutions and the Pure Storage platform, organizations can ensure quick recovery of clean data in isolated environments, complying with operational and data sovereignty requirements.
Beyond DORA: Applications to other regulations:
The move towards greater resilience is not only applicable to DORA. The joint solution from Commvault and Pure Storage also supports compliance with other cybersecurity and privacy regulations, such as the EU’s NIS2 Directive and the Reserve Bank of India’s electronic mandates for recurring transactions.
In summary, the collaboration between Commvault and Pure Storage offers financial institutions a powerful solution to meet the demands of cyber resilience and risk management imposed by DORA and other international regulations. With advanced protection, detection, and recovery capabilities, this integrated solution is key to ensuring data security and operational continuity in an increasingly complex cyber threat environment.