The Five Pillars of DORA

DataLenz is a state-of-the-art risk management platform that integrates seamlessly into your existing workflow, monitoring the data access stream continuously to detect out-of-bounds events you define.  Our software is designed not only to detect problems, but to give you the information you need in real time to contain and prevent rogue activity.  

New features include Geofencing and Geolocation so you can restrict access to or from regions you pre-define.  In addition to geolocating the User, our Alert Engine records all details related to the time & date of access, user ID, what is being accessed and other information for every login.  If anything is ‘out of bounds’ for a user, DataLenz has a powerful tool – ‘The Hammer’.  In the extreme case of a perceived attempted data breach, ‘The Hammer’ can be programmed to terminate a User’s login immediately, and simultaneously notify your IT Security Team of all the details so they can follow up with appropriate action.  

Providing tools to detect and deter cyber-risks is the prime directive for us.  But we’ve designed it to assist you in complying with DORA’s Five Core Pillars.  Real-time incident response and transparent audits empower businesses to navigate DORA standards confidently, while safeguarding data integrity and fortifying regulatory adherence.  Our team has developed a solution that not only adheres to the requirements of DORA but also enhances the operational resilience of businesses.

DORA’s Five Core Pillars

1. ICT Risk Management & Governance

Requires organizations to develop a plan of how to respond to ICT security incidents effectively and immediately. 

 DataLenz is engineered to ensure that financial entities can effectively manage ICT risks and maintain robust protocols as mandated by DORA. With our software, institutions can confidently report incidents promptly and conduct operational resilience testing to minimize the impact of ICT disruptions.  We have integrated features for regular testing of your data access stream, which are essential for maintaining compliance with DORA's framework.  DataLenz monitors access to your server continuously.  Our Alert Engine records the details associated with each user and the information can be viewed in real time with the DataLenz Dashboard.  If anything is ‘out of bounds’ for that user, an alert is logged, your IT Security Team is notified of the anomaly or breach; and the data access can be terminated immediately in real time.  Being armed with as much information as possible enables you to restore operations effectively and if applicable, amend your corporate strategy for risk management and governance.  

2. Incident Reporting

This regulation defines how an organization will report ICT-related security incidents for the future.

The DataLenz Alert Engine database can be queried to get the specific information needed to report ICT-related security incidents required by DORA, as well as for generating routine or investigational internal reports.  Whether it’s a routine event or an exception e.g. a data breach, each incident will have the associated data of who is the user, when and where it occurred, the type of breach and what action was taken.  Another tool is our advanced analytics engine which monitors and analyzes your DevOps metrics in real-time, offering actionable insights to improve performance.  Your Security Team can review this information to determine whether any rules need to be modified.

3. Digital Operational Resilience Testing

Provides guidance on testing current recovery strategies to uncover potential vulnerabilities.

Using the DataLenz Dashboard, your Security Team can monitor the actual data stream in real time, but they can also generate anomalous data access attempts to test the system.  The Team can then evaluate any specific situation and adjust the rules for that specific User.  If a change is needed - e.g. when to send an alert of an exception; or when to have ‘The Hammer’ terminate the login connection immediately before any damage can be done, the change can be implemented immediately.   

4. Third Party Risk Management

DORA emphasizes a risk-based and proactive approach to maintain operational stability and evaluate access anomalies.

With a focus on robust data security risk management protocols, our software facilitates incident prevention, detection, and containment, aligning with DORA's stringent requirements for operational resilience. Continuous monitoring of your data stream ensures that your vendors’ activities seamlessly align with your security requirements.  Your IT Security Team can view the activity in real time to get a feel for what is occurring.  The rules set to detect anomalies, attempted breaches or otherwise ‘out-of-bounds’ activity will be well-documented and acted upon based on lessons learned from results of your IT groups’ operational tests.  And anomalies can be addressed in real time with the offending party.

5. Information Sharing

Mandates businesses to actively participate in sharing information concerning cyber threats and vulnerabilities as they are identified. while safeguarding sensitive data. 

Because DataLenz monitors and reports in real time, any incident data can be shared immediately with other businesses.  Sensitive data can be safeguarded by selecting only the information to be shared from the Data Alert Engine logs.  A healthy security strategy must contain the tools required to report on incidents in order to reduce the downtime of a required recovery window.  Being able to pinpoint the exact moment data was accessed is critical for determining when an unauthorized access occurred and from where to restore it.  DataLenz takes this further by identifying the user responsible for the incident.