Due to their dependency on technology, financial service companies are increasingly vulnerable to operational disruption and data loss , including cloud platforms and business applications.
To reduce these risks and to improve operational resilience, the EU enacted the Digital Operational Resilience Act (DORA).
DORA suggests the need for storing backups outside of your primary SaaS application to ensure that they remain insulated from issues affecting the primary data.
In addition, DORA also requires testing the ability to restore and recover from a backup.
When restoring backup data using own systems, financial entities shall use ICT systems that are physically and logically segregated from the source ICT system. The ICT systems shall be securely protected from any unauthorized access or ICT corruption and allow for the timely restoration of services making use of data and system backups as necessary.