Configuración de Cookies

Utilizamos cookies propias y de terceros para analizar nuestros servicios y mostrarte publicidad relacionada con tus preferencias en base a un perfil elaborado a partir de tus hábitos de navegación (por ejemplo, páginas visitadas). Puedes aceptar todas estas cookies pulsando el botón ACEPTAR o configurarlas o rechazar su uso clicando en el apartado CONFIGURACIÓN DE COOKIES.

Si quieres más información, consulta la Política de Cookies y Lista de Cookies de nuestra página web.

Sus preferencias





ACEPTAR TODAS
ACEPTAR SÓLO NECESARIAS
GUARDAR CONFIGURACIÓN
VSaaS
Contact

Why DORA matters to you If you’re in the financial sector

DORA

Jordi Gallego
Sales Director
Telecommunications engineer

07 November, 2024

Share

Table of contents

From 17 January 2025, financial sector businesses operating within the European Union will need to comply with a new regulation: the Digital Operational Resilience Act (DORA).

This regulation introduces a mandatory framework to ensure the security and resilience of digital systems against cyberattacks and technical failures. Banks, insurers and crypto asset providers will all have to meet these new protection standards.

Failure to comply could result in fines of up to 10 million euros or 5% of the company’s annual turnover.

What does the DORA regulation require?

DORA sets out technical requirements across four key areas, all designed to ensure financial institutions can effectively manage, withstand and recover from digital incidents. These areas are:

  1. ICT risk management and governance: financial institutions must establish robust frameworks for managing technology-related risks. This includes identifying and classifying critical assets, conducting continuous risk assessments and applying appropriate cybersecurity measures.
  2. Incident reporting: institutions must set up systems for monitoring and managing ICT-related incidents. They are required to notify the relevant authorities and affected parties, ensuring proper classification of each incident. Initial and final reports detailing the incident’s impact must also be submitted.
  3. Digital operational resilience testing: financial institutions must regularly test their systems to identify vulnerabilities. These tests should include security assessments and simulated cyberattacks.
  4. Third-party risk management: institutions must actively manage the risks posed by their ICT service providers. This includes establishing clear contracts and exercising rigorous oversight over their supply chains.

Lanaccess: aligned with DORA

Lanaccess teams are fully aligned with European regulations for several key reasons, including:

Data confidentiality and availability

  • Secure protocols: we implement HTTPS, FTPS and SSH, along with our own encrypted protocols, to ensure the confidentiality of data.
  • Granular access control: access permissions are configured so each user only has access to the information they need, following the principle of least privilege.
  • Software and firmware encryption: we protect applications and recordings by encrypting them, ensuring that only decryption tools authorised by Lanaccess can access the data.

Network integrity and information protection

  • Firewall functionality on each device: we provide additional security by preventing unauthorised access and blocking external attacks.
  • Alert systems for unusual activity: if any misuse occurs, our system sends immediate alerts, enabling a fast response to potential threats.
  • On-premises storage: surveillance footage is stored within the client’s own network, minimising the risks of cloud storage and ensuring direct control over the data.

Vulnerability prevention and audits

  • Regular audits: we perform continuous penetration tests and vulnerability assessments to ensure that all CCTV systems are secure from potential attacks.
  • Frequent software and firmware updates: software is regularly updated to stay ahead of new threats. These updates are carried out in the background to minimise service disruptions.

What’s more, Lanaccess’s video surveillance systems run on an operating system that differs from Windows, reducing exposure to the most common threats and providing an additional layer of security.

Ongoing adaptation to security regulations

At Lanaccess, our dedicated R&D+I team is responsible for adapting our CCTV systems to the evolving security regulations within the European Union. This approach not only ensures compliance with current standards but also prepares us to respond to future cybersecurity regulations, thereby safeguarding service continuity and data protection.

Conclusion

The enforcement of the DORA regulation is a significant milestone in ensuring digital security within the European Union’s financial sector, setting high standards to safeguard against cyberattacks and technical failures. This regulatory framework mandates that financial institutions and video surveillance technology providers implement robust, cybersecure systems to protect both customer data and operations.

At Lanaccess, we ensure that CCTV equipment and the data it handles are always secure and protected, assisting financial institutions in complying with DORA and mitigating potential digital threats.

Protect your financial organisation with our robust, cybersecure video surveillance
technology. Find out how we can help you meet the regulatory requirements.

Categories

It may interest you

© Copyright Lanaccess 2023   |   BCM Marketing Agencia

Legal note   |   Privacy Policy   |   Cookies policy   |   Cookie settings