Digital Operational Resilience Act (DORA)

Introduction

The Digital Operational Resilience Act (DORA) represents a significant milestone in the regulatory landscape for financial services across the European Union. Designed to ensure the stability and security of financial institutions, DORA mandates that firms enhance their IT infrastructures and operational resilience against cyber threats and operational disruptions. This report explores the specifics of DORA, the critical role of data centres in achieving compliance, and how Lunar Digital’s state-of-the-art facilities are optimally positioned to support banks and financial services (FS) companies in meeting these new regulations.

Understanding DORA

DORA is part of the EU’s broader Digital Finance Strategy, aiming to harmonise and strengthen the IT security requirements for financial entities. Key elements of DORA include:

• IT Risk Management: Firms must implement robust IT risk management frameworks to identify, mitigate, and manage risks effectively.
• Incident Reporting: Obligations to report significant IT-related incidents to authorities promptly.
• Operational Resilience Testing: Regular testing of IT systems to ensure resilience against potential disruptions.
• Third-Party Risk Management: Enhanced oversight and management of third-party IT service providers to ensure they adhere to stringent security standards.
• Information Sharing: Facilitating information sharing among financial entities about cyber threats and vulnerabilities.

These requirements necessitate substantial improvements in the IT infrastructure of financial institutions, making the role of advanced data centres more crucial than ever.

The Critical Role of Data Centres

Enhanced Security Measures

• ISO27001 Certification: Ensures compliance with the highest standards of information security management.
• 24x7 Surveillance: Constant monitoring and advanced security protocols, including biometric access and CCTV, ensure physical and cyber security.

Reliable Power and Cooling

• N+N and N+1 Redundancies: These configurations ensure uninterrupted power and cooling, crucial for maintaining operational resilience.
• Dedicated HV Substations: Provides robust and reliable power supplies, with on-site backup generators ensuring continuity during outages.

Advanced Connectivity

• Carrier-Neutral Facilities: Offering access to multiple Tier1 and Tier2 networks, ensuring seamless and resilient connectivity.
• Direct Access to Internet Exchanges: Provides low-latency connections to major internet exchange points, cloud providers, and other data centres.

Compliance and Reporting

• Incident Management Systems: Equipped with tools for real-time monitoring and incident reporting, essential for meeting DORA’s reporting requirements.
• Operational Resilience Testing: Facilities designed to support regular testing of IT systems, ensuring they can withstand and recover from disruptions.

Lunar Digital’s Unique Offering

Lunar 1 & 2 | Manchester

• Ex Equinix site (MA2) acquired in February 2023
• Highly connected facility - 20+ carriers
• 3MW available capacity
• Up to 25kW rack density in dedicated areas, 10kW rack density as standard
• N+N UPS (static)
• 7.5MW generator capacity @ N+1 redundancy

Lunar 5 | London

• 40MW total capacity, currently includes 4 x institutional tenants (Ex Digital Realty site)
• Lunar capacity 2.5MW imminently with 2.5MW additional capacity
• 5 x Tier 1 carriers
• Tier 3 facility
• Within M25 ring, good accessibility to the city

Lunar 3 | Manchester

• Purpose built DC (circa 2014)
• 3 floors
• Fully built out pod environment with capacity for up to 10kW per rack (in-row cooling)
• Zayo, Cogent, EUNetworks on-site
• 2MW Capacity
• N+1 UPS and generator

Lunar 6 | Amsterdam

• City centre location near to Schiphol airport
• Up to 20MW total site power infrastructure with 10MVA committed power supply draw
• 1.7MW immediate availability on ground floor
• Colt/ Lumen, Zayo, EUN, Verizon and key POP for AMSIX & NLIX
• Tier 3 facility

Our data centres are designed with a focus on sustainability and energy efficiency, boasting PUE ratings of less than 1.35, which translates to cost savings for our clients while supporting their compliance with environmental standards.

Summary

The introduction of DORA marks a new era of regulatory compliance for the financial sector, emphasising the need for robust and resilient IT infrastructures. Data centres play a pivotal role in meeting these requirements, providing the security, reliability, and connectivity essential for compliance. Lunar Digital’s state-of-the-art facilities are ideally suited to support banks and financial services firms in navigating the complexities of DORA, ensuring they remain secure, resilient, and compliant.

For more information on how Lunar Digital can support your DORA compliance journey, visit Lunar Digital Data Centres or contact us at info@lunardigital.co.uk.