Azul ensures Java solutions comply with DORA EU standards

Azul has announced that its Java-focused solutions meet the requirements set by the European Union's Digital Operational Resilience Act (DORA), supporting financial institutions in achieving compliance.

DORA aims to enhance the digital resilience of financial entities and mitigate risks related to Information and Communications Technology (ICT). The regulation requires institutions to be resilient against ICT-related disruptions, whether internal or stemming from external service providers. Java's dominance in the financial services industry makes compliance crucial, with 51% of industry code being written in the language.

Azul's long-term support Java versions include security updates for older versions, ensuring stability under such regulatory scrutiny. The company's offerings are designed to provide security, reliability, and compatibility with modern architectures, aiding financial institutions in adhering to DORA's stringent standards.

DORA compliance is significant as non-compliance could lead to corporate fines up to 2% of annual turnover, with potential fines for individuals reaching up to €1,000,000. These regulations extend beyond EU financial entities, affecting global organisations engaging in EU business as well as third-party service providers.

Crucyble, an information security consulting firm, assessed Azul's compliance efforts. "Azul has made considerable efforts to comply with the Digital Operational Resilience Act (DORA) EU by implementing a robust governance framework, risk management protocols, incident response capabilities, and third-party risk management strategies. Through continuous monitoring, regular testing, including penetration tests, and comprehensive plans for ICT resilience and recovery, Azul demonstrates a strong commitment to ensuring operational continuity and resilience."

"The company is actively addressing the requirements of DORA EU to support its financial customers in maintaining operational integrity and security. Azul's proactive stance ensures it is well-equipped to meet the evolving challenges of ICT risk management and digital operational resilience, reinforcing its readiness to support customers in complying with the DORA EU framework."

Azul's full support for OpenJDK distributions includes ensured security updates, vulnerability monitoring, and expert migration guidance, aiming to support customer compliance efforts.

To assist financial institutions in their DORA compliance, Azul has laid out five critical actions for the use of Java applications and infrastructure. These involve establishing an ICT risk management framework, setting up an incident reporting mechanism, conducting regular testing, enhancing third-party risk management, and facilitating cyber threat information sharing.

James Johnston, Vice President of EMEA at Azul, commented, "As a trusted partner to our customers, we understand the complex challenges financial institutions face in meeting these stringent requirements. With Java powering most critical financial systems, unsupported or vulnerable Java infrastructure puts DORA compliance at risk. Our solutions enable companies to accelerate their compliance efforts while reducing costs and complexity—critical factors given the rapidly approaching deadline."