DORA

Overview

The Digital Operational Resilience Act (Regulation (EU) 2022/2554) — also known as DORA — establishes a unified framework across the European Union (EU) to strengthen the digital resilience and cybersecurity of financial entities and their critical technology service providers.

The regulation enters into force in January 2025 and applies to all EU member states directly.

Daktela, as a European provider of cloud contact center and communication platforms, aligns with the principles and requirements of DORA. Our infrastructure, security practices, and operational processes are designed to ensure the stability, confidentiality, and availability of digital services in accordance with EU regulatory standards.

Scope and Applicability

DORA applies to:

• Financial institutions and regulated entities such as banks, insurance companies, investment firms, and payment institutions.

• ICT service providers delivering critical functions to these institutions, including communication platforms, hosting, and data management solutions.

Daktela operates within this framework as a trusted ICT service provider supporting financial institutions across Europe.

Daktela’s Compliance with DORA Requirements

1. Data and Operational Security

• Daktela operates its own cloud infrastructure within the European Union (Czech Republic), fully managed by Daktela without reliance on public cloud providers.

• All data transfers are encrypted using TLS, HTTPS, and IPSec protocols and are subject to regular penetration testing.

• System operations include comprehensive logging, event auditing, and real-time traceability of administrative access.

• Monitoring tools such as Wallboards and Activity Logs ensure full visibility into system performance and user interactions.

2. Access and Identity Protection

• Users can enable Two-Factor Authentication (2FA) for enhanced account security.

• The system automatically detects and blocks suspicious login attempts.

• Administrators can centrally manage user permissions, monitor active sessions, and review access history through built-in management tools.

3. Business Continuity and Operational Resilience

• Daktela maintains geographically separated data centers to ensure redundancy and high availability.

• Real-time data replication and backup allow rapid recovery in the event of an incident.

• The company guarantees an SLA uptime of up to 99.9%, with clearly defined response and recovery times.

• Failover mechanisms enable seamless transition to backup systems if a disruption occurs.

4. Risk and Supply Chain Management

• Daktela conducts regular internal and external security audits in line with ISO 27001 and industry best practices.

• All infrastructure changes and software updates are verified and tracked through our internal ticketing and change management systems.

• Clients are informed transparently through public Release Notes and maintenance notifications.

5. Communication and Call Recording Security

• Call recordings are securely stored within Daktela’s EU-based environment, with retention periods configurable according to local legal or regulatory requirements (typically 3 months to 10 years).

• Access to recordings is strictly role-based, with audit logs for every access or export event.

• Integrated AI transcription and AI-based Quality Assurance (QA) tools allow analysis of communications without transferring data to external systems.

Why Daktela Is Prepared for DORA

Daktela’s architecture and policies align with the main pillars of DORA:

Summary

By maintaining full control over its infrastructure, prioritizing data protection, and implementing robust operational processes, Daktela meets the technical and procedural expectations defined by DORA.

Our commitment to transparency and security ensures that clients in the financial sector can rely on Daktela as a compliant and resilient partner for their critical communication systems.