GFS Software’s ZCL (z/OS Cloud Connector) is a solution designed specifically for IBM z/OS mainframe environments, enabling the management and copying of critical data to the cloud.
ZCL helps financial institutions achieve compliance with DORA (Digital Operational Resilience Act) by directly addressing the requirements for Business Recovery and Continuity (Articles 11 and 12) and Backup Data Security.
ZCL’s contribution to DORA compliance can be explained through the following points:
1. Ensuring a Distinct Location and Resilient Backup (Article 12)
DORA requires backups to be stored in an alternative, segregated recovery location to ensure the continuity of critical functions in the event of an interruption at the primary location.
• Mainframe Data Movement to the Cloud: ZCL enables critical mainframe (z/OS) data, which is at the heart of many banks’ operations, to be copied efficiently and continuously (real-time or on-demand) to the cloud (public, private, or hybrid).
• Robust Disaster Recovery (DR): By sending backup copies to the cloud, ZCL helps meet the requirement to have a contingency site that is logically and/or physically distinct from the primary data center, eliminating the need to maintain a costly physical contingency site.
• Multi-Cloud/Redundancy: The ability to copy data to the cloud supports a redundancy strategy, which is fundamental to the operational resilience required by DORA.
2. Backup Security and Integrity (Article 12)
DORA requires that backup data be securely protected to prevent it from being corrupted or improperly accessed during an incident (such as a ransomware attack).
• Encryption: ZCL applies AES-256 encryption (using z/OS security mechanisms such as ICSF and CPACF) during the process of sending data to the cloud, ensuring that data in transit and at rest in the backup is protected.
• Separation/Segregation: By moving backups to a cloud environment separate from the primary mainframe, ZCL creates an isolated copy, crucial to the segregated backup strategy (logical air-gapped) that prevents an attack on the main system from compromising the recovery copy.
3. Rapid and Automated Recovery (RTO and RPO)
DORA focuses on recovery time objectives (RTO) and recovery point objectives (RPO) for critical functions.
• Real-Time Mode: ZCL’s real-time copy functionality to the cloud allows financial institutions to achieve a lower RPO (less data loss) because data is replicated almost instantly.
• Agile Recovery: ZCL’s integration with workflow orchestrators (such as Stonebranch, for example) enables automation of disaster recovery. This automation is vital to accelerating RTO (the time required to reactivate critical functions), a central pillar of DORA’s operational resilience.
DORA Compliance Summary
| DORA requirement | How ZCL Contributes |
| Alternative Recovery Site | Facilitates the transfer of mainframe backups to the cloud, providing a disaster recovery (DR) location separate from the primary data center.. |
| Backup Integrity and Protection | Ensures data encryption (AES-256) before sending and creates a segregated copy in the cloud, defending against ransomware and corruption of the main system. |
| RTO and RPO (Continuity) | Real-Time mode enables a low RPO. The ability to automate recovery with third-party orchestrators accelerates RTO. |
By protecting and isolating backup data from the mainframe environment and ensuring that disaster recovery can be performed quickly and securely, ZCL directly supports DORA’s technical resilience requirements for a financial institution’s most critical ICT assets.