July 18, 2025

DORA Oversight Guide: What financial organizations need to know now about encryption and key sovereignty

The new DORA Oversight Guide sets out clear requirements for cloud encryption and key control. Article 5.4.1 shows: Anyone using hyperscalers must be able to prove that they retain sovereignty over their cryptographic keys – even with sub-service providers. The blog shows what counts now and how eperi sEcure helps to be on the safe side from a regulatory perspective.

Accept
Name	LinkedIn and Google Ads
Provider
Purpose
Duration

Accept
Name	WPML Language Selector
Provider
Purpose
Duration

Accept
Name	Hubspot
Provider
Purpose
Duration

Accept
Name	Econda
Provider
Purpose
Duration

Accept
Name	Cloudflare
Provider	CloudFlare Inc.
Purpose	Data will be deleted as soon as they are no longer needed for processing and the operator of this website uses the functions of CloudFlare. Provider is CloudFlare, Inc. 665 3rd St. 200, San Francisco, CA 94107, USA. CloudFlare offers a so-called worldwide distributed content delivery network with DNS. The personal data is transmitted on the basis of Art. 46 GDPR.
Duration	Data is deleted as soon as it is no longer required for processing.
Further information	https://www.cloudflare.com/de-de/gdpr/introduction/

Day: July 18, 2025

DORA Oversight Guide: What financial organizations need to know now about encryption and key sovereignty

We use cookies

Accept
Name	hellotrust
Provider	Keyed GmbH
Purpose	hellotrust stores the user's consent status for cookies on the current domain.
Duration	Data is deleted as soon as it is no longer needed for processing.
Further information	https://hellotrust.de/datenschutz