In 2021 the UAE announced a new federal data protection law that came into force on 2nd January 2022. Executive regulations are due to be announced in March and then companies will have six months to comply with the laws (although this period can be extended by cabinet decision).
The law applies to all businesses in the UAE that are processing the personal data of residents of the of country. Businesses who collect data from UAE residents on behalf of other companies also need to be compliant with the new regulations.
Government entities, health organisations and credit bureaus will not be subject to the law. Businesses based in Dubai International Financial Centre and Abu Dhabi Global Market are also exempted as they have their own data protection regulations.
There is a broad range of data that will be covered under the new decree, mostly personal and sensitive data. The following are covered:
The law defines what businesses need to do to comply with the Personal Data Protection Law:
The basic principles of the law are largely consistent with global data protection regulations such as the GDPR law and more details are expected in the coming weeks.
Keeping data secure and confidential is one of the key obligations of the new Personal Data Protection Law. If your network is not using the latest technology to secure it there's a high risk your data could be compromised leading to you falling foul of the regulations. At Orixcom our recommendation for highly secured networks is to move to an is overall SASE solution (Secure Access Service Edge), such as Cisco Umbrella. Within this journey there are several elements required to secure different vulnerable aspects of data, such as deploying strong multi-factor authentication before granting access to applications that may contain personal information. As well as verifying your users' identities this can also check the security hygiene of devices. Duo is an excellent example of a best-in-class MFA security solution that can be deployed rapidly.
The complete Managed SASE solution comprises of DNS-layer security, secure web gateway, firewall, cloud access security broker, remote browser isolation, dato loss prevention, multi-factor authentication and cloud malware detection.
Make sure your business is security compliant. Speak to one of our experts today about how we can protect your client's data and secure your network.