Why your business may not be security compliant and what to do about it

Why your business may not be security compliant and what to do about it

In 2021 the UAE announced a new federal data protection law that came into force on 2nd January 2022. Executive regulations are due to be announced in March and then companies will have six months to comply with the laws (although this period can be extended by cabinet decision).

Who does the law apply to?

The law applies to all businesses in the UAE that are processing the personal data of residents of the of country. Businesses who collect data from UAE residents on behalf of other companies also need to be compliant with the new regulations.

Government entities, health organizations and credit bureaus will not be subject to the law. Businesses based in Dubai International Financial Centre and Abu Dhabi Global Market are also exempted as they have their own data protection regulations.

What is covered?

There is a broad range of data that will be covered under the new decree, mostly personal and sensitive data. The following are covered:

  • Name
  • Voice
  • Picture
  • Identification number
  • Race
  • Ethnicity

  • Religion
  • Sexual preference
  • Biometric data
  • Criminal record
  • Health records
  • Geographical location

Corporate Obligations

The law defines what businesses need to do to comply with the Personal Data Protection Law:
  • Comply with new controls for the processing of personal data
  • Secure personal data and maintain its confidentiality and privacy
  • Only collect data for a specific and clear purpose
  • Refrain from processing of data without consent
  • Amendments and erasure of data at subject's request
  • Cessation of processing data at subject's request
  • Comply with cross border sharing policies
The basic principles of the law are largely consistent with global data protection regulations such as the GDPR law and more details are expected in the coming weeks.

How IANCON.NET can help?
Keeping data secure and confidential is one of the key obligations of the new Personal Data Protection Law. If your network is not using the latest technology to secure it there's a high risk your data could be compromised leading to you falling foul of the regulations. At IANCON.NET our recommendation for highly secured networks is to move to an is overall SASE solution (Secure Access Service Edge), such as Cisco Umbrella. Within this journey there are several elements required to secure different vulnerable aspects of data, such as deploying strong multi-factor authentication before granting access to applications that may contain personal information. As well as verifying your users' identities this can also check the security hygiene of devices. Duo is an excellent example of a best-in-class MFA security solution that can be deployed rapidly.

The complete Managed SASE solution comprises of DNS-layer security, secure web gateway, firewall, cloud access security broker, remote browser isolation, dato loss prevention, multi-factor authentication and cloud malware detection.

Make sure your business is security compliant. Speak to one of our experts today about how we can protect your client's data and secure your network.

Ajmal Muhammad 可汗
Ajmal Muhammad 可汗 I am Open-Source Advocate, Cloud Consultant, I have experience in Digital Transformation, Security, Data Analytics, ML/AI, PMO, Product Managment focused on Growth Strategies and enhanced customer experience and Experience design. I’m passionate about creating usable digital products. I have worked with incredibly talented people across different companies. Skilled in Entrepreneurship, Startup, Open Source, Digital Transformation, Cloud, Security, Data Analytics, AI/ML Consulting, Investment Valuation, Seed Capital, Board of Directors and Advisory. Strong business growth professional with a Postgraduate Diploma focused on International Business from University of Cambridge. |► Connect with me on | linkedin