UAE & NESA Compliance
Discover, protect and securely erase sensitive data – meeting NESA's Information Assurance Standards across the UAE's critical sectors.
Meet NESA’s Data Protection Requirements with Jetico’s Solutions
The National Electronic Security Authority (NESA), now part of the UAE Cyber Security Council, established the Information Assurance Standards (IAS) to protect the UAE‘s critical sectors from data loss and breaches. The standards are widely referenced as NESA standards and remain in force across government, semi-government and critical infrastructure organizations.
Before sensitive data can be protected or erased, it must first be located. A practical NESA strategy starts with data discovery, then applies encryption to data that must be retained and secure wiping when data is no longer needed.
NESA Data Wiping
- Multiple instances in the NESA regulations outline the necessity of securely removing or overwriting data once it is no longer needed—review all NESA wiping requirements.
- Security controls and standards for data wiping:
“T1.4.1: Management of Removable Media”
“T1.4.2: Disposal of Media”
“T7.5.2: Protection of Systems Test Data” - To help your organization with NESA compliance, we offer BCWipe to securely remove selected files and folders and BCWipe Total WipeOut to erase entire hard drives.
NESA Encryption
- NESA states that organizations should implement a strong encryption program to protect data at rest – review NESA encryption requirements.
- Security controls and standards for data encryption:
“IS.5.7”
“IS.5.9-IS.5.11”
“IS.11.11”
“IS.12.6” - To help your organization with NESA compliance, we offer BestCrypt Container Encryption to safeguard files and folders and BestCrypt Volume Encryption to protect entire hard drives.
Data Discovery & Classification – Your First Step to NESA Compliance
Compliant with Leading Data Erasure & Security Standards
With Jetico, You Can
Jetico helps you discover where sensitive data resides, protect it while it’s needed and securely erase it when it’s no longer required – supporting every stage of the data lifecycle NESA expects you to control.
Need Help to Comply with NESA?
Our data protection specialists are here for you.
About NESA Compliance
When thinking about NESA compliance, the most significant of the new regulations is the section on Information Assurance Standards (IAS). Out of the 188 security controls listed in the IAS, 35 of them deal with information security. Therefore, it is important to take necessary measures to keep confidential information safe and avoid data breaches.
Complying with NESA standards is a legal requirement for various entities operating within the UAE:
- Government organizations
- Semi-government organizations
- Business organizations that are identified as part of the UAE critical infrastructure
Be sure to check out our other blogs covering compliance strategies and best practices, and learn how to meet data wiping and encryption guidelines for NESA compliance.
News & Blogs
Stay updated with the latest news, insights, trends and expert tips on data protection and cybersecurity.
Check back here regularly for news and blogs