UAE & NESA Compliance

The National Electronic Security Authority (NESA) is the federal authority of the United Arab Emirates (UAE) that is responsible for the country’s cybersecurity compliance. In order to protect critical sectors from data loss and data breaches, NESA has implemented a new set of regulations and guidelines.

NESA compliance is mandatory for: 

  • Government organizations 
  • Semi-government organizations 
  • Business organizations that are identified as part of the UAE critical infrastructure. 

Compliance preparation starts with developing and following a data protection strategy. A solid and efficient strategy includes data encryption and wiping.  

NESA Data Encryption & How to Comply

When thinking about NESA compliance, the most significant of the new regulations is the section on Information Assurance Standards (IAS). Out of the 188 security controls listed in the IAS, 35 of them deal with information security. Therefore, it is important to take necessary measures to keep confidential information safe and avoid data breaches.

Data encryption is an effective method of protecting sensitive information from physical and virtual threats – and should be the foundation of every organization’s information security strategy. Data should be encrypted at the source where it is stored and before it migrates outside of controller possession – see NESA encryption requirements.

To help your organization with NESA Compliance, Jetico offers two types of data encryption: 

NESA Data Wiping & How to Comply

There are multiple instances in the NESA regulations that outline the necessity to securely remove or overwrite data once it is no longer needed - review all NESA wiping requirements. These standards include: 

  • T1.4.1: Management of Removable Media 
  • T1.4.2: Disposal of Media 
  • T7.5.2: Protection of Systems Test Data   

In order to comply with these kinds of regulations, organizations must be sure that all of the data in question is removed entirely. Erasing data is more complex than it sounds, and improper removal leads to problematic data remanence (residual representations of data that remain despite removal attempts).

To help your organization with NESA Compliance, Jetico offers two types of software to wipe data beyond forensic recovery:


Need to Get Help with the UAE National Electronic Security Authority (NESA) Compliance?

View all success stories

Thank you for contacting Jetico!
We will respond to you as soon as possible.

Send us a message - we'll reply within 24 business hours.

Need help now? Call Us
US: 202 742 2901 EU: +358 50 339 6388