All federal entities within the UAE including ministries, public corporations, institutions and public bodies are legally required to enforce Information Security policies since the introduction of the UAE Cabinet Resolution No. 21 of 2013.
The resolution is aimed at managing the data security environment in Dubai’s public sector. It provides a legal framework for information security and compels IT departments to enforce security policies to protect their critical data and control its use and movement.
One of the ways it seeks to do this is by requiring the classification of all data assets by employees.
Every federal employee is legally liable for non-compliance with the Resolution and is required to sign an acknowledgment to this effect. Failure to comply could mean fines or even imprisonment for employees.
As if the threat of fines or imprisonment isn’t enough, the Resolution expressly states that ‘every User (who) violates the provisions of this Regulation shall be punished according to the disciplinary sanctions set forth in the human resources laws and regulations applied in the FE he/she works for’ meaning that as well as fiscal sanctions or imprisonment, employees found not to be complying with the Resolution are subject to internal disciplinary regulations and penalties set by their employers.
The Resolution places personal responsibility firmly on the shoulders of Federal employees, requiring federal entities to demand employee classification of all data assets.
Boldon James Data Classification products support UAE Cabinet Resolution No. 21 of 2013 by offering classification capabilities that support the protection of data and drive data security solutions in a way that offers complete confidence and visibility across large and disparate organisations.
- Classifying or labelling data to identify data files that require special handling.
- Alerting users to the sensitive nature of data and ensuring data sharing follows policy guidelines.
- Warning users of sensitive data being sent outside of the business, or preventing this from happening.
Read more about Cabinet Resolution No. 21 of 2013
Data Classification: The First Step to Protecting Unstructured Data