Data Cybersecurity Policy
General Terms:
· King Saud University complies with the relevant legislative and regulatory requirements for data protection in the Kingdom of Saudi Arabia, in addition to the university's approved policies and procedures.
· The university periodically identifies and updates the cybersecurity requirements for data.
· The university ensures the efficient management of cybersecurity requirements in accordance with the human resources cybersecurity policy and asset management policy.
· The university is committed to protecting mobile devices in accordance with the mobile device security policy.
· The use of university data in any environment other than the production environment is prohibited, unless a risk assessment is conducted and appropriate security controls are applied, such as:
- Data Masking techniques.
- Data Scrambling techniques.
· The university defines the necessary technologies, tools, and procedures for securely disposing of data in accordance with classification levels.
· The university adopts secure methods for extracting and transferring data, as well as extracting and transferring virtual infrastructure.
Classification and Secure Handling of Information:
University data is classified according to the approved data classification policy.
Employees must avoid discussing university data in public places or any location where such discussions may be overheard, and discussions should be limited to the university premises or secure areas within it.
Data stewards, appointed by the university, are responsible for classifying and handling data according to this policy.
The storage of classified data (Confidential, Highly Confidential) on portable storage media such as external hard drives or USB drives is prohibited, regardless of the encryption level.
The input, processing, modification, storage, or transfer of classified data (Confidential,Highly Confidential) on employees' personal devices (BYOD) is prohibited unless the data pertains to the employee's own personal information.