A simple icon, consisting of a series of links surrounded by a circle, is a common symbol for a connection or hyperlink. The lines of the icon are outlined in a dark black color on the background, with the addition of military elements of the Saudi national identity such as the Ghutra, Shamaa, and Saudi Bisht, to reflect the distinctive local character of Qassim University.
Links to official Saudi educational websites end with edu.sa
All links to official educational websites of government agencies in Saudi Arabia end with .edu.sa.
Black leather minimalist gesture tag, black circular grip, topped with a clear depiction of a Saudi tunic with a shamma and aqal, emphasizing the features of the Saudi bisht. This design symbolizes the concept of security and digital data privacy and reflects the identity of Qassim University.
protocol for encryption and security. HTTPS for encryption and security.
Secure websites in the Kingdom of Saudi Arabia use the HTTPS protocol for encryption.
Digital Government Authority

Registered with the Digital Government Authority with no: 20250413538

Qassim University logo
Open search engine
Search
MyQU Single Sign-On Portal
MyQU

Cybersecurity Management

Cybersecurity controls for remote work

The “Cybersecurity Controls for Remote Work” document, issued by the National Cybersecurity Authority in 2021, serves as the regulatory framework and minimum requirements to enable entities in the Kingdom of Saudi Arabia to conduct their business securely and reliably in cyberspace.

The primary aim of this document is to enhance the cyber resilience capabilities of government entities and sensitive companies against threats and risks that may arise from the transition to flexible digital work environments. These controls shall be mandatory for ministries, government bodies, and institutions and their affiliates, in addition to private sector entities that manage sensitive national infrastructures.

The control structure is based on integration with the “Essential Cyber Security Controls” (ECC-1:2018), consisting of three core components: cyber security governance, cyber security enhancement, and external parties and cloud computing cyber security.

These components give rise to sixteen sub-components aimed at ensuring the documentation of remote work policies, managing associated cybersecurity risks by assessing them at least annually, and providing specialized awareness and training programs for employees on the safe use of systems and handling home networks.

On the technical side, controls focus on protecting assets by managing access identities and permissions, and restricting concurrent access, while emphasizing the necessity of monthly system updates and periodic addressing of technical vulnerabilities.

Requirements also include securing mobile and personal devices (BYOD) through centralized mobile device management (MDM) systems, utilizing advanced encryption algorithms for all network communications, and ensuring remote work systems are hosted within the Kingdom.

The document concludes its requirements with the necessity of continuous 24/7 monitoring of event logs and updating incident response plans to suit the remote work environment, ensuring a swift response to any potential cyber threat.

Suggestions

Single Sign-On Portal
Achievement
E-learning
Email
Directory of services
Query services

Cookies

This website uses special cookies to ensure ease of use, improve your browsing experience, and clarify the terms and policies related to About user privacy. By continuing to browse this website, you acknowledge that you accept the use of cookies and the terms of the Privacy Policy

Accept