Prince Sultan University PSU
Policy Management System
Guest User Policy

Policy Code: IT0003
Policy title: Guest User Policy
Owner: Vice President for Academic Affairs
Responsible Office/Department: Deanship of Digital transformation
Approved by: University Council
Date Created: February 02, 2017
Recent Review:
Effective date:

POLICY STATEMENT

A Guest User is authorized to use PSU IT services with compliance with the ITC Policies and under a certain limit of authorization. The Guest User might be granted access to use computers in selected areas.

BACKGROUND AND JUSTIFICATION

Guests often need temporary access to the PSU’s digital resources, be it Wi-Fi or other media, to facilitate productive collaboration. However, without a structured framework to govern this access, the organization's network and data can become vulnerable to unintentional breaches or misuse. Recognizing the balance needed between hospitality and security, the Guest User Policy has been developed to address these concerns.

SCOPE AND PURPOSE

The scope of this policy is only for PSU guests.

For students, companies, vendors, auditing, and other purposes many external users need organization network access. For supporting them, the PSU ITC gives them the right to use its resources with compliance with the ITC Policies. These kinds of users are authorized to a limited extent.

PRINCIPLES OF THE POLICY

  • Limited Access: Guests will be provided access to only those resources that are essential for their tasks, ensuring unnecessary parts of the network remain secure.
  • Defined Duration: Access to network resources will be time-bound, expiring after a set period or upon the completion of the guest's task.
  • Accountability: All guest activities on the network should be traceable, ensuring individuals are accountable for their actions.
  • Secure Connectivity: Any connection established by guests should be encrypted and secure to protect both the guest's data and the organization's resources.
  • Data Protection: Guests must adhere to the PSU’s data protection standards, ensuring that sensitive information remains confidential and is not exported or shared inappropriately.
  • Acceptable Use: Guests should comply with a defined Acceptable Use Policy, refraining from any activities that might harm the organization's systems or reputation.
  • Immediate Revocation: The organization retains the right to immediately revoke guest access in the event of any policy violations or security concerns.
  • Regular Review: The Guest User Policy, along with granted accesses, should be reviewed periodically to ensure relevance and security.
  • Clear Communication: Guests must be clearly informed about the policy's terms and their responsibilities before being granted access.
  • Integration with Other Policies: The Guest User Policy should work cohesively with other organizational security and IT policies.

DEFINITIONS

  • Guest User: Any non-employee or non-student needing temporary access to the PSU’s systems such as visitors.
  • Digital Resources: Electronic assets, like networks, computers, and software, owned or managed by PSU.
  • Network Access: Connection capabilities to the organization's electronic network, including Wi-Fi and wired connections.
  • Authentication & Authorization: Verification of a guest's identity and determination of their specific access permissions.
  • Acceptable Use: Set behaviors a guest is allowed to engage in while using the organization's resources.
  • Access Credentials: Unique identifiers, like usernames or temporary badges, for guest access.
  • Session & Expiry: The active connection period and its predefined ending time for guest access.
  • Incident: Any violation of the policy that might harm the organization's digital integrity or reputation.
  • VLAN: A VLAN segments devices into separate networks within the same physical infrastructure, enhancing security and network efficiency.

RESPONSIBILITIES AND IMPLEMENTATION STRATEGIES

  • Credential Provisioning:
    1. Provide temporary access to IT systems and resources.
    2. Set up automated expiration of credentials after guest's intended usage.
  • Network Access:
    1. Offer guests isolated network segments or VLANs.
    2. Limit their access to critical internal systems.
  • System Monitoring:
    1. Track guest activities on IT resources in real-time.
    2. Alert IT personnel of any unusual system or network behavior.
  • IT Policy Orientation:
    1. Inform guests about IT usage rules and boundaries.
    2. Obtain their acknowledgment before granting system access.
  • Incident Management:
    1. Detail procedures for IT-related violations or issues caused by guests.
    2. Ensure rapid response and resolution by the IT team.
  • Software & Hardware Access:
    1. Grant temporary permissions for required software/tools.
    2. Limit physical access to critical IT hardware.
  • Review & Feedback:
    1. Analyze guest IT access logs periodically.
    2. Solicit feedback from guests to improve the IT experience.

PROCEDURES FOR HANDLING POLICY VIOLATION

Any violation of this policy will make the subject susceptible disciplinary actions with the Enforcement section of the ITC Unauthorized Use Policy.

https://www.psu.edu.sa/en/IT0002-unauthorized-use-policy

https://www.psu.edu.sa/en/cop005-disciplinary-policy

REFERENCES

https://www.psu.edu.sa/en/cop005-disciplinary-policy