Saudi Arabian Monetary Authority (SAMA) Compliance
The Saudi Arabian Monetary Authority (SAMA) is the central bank of Saudi Arabia. SAMA introduced its Cyber Security Framework in 2017 in order to guide regional organizations on how to effectively maintain the protection of information assets and online services.
All financial institutions regulated by SAMA are responsible for complying with the Cyber Security Framework – including all banks, insurance companies, and finance companies that operate within Saudi Arabia.
Compliance preparation starts with developing and following a data protection strategy. A solid and efficient strategy includes data encryption and wiping.
SAMA Data Encryption & How to Comply
Section 3.3.9 of the SAMA regulations states: “The use of cryptographic solutions within the Member Organizations should be defined, approved and implemented.” The objective of this section is “to ensure that access to and integrity of sensitive information is protected and the originator of communication or transactions can be confirmed.”
The most effective cryptographic solution that organizations can implement is data encryption. By encrypting sensitive information at the source it is stored and before it migrates outside of controller possession, companies are able to protect it from physical and virtual threats.
To help your organization comply with SAMA encryption requirements, Jetico offers two types of software:
- BestCrypt Volume Encryption for superior whole disk encryption
- BestCrypt Container Encryption for selected files and folders
SAMA Data Wiping & How to Comply
The SAMA Cyber Security Framework also has a section titled Secure Disposal of Information Assets. This section outlines that organizations should securely dispose of their information assets when they are no longer required. Permanently deleting data in a secure way is more complex than it sounds, however. The improper removal of data leads to data remanence, which is the residual representation of data that remains after it is deleted by normal means.
To help your organization comply with SAMA wiping requirements, Jetico offers two types of software to wipe data beyond forensic recovery:
- BCWipe Total WipeOut to erase entire hard drives at end of life
- BCWipe to wipe selected files and folders on active systems
Need to Get Help with the Saudi Arabian Monetary Authority (SAMA) Compliance?
Thank you for contacting Jetico! We will respond to you as soon as possible.
Send us a message - we'll reply within 24 business hours.
Need help now? Call
US: 202 742 2901