Services of the E-Transactions and Communications Center
IT Center provides a number of services for students, faculty, and staff of Riyadh Elm University. Scroll down or click any one of the boxes below for more information about service areas.
Your audio/visual technology support center.
Audio/Visual Solutions provides support and maintenance, consultation, design, installation, and training for a variety of audio/visual resources, including classrooms, conference rooms, digital signage, and technical support for live events.
- Consultation, design, maintenance and support of multimedia classrooms and conference rooms
- Computer support for multimedia classrooms
- Clicker troubleshooting
- Individual or group workshops on use of multimedia systems
- Development of operation manuals for multimedia systems
- Development of systems for special display mediums with A/V controls
- Set-up and operation of PA and/or video projection systems for University-related events
- Short-term rental of some portable equipment
Report an Issue
To report an issue with a classroom, a digital sign, or part of the Indoor Emergency system:
- Email firstname.lastname@example.org
Gmail is the email service for students at The Riyadh Elm University.Gmail is hosted by Google, meaning students have all the benefits of using Gmail. Email addresses use the format (userID@riyadh.edu.sa), and accounts are lifelong with no expiration. Anyone who has ever taken a class at REU since the service was started has a Gmail account, including current faculty and staff. G-Mail is accessed using the same login credentials as REU systems. Your REU G-Mail account comes with all of the perks of a Gmail account. Along with your Gmail address, your account also includes access to Google Calendars, Google Hangouts, as well as Google Drive and Docs, although we recommend Box unlimited cloud storage for your document storage and sharing needs
Faculty and Staff Email
Add REU Gmail to Your Mobile Device
iPhone and iPad
- From your Home Screen, tap Settings
- Tap Mail
- Tap Accounts
- Tap Add Account
- Tap Google
- Enter your REU email address
- Tap Next
- Enter your REU username and password
- Tap Submit
- If you have an active REU account, REU will need to verify your device with a notification when adding a gmail account to your device.
- Select which items you would like to sync to your phone.
- Tap Save
Android Phones and Tablets
- Open Settings on your device
- Select Accounts & sync
- Select Add Account
- Select Google
- Sign in with your REU Account and REU password
- Tap Next
- Select which items you would like to sync to your phone
- For your email, select Gmail
- For your address book, select Contacts
- For your calendar, select Calendar
- You can now access your student email through the Gmail app.
- You can now access your Google calendar through the Calendar app.
- You can now access your Google address book through the Contacts or People app, depending on your device’s configuration.
Contact the IT Service Desk
How can we help?We’re here to help all students, faculty and staff. There are several ways you can request our services and report issues:
|Sunday – Thursday 8:00am to 4:30pm||IT@riyadh.edu.sa|
REU Accounts & Email
- Learn more about faculty & staff email.
- Learn more about student email.
The REU Campus Network
REU maintains an extensive, mostly underground, cable plant to connect the REU campus.
We provide networking and telephone services to over 4 University buildings as well as multiple off-site locations. Most buildings are connected to the core network with 20 Mbps services. The core itself operates at 20 Mbps.
To provide superior Internet connectivity, we operate one or more network equipment closets in each building. These closets host the switches that connect buildings to the core network, as well as switches that fan out to all of the wall jacks and wireless access points in the building.
REU offers both wired and wireless connections to REU students, faculty and staff. Learn how to get connected today!
The Information Technology Center provides many services to keep REU students, faculty and staff safe online.
op Security Tips
Do not share sensitive data
- Do not share personal information via email.
- Do not open email attachments from sources you do not trust.
- Back up your devices regularly.
- Do not click on internet pop up ads or videos, especially on social media.
- Keep your browser and operating software up to date.
Keep passwords private
- Do not share passwords, and change your passwords often.
- Longer passwords are stronger passwords. We recommend 8 or more characters.
- Use multi-factor authentication.
- Do not display passwords on or near your device!
Be smart with your smart phone
- Enable secure access and have a password, pattern or fingerprint to unlock your screen.
- Delete emails that contain confidential information.
- Report a lost or stolen phone.
- Do not store confidential information in your phone such as PINs or credit card information.
- Beware of GPS tracking in your device.
Only join secure wifi networks that require a password
- Faculty/Staff should use a VPN to connect to the REU network when off campus.
- Do not pay bills, access bank accounts or shop online over public WiFi.
Riyadh Elm University makes a number of software programs available at no cost for students, faculty, staff, and REU departments. The Information Technology Center is the central location to a quire and learn more about this software.
Check out our software catalog to explore different software packages offered by IT Center. Contact us to find the software name and detailed information, learn how to obtain the product, and if there are any restrictions. Please note that each software agreement contains its own terms and conditions. Generally, use of campus-wide software is limited to University business, academic, or research related purposes
The IT data center is a secure resource for campus computing systems.
Our IT-managed data center provides essentials for storing your data and applications.
- 24×7, 365 monitoring
- Card-lock access control
- Video surveillance
- Intrusion and motion detection alarms after office hours
- Built in systems for offsite data backup, data compression, disaster recovery and data archiving
- Built in firewall, intrusion detection, and other security services
Additionally, systems hosted in the IT data center can take advantage of the virtual server platforms and multi-tiered enterprise-class storage to achieve maximum economy with performance and capacity right-sized to the needs of each application.
Your applications can reside on department-owned or IT-owned hardware when hosted in the IT data center. IT can provide any combination of management services, or our team can set up authorized administrative access.
Provisioning of virtual or physical servers, storage, and databases are routine operations for the IT staff. Servers can employ Windows or Linux operating systems. Database options include Oracle, SQL Server, and MySQL.
Platform management is often provided by IT while the customer manages the application. A range of standard hardware configurations to custom configurations are available to meet your specific requirements. Oracle, SQL Server, or MySQL databases may be included in application hosting platforms. Hosting services include platform design/configuration, procurement, setup, security review, operational monitoring, capacity monitoring, platform patching, backup/restore, archive, and disaster recovery.
Customers may request hosting services for Oracle, SQL Server, or MySQL databases. Databases are hosted in the secure IT data center. Services may include sizing and configuration, access control/security design, performance and capacity planning, implementation, routine platform and database management, operational and capacity monitoring, backup/restore, archiving, and disaster recovery.
Data Backup & Recovery
IT provides a flexible data backup service enabling secure, automated, and protection against data loss.
Features and options vary depending on data types, amount of data, where source data is hosted, retention requirements, data/time loss tolerance, and other factors. Standard backup models range from simple on-site replication to off-site replication/snapshot models with extended retention. Near-line and off-line tape archival storage is also available.
Riyadh Elm University encourages individuals with disabilities to participate in our many programs and activities, and is committed to ensuring that our facilities and the information, services, courses, and technology that we provide are inclusive and accessible in accordance with applicable law.
Emerging Technology and Accessibility
- An-namuthajiah Campus
- BOX 84891, Riyadh 11681
eLearning Management System (Moodle)
Saudi Digital Library – (SDL)
Internship Management System – IMS
Post Graduate Management System – PGMS
Research Registration System
Course/Event Registration System
Riyadh Elm University Labs and Classrooms are equipped with the following:
- Instructor PC running Windows OS with all the basic software.
- Interactive Board (70% of classes)
- Internet/Intranet connection.
- Classroom Management System
PurposeThe purpose of this Guideline is to educate Riyadh Elm University (“University”) students, faculty and staff on the characteristics of a Strong Password as well as to provide recommendations on how to securely maintain and manage passwords.
Applies ToThis Guideline applies to all students, faculty and staff that have a username and password to at least one University system or application, independent of whether you are an end user or a system administrator for that system or application.
DefinitionsA Strong Password is defined as a password that is reasonably difficult to guess in a short period of time either through human guessing or the use of specialized software.
GuidelinesThe following are general recommendations for creating a Strong Password:
A Strong Password should –
- Be at least 8 characters in length
- Contain both upper and lowercase alphabetic characters (e.g. A-Z, a-z)
- Have at least one numerical character (e.g. 0-9)
- Have at least one special character (e.g. ~!@#$%^&*()_-+=)
A Strong Password should not –
The following are several recommendations for maintaining a Strong Password:
- Spell a word or series of words that can be found in a standard dictionary
- Spell a word with a number added to the beginning and the end
- Be based on any personal information such as user id, family name, pet, birthday, etc.
- Do not share your password with anyone for any reason
Passwords should not be shared with anyone, including any students, faculty or staff. In situations where someone requires access to another individual’s protected resources, delegation of permission options should be explored. For example, University email calendar will allow a user to delegate control of his or her calendar to another user without sharing any passwords. This type of solution is encouraged. Passwords should not be shared even for the purpose of computer repair. An alternative to doing this is to create a new account with an appropriate level of access for the repair person.
- Change your password periodically
As a general rule of thumb, changing your password every 90 days is recommended. However, you may choose to vary the frequency of password changes based on the privilege or access level of the account. Accounts of greater privilege or access level should have their password changed more frequently and vice versa. This practice prevents someone, who has obtained your password through some means, from continuing to have access to your account. If you suspect someone has compromised your account, change your password immediately. Be sure to change your password from a computer you do not typically use (e.g. university computer). After resetting your password, report the incident to your local departmental administrator and/or the Information Technology Office at email@example.com.
- Consider using a passphrase instead of a password
A passphrase is a password made up of a sequence of words with numeric and/or symbolic characters inserted throughout. A passphrase could be a lyric from a song or a favorite quote. Passphrases typically have additional benefits such as being longer and easier to remember. For example, the passphrase “My passw0rd is $uper str0ng!” is 28 characters long and includes alphabetic, numeric and special characters. It is also relatively easy to remember. It is important to note the placement of numeric and symbolic characters in this example as they prevent multiple words from being found in a standard dictionary. The use of blank spaces also makes a password more difficult to guess.
- Do not write your password down or store it in an insecure manner
As a general rule, you should avoid writing down your password. In cases where it is necessary to write down a password, that password should be stored in a secure location and properly destroyed when no longer needed. Using a password manager to store your passwords is not recommended unless the password manager leverages strong encryption and requires authentication prior to use.
- Avoid reusing a password
When changing an account password, you should avoid reusing a previous password. If a user account was previously compromised, either knowingly or unknowingly, reusing a password could allow that user account to, once again, become compromised. Similarly, if a password was shared for some reason, reusing that password could allow someone unauthorized access to your account.
- Avoid using the same password for multiple accounts
While using the same password for multiple accounts makes it easier to remember your passwords, it can also have a chain effect allowing an attacker to gain unauthorized access to multiple systems. This is particularly important when dealing with more sensitive accounts such as your E-learning account or your online banking account. These passwords should differ from the password you use for instant messaging, webmail and other web-based accounts.
- Do not use automatic logon functionality
Using automatic logon functionality negates much of the value of using a password. If a malicious user is able to gain physical access to a system that has automatic logon configured, he or she will be able to take control of the system and access potentially sensitive information.
The following are Guidelines for individuals responsible for provisioning and support of user accounts:
- Enforce strong passwords
Many systems and applications include functionality that prevents a user from setting a password that does not meet certain criteria. Functionality such as this should be leveraged to ensure only Strong Passwords are being set.
- Require periodic password changes
Forcing a periodic password change serves as a reminder to users and eliminates the human factor in determining whether to change a password. A general rule of thumb is to force a password change every 90 days.
- Require a change of initial or “first-time” passwords
Forcing a user to change their initial password helps ensure that only that user knows his or her password. Depending on what process is being used to create and distribute the password to the user, this practice can also help mitigate the risk of the initial password being guessed or intercepted during transmission to the user. This guidance also applies to situations where a password must be manually reset.
- Force expiration of initial or “first-time” passwords
In certain situations, a user may be issued a new account and not access that account for a period of time. As mentioned previously, initial passwords have a higher risk of being guessed or intercepted depending on what process is being used to create and distribute passwords. Forcing an initial password to expire after a period of time (e.g. 72 hours) helps mitigate this risk. This may also be a sign that the account is not necessary.
- Do not use Restricted data for initial or “first-time” passwords
This type of data should not be used wholly or in part to formulate an initial password.
- Always verify a user’s identity before resetting a password
A user’s identity should always be validated prior to resetting a password. If the request is in-person, photo identification is a sufficient means of doing this. If the request is by phone, validating an identity is much more difficult. One method of doing this is to request a video conference with the user (e.g. Skype) to match the individual with their photo id. However, this can be a cumbersome process. Another option is to have the person’s manager call and confirm the request. For obvious reasons, this would not work for student requests. If available, a self-service password reset solution that prompts a user with a series of customized questions is an effective approach to addressing password resets.
- Never ask for a user’s password
As stated above, individual user account passwords should not be shared or any reason. A natural correlation to this guidance is to never ask others for their passwords. Once again, delegation of permission is one alternative to asking a user for their password. Some applications include functionality that allows an administrator to impersonate another user, without entering that user’s password, while still tying actions back to the administrator’s user account. This is also an acceptable alternative. In computer repair situations, requesting that a user create a temporarily account on their system is one alternative.
The following are several additional Guidelines for individuals responsible for the design and implementation of systems and applications:
- Change default account passwords
Default accounts are often the source of unauthorized access by a malicious user. When possible, they should be disabled completely. If the account cannot be disabled, the default passwords should be changed immediately upon installation and configuration of the system or application.
- Implement strict controls for system-level and shared service account passwords
Shared service accounts typically provide an elevated level of access to a system. System-level accounts, such as root and Administrator, provide complete control over a system. This makes these types of accounts highly susceptible to malicious activity. As a result, a more lengthy and complex password should be implemented. System-level and shared service accounts are typically critical to the operation of a system or application. Because of this, these passwords are often known by more than one administrator. Passwords should be changed anytime someone with knowledge of the password changes job responsibilities or terminates employment. Use of accounts such as root and Administrator should also be limited as much as possible. Alternatives should be explored such as using sudo in place of root and creating unique accounts for Windows administration instead of using default accounts.
- Do not use the same password for multiple administrator accounts
Using the same password for multiple accounts can simplify administration of systems and applications. However, this practice can also have a chain effect allowing an attacker to break into multiple systems as a result of compromising a single account password.
- Do not allow passwords to be transmitted in plain-text
Passwords transmitted in plain-text can be easily intercepted by someone with malicious intent. Protocols such as FTP, HTTP, SMTP and Telnet all natively transmit data (including your password) in plain-text. Secure alternatives include transmitting passwords via an encrypted tunnel (e.g. IPSec, SSH or SSL), using a one-way hash or implementing a ticket based authentication scheme such as Kerberos. Contact the Information Technology Office at firstname.lastname@example.org. if you would like an assessment of your application’s authentication controls.
- Do not store passwords in easily reversible form
Passwords should not be stored or transmitted using weak encryption or hashing algorithms. For example, the DES encryption algorithm and the MD-4 hash algorithm both have known security weaknesses that could allow protected data to be deciphered. Encryption algorithms such as 3DES or AES and hashing algorithms such as SHA-1 or SHA-256 are stronger alternatives to the previously mentioned algorithms. Contact the Information Technology Office at email@example.com. if you have questions related to the use of a specific encryption and hashing algorithm.
- Implement automated notification of a password change or reset
When a password is changed or reset, an email should be automatically sent to the owner of that user account. This provides a user with a confirmation that the change or reset was successful and also alerts a user if his or her password to unknowingly changed or reset.
If you have any questions or comments related to this Guideline, please send email to the University Information Technology Office at firstname.lastname@example.org.