Skip to main content

Vice President for Information Technology and Chief Information Officer

Responsible Use of Information Technology Resources

Policy Number:

5.1
Cornell University requires people who use its information technology resources to do so in a responsible manner, abiding by all applicable laws, policies, and regulations.

Use of Escrowed Encryption Keys

Policy Number:

5.3
Cornell University expects stewards, custodians, and users of institutional administrative data who deploy software or algorithmic programs for encryption to establish procedures ensuring that the university has access to all such records and data.

Security of Information Technology Resources

Policy Number:

5.4.1
Cornell University expects all individuals using information technology devices connected to the Cornell network to take appropriate measures to manage the security of those devices. In addition, the university establishes roles and responsibilities surrounding the technical procedures required for…

Reporting Electronic Security Incidents

Policy Number:

5.4.2
Users of information technology devices connected to the Cornell network must report all electronic security incidents promptly and to the appropriate party or office. The Information Technology Security Office has the responsibility to evaluate incidents for potential of a breach of institutional…

Stewardship and Custodianship of Electronic Mail

Policy Number:

5.5
Cornell University owns and operates its electronic mail (e-mail) infrastructure, which must be managed for the entire university community in a manner that preserves a level of privacy and confidentiality in accordance with relevant laws, regulations, and university policy. While the university…

Recording and Registration of Domain Names

Policy Number:

5.6
Cornell University requires the central recording of all domain names purchased with Cornell funds and the registration of those names within the cornell.edu domain or served by Cornell domain name servers.

Network Registry

Policy Number:

5.7
Cornell University requires network administrators or users to register all devices (including wireless hubs and switches) connected to the network in a continuously updated central CIT network registry service. At a minimum, the required information maintained in this registry must include MAC…

Authentication to Information Technology Resources

Policy Number:

5.8
Cornell University owns and manages university electronic identifiers. In the course of its business and missions, it provides its community with access to information technology (IT) resources, such as email, internet, and network devices through these identifiers. To protect these resources from…

Access to Information Technology Data and Monitoring Network Transmissions

Policy Number:

5.9
Information technology data will be disclosed only according to the procedures outlined in this policy. Cornell University does not monitor the content of network traffic except for legal, policy, or contractual compliance; in the case of a health or safety emergency; or for the maintenance and…

Information Security

Policy Number:

5.10
Cornell University expects all data stewards and custodians who have access to and responsibilities for university data to manage it as set forth in this policy. This is in accordance with the rules regarding collection, storage, disclosure, access, processing, destruction, and classification of…

Administrative Data Store Registry

Policy Number:

5.11
Unit data custodians or their delegates are required to register any persistent administrative functional area data repositories.

Web Accessibility Standards

Policy Number:

5.12
Cornell University is committed to providing an environment in which all people have an equal opportunity to participate in the university’s programs, activities, and services. To support this environment, all new, newly added or redesigned university web content, web pages, web functionality,…