Vice President for Information Technology and Chief Information Officer

Cornell University requires people who use its information technology resources to do so in a responsible manner, abiding by all applicable laws, policies, and regulations.

Cornell University expects stewards, custodians, and users of institutional administrative data who deploy software or algorithmic programs for encryption to establish procedures ensuring that the university has access to all such records and data.

Cornell University expects all individuals using information technology devices connected to the Cornell network to take appropriate measures to manage the security of those devices. In addition, the university establishes roles and responsibilities surrounding the technical procedures required for…

Users of information technology devices connected to the Cornell network must report all electronic security incidents promptly and to the appropriate party or office. The Information Technology Security Office has the responsibility to evaluate incidents for potential of a breach of institutional…

Cornell University owns and operates its electronic mail (e-mail) infrastructure, which must be managed for the entire university community in a manner that preserves a level of privacy and confidentiality in accordance with relevant laws, regulations, and university policy. While the university…

Cornell University requires the central recording of all domain names purchased with Cornell funds and the registration of those names within the cornell.edu domain or served by Cornell domain name servers.

Cornell University requires network administrators or users to register all devices (including wireless hubs and switches) connected to the network in a continuously updated central CIT network registry service. At a minimum, the required information maintained in this registry must include MAC…

Cornell University owns and manages university electronic identifiers. In the course of its business and missions, it provides its community with access to information technology (IT) resources, such as email, internet, and network devices through these identifiers. To protect these resources from…

Information technology data will be disclosed only according to the procedures outlined in this policy. Cornell University does not monitor the content of network traffic except for legal, policy, or contractual compliance; in the case of a health or safety emergency; or for the maintenance and…

Cornell University expects all data stewards and custodians who have access to and responsibilities for university data to manage it as set forth in this policy. This is in accordance with the rules regarding collection, storage, disclosure, access, processing, destruction, and classification of…

Unit data custodians or their delegates are required to register any persistent administrative functional area data repositories.

Cornell University is committed to providing an environment in which all people have an equal opportunity to participate in the university’s programs, activities, and services. To support this environment, all new, newly added or redesigned university web content, web pages, web functionality,…