Users are responsible for the security and safety of the equipment that they are assigned by the University. IT Security Policies apply to locations/related entities in and outside the U.S. Important measures must be taken by each user and each host country office to provide optimal security for Columbia’s IT systems.
For additional information refer to the University’s IT Security Resources page.
Each item of hardware that is assigned to an employee must be engraved and tagged with the telephone number of the University unit's IT Manager and a PCTNYPD code that indicates its participation in Operation ID, which is a tool that the New York City Police Department uses to identify lost and stolen property. Host country offices should inquire if this service is available to be used in their host country office location.
No matter how careful the users, computers will eventually fail. Having recent back-ups of important documents can avoid inefficiencies and delays in operations. As such, host country offices are required to have in place a system for ensuring all computers are backed up on a regular basis – daily or weekly for some systems and at least monthly for all computers. In addition, the host country IT Manager should do a full restore test at least once a month.
For additional information about back-ups, refer to the University’s Make Back-Ups page.
Users are responsible for remembering the passwords to their various Columbia and unit assigned accounts. Failure to do so will result in having passwords expire or delays in accessing information systems. Procedures for having the password reset for a UNI account are included in Manage My UNI. Users should never share their passwords.
Users are responsible for maintaining the overall health of their computers, including installing periodic security updates as distributed by the respective operating system vendor. In addition, users must utilize the antivirus and antispyware software installed on the computer to keep it free from malicious threats.
Both NY and host country office users, wherever applicable, are also strongly encouraged to install PC PhoneHome software on all assigned desktops and laptops. Installation will assist in the potential recovery of a computer in the case of it being stolen. See additional information on the installation and usage of PC PhoneHome.
International Office Security Policies
Offices outside the U.S. are required to designate a security administrator and to have security policies that cover their internal network as well as any network-based services (e.g., e-mail other than @columbia.edu addresses). These policies should be kept on file in the local office and a copy sent to the unit's IT Manager when they are created and each time they are updated.
IT security policies should be incorporated into local Standard Operating Procedures (SOP) so that each employee, when signing acknowledgement of the SOP, understand that they have agreed to conform to the unit’s IT network and computer use policies for that location.
Server and Network Administration
New York and international offices may need to maintain servers and other networking equipment in order to better support the regular business of international operations. The department's IT Manager and host country IT staff should familiarize themselves with CUIT Security guidelines.