Desktop and Laptop Security Policy

Effective Date: November 1, 2007

Policy Statement

Columbia University requires that all individuals utilizing University Electronic Information Resources abide by the desktop and laptop security standards described by this policy. 

Reason for the Policy

With the prevalent use of personal computing in the University, there is the risk that if computing system security vulnerabilities are left unsecured, then the information and data stored in personal computers are susceptible to theft and/or exploitation. This policy defines a number of safe computing standards to provide data protection on desktops and laptops.

Primary Guidance to Which This Policy Responds

This policy is established under the provisions of Columbia University's Information Technology Security and Policy Program.

Responsible University Office & Officer

The office of Columbia University Information Technology Security is responsible for the maintenance of this policy, and for responding to questions regarding this policy.  The Chief Information Security Officer (CISO) is the responsible officer.

Revision History

This policy was established in October 2007.

Who is Governed by This Policy

This policy applies to all individuals who access, use, or control University Electronic Information Resources.  The individuals required to adhere to this policy include, but are not limited to faculty, staff, students, those working on behalf of the University, guests, tenants, contractors, consultants, visitors and/or individuals authorized by affiliated institutions and organizations. 

Who Should Know This Policy

Anyone who accesses, uses, or controls University Electronic Information Resources should be familiar with this policy.

Exclusions & Special Situations

None

See full policy text at right