Effective Date: October, 2013
The secure management of the Columbia University Network (as such term is defined in the Columbia University Information Security Charter (the “Charter”) [http://policylibrary.columbia.edu/information-security-charter], which may span organizational boundaries, requires the careful consideration of the flow of information and the regulatory requirements regarding monitoring and protection of Networks. The University requires that all Network, communications and telecommunications related equipment and devices, including cabling, be installed and maintained by Columbia University Information Technology (CUIT) or by Columbia University Medical Center Information Technology (CUMC IT), either alone or in collaboration with NewYork-Presbyterian Hospital Information Technology (NYPH IT).
A PDF of this policy is also available to the right.
Capitalized terms herein without definition are defined in the Charter.
II. Policy History
The effective date of this Policy is November 1, 2013. This Policy replaces the University Network and Communications Equipment
Policy, dated June 2011.
III. Policy Text
This Policy applies to all communications cabling, equipment
and infrastructure devices, including but not limited to the following: telecommunications switches, data networking switches and routers, wireless access points, cellular distributed antenna systems, cellular repeaters and/or bi-directional amplifiers, cellular macro sites, cable and satellite television reception and distribution equipment.
A. Standard Requirements
1. The following equipment must be installed and maintained by CUIT or CUMC IT:
2. CUIT and CUMC IT staff implement the appropriate logging
and monitoring of Networks in accordance with the Columbia University Information Resource Access Control and Log Management Policy http://policylibrary.columbia.edu/information-resource-access-control-and-log-management-policy.
3. Standard protections are established by the applicable Information Security Office and implemented by CUIT or CUMC IT staff to safeguard the confidentiality and integrity of University information passing over public and wireless Networks.
B. Bandwidth Quotas
To maintain Network performance, CUIT has implemented an automated Network bandwidth quota system. Individual computers may be limited in either the inbound or outbound direction. Limits are imposed only on off-campus traffic to or from the Internet. Traffic on the University's internal Network and on Internet2 is not restricted in any way.
The parameters of this system may be changed without prior notice in order to ensure proper functioning of the Network
for the University community.
An exception to the Internet bandwidth limitations may be granted for Servers used for legitimate University business through the
use of the Network Quota Exception Request https://www1.columbia.edu/sec/acis/support/consultant/staffonly/bandwidth-exception.html
See Bandwidth Quotas and Network Performance http://www.columbia.edu/cgi-bin/acis/networks/quota/netquota.pl for more information on bandwidth quotas.
C. Waivers and Exceptions
Existing or future Network or communications infrastructure that is not maintained by CUIT or CUMC IT as of the effective date of this Policy may be granted a waiver from the requirements of this Policy with the written approval of CUIT or CUMC IT. A description of the infrastructure and a rationale for the request should be submitted
to CUIT or CUMC IT by an Executive Manager. If approved, the exception will be subject to annual review.
IV. CrossReferences to Related Policies and Other Documentation
The Information Security Policies and certain additional documentation are listed in Appendix A hereto.
Related Policies and Other Documentation
Bandwidth Quotas and Network Performance http://www.columbia.edu/cgi-bin/acis/networks/quota/netquota.pl
Information Resources Access Control and Log Management Policy http://policylibrary.columbia.edu/information-resource-access-control-and-log-management- policy
Information Security Charter http://policylibrary.columbia.edu/information-security-charter
Network Quota Exception Request https://www1.columbia.edu/sec/acis/support/consultant/staffonly/bandwidth-exception.html