Effective Date: February 1, 2008
Remote Access is the process of accessing Columbia University's Electronic Information Resources from networks that are not controlled by Columbia University. This policy defines the appropriate security measures that are required for the user to remotely connect to Columbia University's networks.
Reason for the Policy
The equipment used to access Columbia University's network remotely could be inflected with computer viruses, worms, bots, etc. Once the compromised machine is connected to CU's network, it can spread the inflection to other machines in the network. Additionally, unsecured communication while using remote access will allow another user to read data in transit which may contain personal and sensitive information.
Primary Guidance to Which This Policy Responds
This policy responds to the "Acceptable Use of IT Resources" and the "Desktop and Laptop Security" policies.
Responsible University Office & Officer
The office of Columbia University Information Technology Security is responsible for the maintenance of this policy, and for responding to questions regarding this policy. The Chief Information Security Officer (CISO) is the responsible officer.
This policy was established in February 2008.
Who is Governed by This Policy
This policy applies to all individuals who access, use, or control Columbia University Electronic Information Resources. Those individuals covered include, but are not limited to faculty, staff, students, contractors, consultants, those working on behalf of the University, and/or individuals authorized by affiliated institutions and organizations.
Who Should Know This Policy
Anyone who accesses, uses, or controls Columbia University Electronic Information Resources should be familiar with this policy.
Exclusions & Special Situations
See full policy text at right