Remote Access Policy

Effective Date: February 1, 2008

Policy Statement

Remote Access is the process of accessing Columbia University's Electronic Information Resources from networks that are not controlled by Columbia University. This policy defines the appropriate security measures that are required for the user to remotely connect to Columbia University's networks.

Reason for the Policy

The equipment used to access Columbia University's network remotely could be inflected with computer viruses, worms, bots, etc. Once the compromised machine is connected to CU's network, it can spread the inflection to other machines in the network. Additionally, unsecured communication while using remote access will allow another user to read data in transit which may contain personal and sensitive information.

Primary Guidance to Which This Policy Responds

This policy responds to the "Acceptable Use of IT Resources" and the "Desktop and Laptop Security" policies.

Responsible University Office & Officer

The office of Columbia University Information Technology Security is responsible for the maintenance of this policy, and for responding to questions regarding this policy.  The Chief Information Security Officer (CISO) is the responsible officer.

Revision History

This policy was established in February 2008.

  Who is Governed by This Policy

This policy applies to all individuals who access, use, or control Columbia University Electronic Information Resources.  Those individuals covered include, but are not limited to faculty, staff, students, contractors, consultants, those working on behalf of the University, and/or individuals authorized by affiliated institutions and organizations. 

Who Should Know This Policy

Anyone who accesses, uses, or controls Columbia University Electronic Information Resources should be familiar with this policy.

Exclusions & Special Situations

None

See full policy text at right