User login


Acceptable Usage of Information Resources Policy

Published: October 2013

Revised September 2017


I. Introduction

This Policy establishes the accountability of all Users (as
defined in the Columbia University Information Security Charter (the “Charter”
of Columbia University’s Information Resources. It addresses the confidentiality, integrity and availability of such Resources in support of the University’s missions, codifies appropriate usage and establishes the need for Users to respect the rights of others and to be in compliance with other University policies, policies of external networks and resources, and all applicable federal, state and local laws and regulations.


The University’s Information Resources are provided to
support the teaching, learning, clinical and research missions of the University and their supporting administrative functions. Inappropriate use of these Information Resources threatens the atmosphere for the sharing of information, the free exchange of ideas and the security of an environment for creating and maintaining Information Resources.


This Policy applies to the access and use of the
University’s Information Resources, whether originating from University or non-University Information Resources, including personal computers, as well as the access and use of Information Resources provided by research sponsors to, or leased or hired by, University Users.


Additional terms apply to the use of email at the
University, as described in the Columbia University Email Usage Policy


Capitalized terms used herein without definition are defined
in the Charter.


II. Policy History

The effective date of this Policy is November 1, 2013. This
Policy and the other Information Security Policies replace (A) the following University

  •         Acceptable Use of IT Resources (Network and
    Computing) Policy, dated July 1, 2007
  •         Electronic Information Resources Security
    Policy, dated March 1, 2007
  •         Social Security Number (SSN) and Unique Person
    Number Usage (UPN) Policy, dated September 10, 2007 

and (B) the following CUMC Policies:  

  •         Information Security, Backup, Device and Media
    Controls Policy, dated November 2012
  •          Workstation Use and Security Policy, dated
    November 2012 


Policy Text  

To see the full text of this policy, please use the link on the right.