Computer Use Requirements


Requirements and procedures are in support of governing Columbia University IT Policies and CUIMC Information Security Procedures.

Use of technical resources at CUIMC including the wired and wireless networks, email, network drive storage, etc. is provided for the creation, storage and dissemination of work, academic, and research related data.

When a computer, device, or other equipment accessing these resources is not reasonably secured against malware, hacking, theft or other risks and/or there is no way to contact the current owner or computer user regarding possible issues, other systems, and data at CUIMC can be subjected to unnecessary risk.

Computer Requirements

Following is a summary of the Registration and Protection of Endpoints Policy, which applies to computers and mobile devices. Other types of systems, devices or equipment have additional requirements that can be found in the Information Security Procedures and by searching or reviewing more articles in the Procedures and Guidelines section of the Knowledge Base.

Registration

Computers used for CUIMC purposes (whether institutionally or personally owned) must be registered with their IT Custodian (defined in the Information Security Charter), Certified IT Group, or other responsible person in their School, Department or business unit. Those that are not registered may be blocked from accessing the network.

General Protection Requirements

Users must ensure the following.

Additional Requirements for Sensitive, Confidential, and PHI Data

Procedures

Computers that connect to the wired network must submit registration information online using the appropriate instructions:

The computer will not be able to connect until the registration is processed, please be sure that this is done well in advance.

Computers that are found to be infected or causing unusual activity on the network may be blocked without notice in order to protect other connected systems and resources. While data content is not scanned, the network is regularly monitored for suspicious activity.