When sensitive data isn't managed appropriately, it poses many risks to Cornell. By law, possible loss to certain types of data requires Cornell to report to government agencies and notify...
Sending or otherwise making available, export-controlled information to a foreign national, either in or outside of the United States territory is an export. Similarly, storing export-...
The IT Security Office, in conjunction with the IT Security Council, has developed requirements for securing university systems and data. These requirements are mandated in Policy 5.10,...
IT Security Liaisons are charged with ensuring appropriate measures are taken in response to a security incident. If your department doesn't have a Security Liaison, please contact your department...
Use Cornell services for Cornell work, whenever possible. Find Cornell cloud services.
If Cornell doesn't provide a service that you need, follow these guidelines, at a minimum, to...
If you haven't already reported the incident, do so now. Work with technical support to contain the system (as outlined below) while you gather and provide incident details to the IT Security...
You are responsible for Cornell data stored on computers you use. You are the custodian of that data. This is established in numerous Cornell policies. See Cornell's computer security and...
Whenever possible, we recommend not storing confidential data on your computer. If you have a need to store confidential information on your computer temporarily, consult with your technical...
Cornell University proactively blocks Internet sites that pose a security threat to the university or the Cornell community. Websites are deemed a security threat when they host...
