The IT Security Office, in conjunction with the IT Security Council, has developed requirements for securing university systems and data. These requirements are mandated in Policy 5.10, Information Security.

The IT Security Council will review and, as needed, revise the requirements on an annual basis. Send comments or questions to itsecurity@cornell.edu

For more information about what employees must do to safeguard confidential data in the course of their work at Cornell, see articles about how to secure computers and mobile devices:

• Biometrics for Device Security
• Federated Login at Cornell University (Shibboleth)
• Encrypt Computer (Required for Confidential Data)
• Data Hygiene Best Practices
• Security & Policy

See also the Consequences of Mishandling Sensitive Data.