The IT Security Office, in conjunction with the IT Security Council, has developed requirements for securing university systems and data. These requirements are mandated in Policy 5.10, Information Security:
www.dfa.cornell.edu/dfa/treasurer/policyoffice/policies/volumes/informationtech/infosecurity.cfm
The IT Security Council will review and, as needed, revise the requirements on an annual basis. Please send any comments or questions to security-services@cornell.edu
As the target audience for these requirements is IT support personnel they are couched in fairly technical language. A brief overview of the policy can be in the Guide to Data Security.
CIT’s security web site includes an explanation, for general readers, of what employees must do to safeguard confidential data in the course of their work at Cornell, including how to appropriately secure their computers. For more information, see:
Chapters Four and Five of the downloadable Computer Security at Cornell handbook cover the same topics.
