For all units that accept credit cards as a method of payment for goods or services in relation to university business/operations, Cornell University requires compliance with Payment Card Industry – Data Security Standards (PCI-DSS) protocols, and with the procedures outlined in this document.
Cornell University expects stewards, custodians, and users of institutional administrative data who deploy software or algorithmic programs for encryption to establish procedures ensuring that the university has access to all such records and data.
Cornell University owns and operates its electronic mail (e-mail) infrastructure, which must be managed for the entire university community in a manner that preserves a level of privacy and confidentiality in accordance with relevant laws, regulations, and university policy.
Cornell University requires network administrators or users to register all devices (including wireless hubs and switches) connected to the network in a continuously updated central CIT network registry service.
Cornell University owns and manages university electronic identifiers. In the course of its business and missions, it provides its community with access to information technology (IT) resources, such as e-mail, Internet, and network devices through these identifiers. To protect these resources
Cornell University expects all institutional information stewards and custodians who have access to and responsibilities for institutional information to manage it according to the rules regarding storage, disclosure, access, classification of information and minimum privacy and security standard