Policies for Using CUIT Logon IDs for AP/CAR Access

User IDs are assigned to specific individuals to access specific administrative computer systems maintained by CUIT. These IDs are to be used solely for the performance of assigned job functions within the University. CUIT maintains the following policies on the use and security of these IDs and administrative systems. Violation of these policies can lead to suspension of the ID, pending investigation. Serious violation of CUIT policies will be referred directly to appropriate University or outside authorities. Violations can result in appropriate disciplinary action up to and including termination of employment. Violations may involve criminal offenses resulting in prosecution by appropriate law enforcement agencies.

1. Unauthorized attempts to gain access to another person’s CUIT User ID are prohibited.

2. Unauthorized attempts to gain access to applications or data not permitted by the CUIT User ID are prohibited.

3. Individual CUIT User IDs cannot be transferred or used by another individual. The sharing of passwords is not permitted.

4. Individual users are responsible for all matters pertaining to proper use of the CUIT User IDs assigned to them, including choice of safe passwords, and any recorded access from the ID.

5. CUIT User IDs permit access to University administrative systems with the understanding that the information in those systems is confidential. Each user must take appropriate measure to preserve the confidentiality of that information.

6. No CUIT User ID or administrative system may be used for personal commercial gain.

7. No CUIT User ID or administrative system may be used for any unethical, illegal, or criminal purpose.

8. Use of any CUIT User ID or administrative system by individuals or organizations outside Columbia requires explicit authorization from AIS and all appropriate data custodians.

9. No CUIT User ID or administrative system may be used to send nuisance messages or files or to send obscene or harassing messages. University policy prohibits the use of University resources to solicit contributions or support for any charity, except those authorized by the University.

10. Electronic mail on CUIT administrative systems is as private as possible. Attempts to read another person’s electronic mail are prohibited. System administrators will not read an individual’s mail unless required to do so in performing their duties, and will treat the contents as private information.

11. It is the responsibility of the supervisor or department administrator to notify the Accounts Payable Department when the owner of the AP/CAR-CUIT Logon ID leaves the University or changes jobs.

All users of CUIT User IDs and administrative systems should be aware that these systems are University resources. Access, access attempts, and use are all recorded in various system logs. System and security administrators review the logs routinely in the course of their work. In addition, security administrators conduct regular reviews of the IDs, including password checks. Users found to have easily guessed passwords may be required to change them the next time they log on.