Set Up an Information Technology System

The purchase of information technology (IT) goods (hardware and software) for international operations should conform to University purchasing policies, and procedures should describe how the operation meets requirements under:

• Competitive Procurement Policy
• Goods and Services Contracts Policy
• Dollar Thresholds (described in Purchase Goods or Services while Abroad)

IT goods purchases can be made by in-country operations (below the $5K/unit threshold); IT services can be procured in-country without CU Purchasing review/approval if under $5,000 and less than 1 year; dollar thresholds may vary depending on individual program requirements.

Refer to the Purchase Goods or Services while Abroad page of Managing Financial Needs for additional guidance.

Software purchasing should be routed through the respective University department and Central Purchasing in New York due to issues relating to international licensing, use, deemed exports, and other requirements.

U.S. Export Controls

The U.S. Departments of State and Commerce have export control regulations that apply to certain technology, commodities, and software being transmitted from the United States to overseas entities and other persons. Before arranging for items to be shipped or conveyed to, or from, a host country office, these laws and regulations should be reviewed. This applies to items sent electronically or otherwise.

In addition, citizens and permanent residents of the United States who travel outside of the U.S. to work in a host country office or elsewhere in that country should also be aware that their laptops, mobile phones, and other electronic devices, that they bring with them, are subject to U.S. Export Controls.

For additional details, go to Learn about Legal and Regulatory Compliance.

University Network ID (UNI)

A UNI is created and designated by CUIT and consists of the user's initials plus an arbitrary number. It is the key to accessing computer services and electronic resources at Columbia. It is used to gain full or partial access to CU resources including restricted library information on the web, human resources and benefits information, student grades, billing, and registration information, as well as to administrative systems. 

Faculty, Staff, and Students of Columbia University

Faculty, staff, and students of Columbia University are eligible for a UNI and email service. Eligibility is determined based on data provided about users by an authoritative source; for most people, this source is Student Information Systems (students) or Human Resources PAC (employees). If questions arise about your eligibility, users may be asked to pursue them with your University department or the office providing their data. 

Staff of Related Entities

Staff of Related Entities may be eligible for accounts depending on agreements between these entities and Columbia. UNIs are assigned to specific individuals to access specific administrative computer systems maintained by CUIT. These IDs are to be used solely for the performance of assigned job functions. Local administrators of these entities should work through their respective University unit with CUIT for determining UNI eligibility and activation based on Columbia’s Acceptable Usage of Information Resources Policy.

Domain Accounts (formerly referred to as a "NetID"

A Domain Account is required for access to Columbia’s computer network and domain. This includes access to shared drives, which are considered an open forum, and secure individual storage located on a university server drive. Staff who would like access should request a domain account directly from their University department’s IT Manager. The IT Manager will assist the staff member in obtaining the domain account and also provide him/her with instructions on the proper use of the computer network and domain. 

Exchange Email Accounts

Faculty, Staff, and Students of Columbia University

In the U.S., a Gmail ("LionMail") account is provided to faculty, staff and students when they join the University. LionMail is to be used as the primary mode of email for faculty, students, and most staff. A small number of administrators use Microsoft Exchange as their primary email system, and many of them will still have access to the LionMail email system. 

Staff of Related Entities

Employees hired by the Related Entities outside of the U.S. should work with the IT Manager. Most often the local internet service providers will set up the internet connection and the email accounts. Some will receive LionMail accounts, depending on their affiliations. 

Users are responsible for the security and safety of the equipment that they are assigned by the University. IT Security Policies apply to locations/related entities in and outside the U.S. Important measures must be taken by each user and each host country office to provide optimal security for Columbia’s IT systems.

For additional information refer to the University’s IT Security Resources page.

Each item of hardware that is assigned to an employee must be engraved and tagged with the telephone number of the University unit's IT Manager and a PCTNYPD code that indicates its participation in Operation ID, which is a tool that the New York City Police Department uses to identify lost and stolen property. Host country offices should inquire if this service is available to be used in their host country office location.

Back-Ups

No matter how careful the users, computers will eventually fail. Having recent back-ups of important documents can avoid inefficiencies and delays in operations. As such, host country offices are required to have in place a system for ensuring all computers are backed up regularly—daily or weekly for some systems and at least monthly for all computers. Also, the host country IT Manager should do a full restore test at least once a month.

For additional information about back-ups, refer to the University’s Storage and Back-Ups page.

General Security

Passwords

Users are responsible for remembering the passwords to their various Columbia and unit assigned accounts. Failure to do so will result in having passwords expire or delays in accessing information systems. Procedures for having the password reset for a UNI account are included in Manage My UNI. Users should never share or reuse their passwords.

Computer Protection

Users are responsible for maintaining the overall health of their computers, including installing periodic security updates as distributed by the respective operating system vendor. In addition, users must utilize the antivirus and antispyware software installed on the computer to keep it free from malicious threats.

Both NY and host country office users, wherever applicable, are also strongly encouraged to install PC PhoneHome software on all assigned desktops and laptops. The installation will assist in the potential recovery of a computer in the case of it being stolen. See additional information on the installation and usage of PC PhoneHome.

International Office Security Policies

Offices outside the U.S. are required to designate a security administrator and to have security policies that cover their internal network as well as any network-based services (e.g., email other than @columbia.edu addresses). These policies should be kept on file in the local office and a copy sent to the unit's IT Manager when they are created, as well as each time they are updated.

IT security policies should be incorporated into local Standard Operating Procedures (SOP) so that each employee when signing the acknowledgment of the SOP, understands that they have agreed to conform to the unit’s IT network and computer use policies for that location.

Server and Network Administration

New York offices are encouraged to use servers maintained by CUIT to ensure that they meet the University's security standards. International offices may need to maintain servers and other networking equipment to better support the regular business of international operations; the department's IT Manager and host country IT staff should familiarize themselves with CUIT Security guidelines.

Computer equipment should be included in the host country office’s inventory log and catalogued on at least a monthly basis.

Refer to the Purchase Goods or Services while Abroad page for additional resources.

In addition, the University department should request, at least once per year, that the host country IT manager or staff perform an audit of all software on local University department- purchased computers and submit the results to the department's New York-based IT Manager.

Users are not to install any software or programs on University department's computers or networks without the express permission of the unit's IT Manager.

Any suspect software that has been installed must be removed from office computers immediately and the corresponding suspect media destroyed. The department's New York-based IT Manager must be notified of the incident. If an international office is unsure as to whether software is suspect, the unit's New York-based IT Manager should be contacted for guidance.

Policies

• Competitive Procurement Policy
• Computer, Network, and Information Policy
• Purchase Requisitions and Purchase Orders
• Acceptable Usage of Information Resources Policy

Websites

• Columbia University Information Technology (CUIT)
• Data, Technology, and Export Controls
• IT Security Resources
• Learn about Legal and Regulatory Compliance
• Manage My UNI
• PC PhoneHome
• Purchase Goods or Services while Abroad
• Storage and Back-Ups