Policy Volume: RD
Responsible Executive: CISER Secure Data Services Manager
Responsible Office: Cornell Institute for Social and Economic Research
Originally Issued: 2015-12-01
Revised: 2016-09-30, 2018-12-18, 2020-10-06
In order to comply with the terms set forth in Data Use Agreements, Cornell Restricted Access Data Center (CRADC) must limit system and network access only to authorized users.
This policy covers all stages in the life‐cycle of user access, including authorizing access, granting initial access, updating access as user roles change, and removing users who no longer require access.
REASON FOR POLICY
CRADC recognizes that protecting information technology and data requires authorized users to act responsibly when using these resources. CRADC researchers, system administrators, and data custodians must strictly control access to information resources under their direction or ownership.
These guidelines address the establishment of procedures prior to account provisioning and the effective implementation of authorization of access, account provisioning, change in status, unsuccessful logon attempts, session lockout, account expiration, account re‐enabling, record keeping, and account de‐provisioning.
Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
If you have questions about specific issues regarding this Sharing, Transmission and Distribution of Restricted Data Policy, call the following offices: