About IT Policies

The IT Policy & Compliance team develops and maintains policies and guidelines for the NYU community regarding the University's computers, data, and cybersecurity best practices. It is your responsibility as an NYU community member to know and abide by IT and NYU policies, regardless of whether you have actually read them. It is therefore a good idea to familiarize yourself with the policies and other information on this page.

Below is a list of IT policies grouped by category. To see an alphabetical list of the Policies, click on "Policy" at the top of the table.

Category Policy
Access Policy on Accounts (NetIDs, Special-purpose NetIDs, Privileged Access Accounts) and Access (MFA, Passwords)
Access Policy on Requests to NYU Information Technology (NYU IT) to Support Investigations
Access University Access to Personal Digital Content
Cybersecurity Application Security Management Control Policy
Cybersecurity Data and System Security Policy
Cybersecurity Electronic Data and System Risk Classification Policy
Cybersecurity Policy on Security Vulnerability Management
Data Administrative Data Management Policy
Data Policy Concerning Collection, Access, Analysis, Retention, and Destruction of NYU Log Data
Data Policy on Personal Identification Numbers
Data Standard for Destruction and Disposal of Electronic Equipment and Data
IT Conduct
 A Note on Illegal Downloading
IT Conduct Code of Conduct: IT@NYU
IT Conduct Policy on Responsible Use of NYU Computers and Data
IT Operations IT Scheduled Maintenance Guidelines
IT Operations Program Change Management Control Policy
Legal/Regulatory Requirements: Breach IT Security Information Breach Notification Policy and Plan
Legal/Regulatory Requirements: GLBA Covered Data New York University GLBA Information Security Program
Legal/Regulatory Requirements: HIPAA Covered Data HIPAA Policies
Legal/Regulatory Requirements: HIPAA Covered Data Policy Against Information Blocking of Electronic Health Information
Legal/Regulatory Requirements: NYDFS Covered Data Policy on Compliance with Cybersecurity Requirements of NYS Department of Financial Services
NYU Network Management of NYU Network Infrastructure Resources Policy
NYU Network NYU IT NYU-NET Operational Principles
University Services Appropriate Use of Email at New York University
University Services Policy on Responsibilities of Subscribers or Clients of NYU Telephone Service
University Services Terms of Use for NYU Google Apps for Education
University Services Use of Call Recording and/or Call Monitoring for Customer Service Improvement
Web Policies NYU Website Accessibility Policy
Web Policies Policy for Registering and Managing Internet Domain Names Outside NYU.EDU
Web Policies World Wide Web Policies and Procedures

IT Support

Follow Us

Read the Note on Illegal Downloading
Stay Cyber Safe

Take NYU Cybersecurity Awareness Training to avoid hackers, social engineering, and scams.
Report a Computer Security Incident

Submit the Cyber Incident Response form. Include description and time of incident, if possible IP address, and log files too.

Request a Security Training

Contact the Global Office of Information Security, send an email to security@nyu.edu.