Skip to Main Content

NYU IFA IT Policy




1. Device Allocation

The Institute of Fine Arts (IFA) provides one standard-configuration client computer—either a desktop or a laptop—to each full-time faculty member and each full-time administrative staff member.

Additional devices may be issued only under the following conditions:

  • The staff member’s duties require specialized software or hardware that cannot be supported effectively on a single device, as confirmed by the DMCS Manager, or

  • The IFA Director must explicitly authorize in writing a second computer for institutional use. In such cases, DMCS will support the second computer for up to 5 years, after which continued support will require renewed written approval from the IFA Director.

1.1 Standard Configurations

All institutionally issued devices must conform to the University IT Technology Standards for workstation and mobile configurations. Roles that require enhanced or highly specialized specifications—such as digital imaging, conservation work, or advanced data processing—may be eligible for upgraded equipment, pending review by the DMCS Manager. Standard configuration tiers as determined by NYU are as follows in the link below; the DMCS Manager retains the right to ascertain which tier is suitable for faculty and staff member needs on a case-by-case basis:

(Reference: Tech Standards)

1.2 Faculty-Purchased Devices Using Research Funds

Faculty may use external research funding or discretionary accounts to purchase additional computers.

These devices:

  • Must conform to University IT Tech Standards at the time of purchase.

  • Will be supported by DMCS and University IT for up to 5 years from date of purchase.

After 5 years, such devices will be deemed unsupported, and faculty will be responsible for replacing them with new equipment using research or personal funds. Unsupported computers must remain disconnected from NYU networks and the internet to maintain compliance with University IT security requirements and to reduce institutional risk.

(Reference: Tech Standards)

1.3 End-of-Life Policy for Research-Funded Devices

DMCS does not proactively replace or refresh computers that were purchased using individual faculty research funds. Once such devices are older than 5 years, they are considered unsupported due to operating system and security compliance policies mandated by University IT. Faculty may continue using these devices at their own discretion, but they will not be eligible for software updates, hardware servicing, or network access support through DMCS or University IT and so must remain offline after this period.

2. Device Lifecycle Management & Ownership

DMCS is responsible for maintaining an accurate inventory of IFA-assigned devices, including model, assignment history, and age. Devices will be replaced every 5 years, or earlier if warranted by significant performance issues or hardware failure, in accordance with lifecycle guidelines established by University IT. Devices that have exceeded their supported lifecycle (5+ years) will be subject to security restrictions and must be kept offline and off the NYU network to prevent exposure to system vulnerabilities or noncompliance with university data protection policies.

Pursuant to NYU Asset Management guidelines, “University policy states that ‘University owned items cannot be given or sold to employees regardless of condition.’” This applies to computers purchased with DMCS or research funds as the funding sources lies with NYU, such computers or related devices are the property of NYU and should not be gifted to faculty or staff upon departure from the University or any other reason.

3. Repair and Maintenance

DMCS will attempt in-house repairs for supported devices when feasible, depending on the nature of the issue and available expertise. If a device cannot be repaired in-house but is determined to be repairable for less than 50% of the cost of a comparable replacement, DMCS will proceed with repair through the manufacturer or an appropriate external vendor. If a device is not cost-effective to repair or is deemed unrepairable, DMCS will coordinate its replacement according to lifecycle and procurement guidelines.

Printers and Additional Equipment Printers are centrally managed by NYU's contracted vendor, TGI, and are not individually assigned to faculty or staff. All IFA printing must occur through Pharos, NYU’s cloud-based print management system. This system enables:

  • Secure, authenticated printing from university devices and personal computers.

  • Pickup from any networked NYU printer, including IFA-designated multi-function devices.

Requests for changes to printer locations, new print installations, or specialized print needs must be submitted to DMCS, who will coordinate with University IT and TGI as appropriate. Individual desktop printers are not supported unless an approved accessibility or operational accommodation is in place.

4. Loaner Devices and Shared Equipment

DMCS maintains a small pool of loaner devices available to visiting scholars, adjunct faculty, and temporary staff. Shared-use workstations—such as those in the Library or conservation imaging rooms—are supported by DMCS but are not individually assigned.

5. Data Management

NYU and DMCS provide general and overarching support for technical data storage needs and organizational best practices. It is each employee’s responsibility to adhere to NYU’s Policy on Responsible Use of NYU Computers and Data as outlined at the link below:

(Reference: Responsible use of NYU Computers and Data Policy

5.1 Data Backups

Faculty and staff are responsible for regularly backing up their own institutionally-relevant data using NYU-approved cloud services. This includes work documents, academic records, media assets, and research materials that reside on assigned NYU devices. DMCS does not automatically back up individual user files, and data recovery is not guaranteed if local files are lost due to hardware failure or user error. DMCS will provide guidance and training as needed, but the ultimate responsibility for preserving institutional data lies with the user.

Approved NYU Backup Services

  • Google Drive (NYU Drive) – Default cloud storage for most work files. Accessible via browser and NYU Home. Continue to section 5.3 for more information.

  • NYU Box – Suitable for files requiring higher levels of security. Offers version history and granular permissions. Continue to section 5.3 for more information.

Best Practices

  • Keep actively-used files updated NYU Drive or Box and/or consider using Google Workspace “apps” where are natively cloud-tethered for document authoring, i.e. Google Docs, Sheets etc.

  • Avoid storing sole copies of critical data on local hard drives (e.g., your Desktop or Downloads folder).

  • Set calendar reminders to periodically review and back up project or research-specific materials.

Data Recovery and Device Failures

  • In the event of device failure, DMCS will attempt recovery of local data, but success depends on the health of the drive and whether cloud backup tools were in use.

  • Devices older than five years or not managed under current DMCS compliance policies are not eligible for full support or network reconnection, and any data stored on them should be considered at risk.

5.2 Data Handling

DMCS can provide IFA-specific clarification for local adherence to NYU policy for Data Handling Practices for NYU Instructors and Employees (see link below). All IFA staff and faculty are responsible for adhering to these policies, especially where FERPA-regulated and other sensitive information is concerned. Please reach out to ifa.it@nyu.edu to schedule an appointment to discuss any concerns you may have regarding personal or departmental alignment with University data handling.

(Reference: Data Handling Practices )

5.3 Data Organization

Institutional data organization is key to the smooth running of the administrative functions of the IFA and the appropriate retention of institutional data is crucial for the long-term needs of the school. In keeping with this, it is imperative that professionally-important information not be kept solely on “personal” NYU-assigned Box or My Drive accounts and instead should be stored on Shared data storage platforms. Keeping files stored on approved Shared platforms is essential for maintaining IFA workflows for various departments should employees leave the organization for any reason. To ensure proper data organization please abide by the following:

  • Keep documents pertaining to your Department within specified departmental Shared Drives or Shared Box accounts. If you are unsure which files belong in a Shared location or how to find it, please alert your Department Head. For any access issues with a Shared storage platform or relevant questions, please contact ifa.it@nyu.edu

  • Documents relating to all IFA Staff should be stored in and shared through the IFA Shared Drive, which is the primary resource for overall IFA policies, procedures and broad institutional information, among other things. For any access issues with the IFA Shared Drive or relevant questions, please contact ifa.it@nyu.edu

5.4 File Naming Best Practices

Consistent and clear file naming is essential for data longevity, searchability, and collaboration—especially in a shared academic environment like the IFA. While NYU does not mandate a specific naming scheme, the following best practices are recommended for all institutional files, especially those stored on shared drives, Google Drive, or NYU Box:

Recommended Conventions

  • Use lowercase letters, numbers, and dashes or underscores (avoid spaces or special characters): ifa_grantreport_07-01-2025.pdf

  • Start with the most general, end with the most specific: projectname_discipline_term_version or lastname_topic_mmddyyyy

  • Avoid vague or duplicate names like document.docx or notes.pdf

  • Use versioning if collaborating or iterating: proposal_v1.docx, proposal_v2_final.docx, proposal_v2_final_JRcomments.docx

Avoid the Following

  • Spaces in filenames (use _ or - instead)

  • Special characters like * : ? \" < > | \\ /

  • Overly long filenames (keep under 100 characters)

  • Redundant use of terms like “finalfinalFINAL”

For Shared Folders

  • Consider creating a brief readme.txt in shared folders to explain the structure and naming conventions to collaborators.

  • When uploading to Box, Google Drive, or NYU storage systems, do not rename shared files arbitrarily, as this can disrupt version control and user navigation.

5.5 Software Requests and Approvals Faculty and staff may request specialized academic software by submitting a ticket to the DMCS Help Desk (ifa.it@nyu.edu). All requests will be reviewed by DMCS, approval may take 2–3 weeks depending on software type, license constraints, and funding availability.

6. Cybersecurity and Compliance

To maintain compliance and protect institutional data, DMCS will periodically apply mandatory security updates to all IFA-managed computers. These updates may:

  • Require manual, in-person installation coordinated with the user in advance, including scheduled downtime for the affected workstation, or

  • Be deployed remotely by DMCS via automated updates that may trigger scheduled shutdowns or reboots, with appropriate notice provided in advance to affected users.

Users must not disable or interfere with the security update processes, endpoint protection tools, or managed configurations maintained by DMCS and University IT.

Devices that fall out of compliance with university security standards—including unsupported operating systems or disabled antivirus software—may be removed from the NYU network until remediated. Devices required to remain offline due to end-of-life or non-compliance must be physically disconnected; failure to comply may result in restricted DMCS support.

7. Remote Access, VPN, and BYOD Guidelines

Users accessing institutional resources from off-site must use NYU VPN services. Home networks must employ WPA2 or higher encryption, avoid shared or public configurations, and keep routers updated with current firmware. For more information about NYU VPN see the resource linked below and/or contact DMCS directly for a tutorial.

(Reference: VPN )

Personally owned devices (BYOD) may be used to access institutional resources only through secure, approved methods such as Google Workspace and NYU VPN. Sensitive data must not be stored on personal devices unless encryption and DMCS approval are in place.

8. Incident Reporting and Monitoring

Security breaches, suspected malware, or loss of devices must be reported to DMCS and NYU IT Security within 24 hours. Reports may be submitted through the IFA Help Desk or via email to ifa.it@nyu.edu. Occasionally, NYU experiences University-wide outages for certain software, services and/or network connectivity. University IT maintains a service status webpage that can be accessed for up-to-the-hour information on any service interruptions; more information is available at the link below:

(Reference: Service Status )

9. Device Request Approvals

Device or accessory requests must be submitted via the Help Desk. Standard review time is 1–2 weeks, with fulfillment typically requiring an additional 2–4 weeks depending on availability and configuration needs.

10. Help Desk and Support

Support requests should be submitted via the Help Desk portal or by email to ifa.it@nyu.edu. Response expectations are:

  • Critical issues (e.g., outage, data loss): same business day

  • Standard issues: 1–2 business days

  • Specialized software/hardware: 3–10 business days

Graduated Enforcement Policy violations will be addressed in the following manner:

  • First instance: written warning and remediation

  • Second instance: restricted access until compliance is restored

  • Third instance: referral to the IFA Director and HR for further review

11. Review Process

This policy is reviewed annually to ensure alignment with university-wide standards and evolving technology requirements. Feedback and suggestions may be directed to DMCS or submitted in writing to ifa.it@nyu.edu.

12. Policy Exceptions Any exceptions to this policy (e.g., nonstandard hardware, non-NYU-managed equipment) must:

  • Receive written approval from the IFA Director, and

  • Be reviewed and cleared by University IT to ensure compliance with institutional security and procurement standards.

FAQ

  • Is there guest WiFi available at the IFA? Yes, any NYU student, staff or faculty can easily request WiFi access for a guest. Guest WiFi access is granted individually per-person and there is no standardized blanket guest WiFi password, rather a member of the NYU community “sponsors” a guest who is then emailed a temporary unique username and password. More information at the link below:

(Reference: Wifi )

  • Can I use my personal laptop for NYU work? Yes, for basic non-sensitive tasks. Use of VPN and cloud-based tools is required.

  • What happens to my data if my computer fails? Use NYU cloud storage for backups. DMCS will assist recovery but cannot guarantee results.

  • Who approves software requests? DMCS and Academic Affairs jointly review academic software requests. Submit via Help Desk.

  • How long does it take to get a new device? Typically 1-4 weeks total from request to setup.

  • Can I travel internationally with my NYU laptop? Yes, but notify DMCS in advance and use VPN when accessing NYU resources.