Information Technology Standards

These standards establish requirements for the use of certain information technology resources.

Domain Name Service/Dynamic Host Configuration Protocol (DNS/DHCP) Standards

The purpose of these standards is to define the registration and subsequent maintenance of numeric IP addresses and network domain names owned by the University.

Highly Sensitive Information Handling Standard

This standard defines minimum required controls for highly sensitive University information in any form. Additional controls required under applicable laws, regulations, or standards governing specific forms of data (e.g., health information credit cardholder data), may also apply.

NetID Standard

This standard defines the components of the NetID and password--the primary authentication mechanism at the University to allow access to well defined services including, but not limited to, email, NetFile, the insideND portal and the University's wired and wireless networks.

Security Configuration Standards

These standards define security configuration requirements for all University network connected devices and systems to establish a secure computer environment.

Strong Password Standard

This standard describes the University's requirements for acceptable password selection and maintenance. It applies to passwords used by systems that participate in Notre Dame enterprise authentication employed in conjunction with a NetID to connect to Notre Dame network-based services.

Cloud Services Security Standard

This standard describes the requirements for cloud services used for University business or data.

SSL Certificate Standard

This standard defines how SSL certificates are to be used to confirm identity, secure communications between devices, and ensure the integrity of transmissions for Information Technology (IT) services provided by the Office of Information Technologies (OIT) or other departments at the University of Notre Dame.

OIT Privileged Access Credential Rotation Standard

This Standard describes the University's requirements for acceptable privileged credential selection and rotation. Its purpose is to reduce overall risk to the institution by helping administrative account holders reasonably avoid security and privacy risks that result from weak credential maintenance and to encourage attention to credential secrecy.