Information Technology Standards

These standards establish requirements for the use of certain information technology resources. 

Cloud Services Security Standard

This standard describes the requirements for cloud services used for University business or data.

Data Center Network Access Standard

This standard defines the higher security standard administrators are held to when accessing the data center.

Domain Name Service/Dynamic Host Configuration Protocol (DNS/DHCP) Standards

The Purpose of these standards is to define the registration and subsequent maintenance of numeric IP addresses and network domain names owned by the University.

Highly Sensitive Information Handling Standard

This standard defines minimum required controls for highly sensitive University information in any form. Additional controls required under applicable laws, regulations, or standards governing specific forms of data (e.g., health information, credit cardholder data), may also apply.

IT Security for International Travel Standard

The standard defines the security standard Notre Dame faculty, staff and students should be following when traveling to international destinations with a laptop, mobile phone, or other mobile devices to conduct University business. 

NetID Standard

This standard defines the components of the NetID and password -- the primary authentication mechanism at the University to allow access to well defined services including, but not limited to, email, NetFile, the insideND portal, and the University's wired and wireless networks. 

OIT Privileged Access Credential Rotation Standard

This standard describes the University's requirements for acceptable privileged credential selection and rotation. Its purpose is to reduce overall risk to the institution be helping administrative account holders reasonably avoid security and privacy risks that result for weak credential maintenance and to encourage attention to credential secrecy.

Privileged Account Standard

This standard describes the University of Notre Dame's requirements for acceptable privileged credential configuration, use and maintenance. Because of their greater access to networks,, resources, and data than general user accounts, privileged accounts represent a greater risk to the University. 

Security Configuration Standards

These standards define security configuration requirements for all University network connected devices and systems to establish a secure computer environment. 

SSL Certificate Standard

This standard defines how SSL certificates are to be used to confirm identity, secure communications between devices, and ensure the integrity of transmissions for Information Technology (IT) services provided by the Office of Information Technologies (OIT) or other departments at the University of Notre Dame.

Strong Password Standard

This standard describes the University's requirements for acceptable password selection and maintenance. It applies to passwords used by systems that participate in the Notre Dame enterprise authentication employed in conjunction with the NetID to connect to Notre Dame network-based services.