IT Security ensures that an organization's material and software resources are used only for their intended purposes. At NDIT, security is a part of everything we do.
Security Goals
- Integrity: Guaranteeing that data is what it is believed to be
- Confidentiality: Ensuring that only authorized individuals have access to the resources being exchanged
- Availability: Guaranteeing the proper operation of information systems
- Non-repudiation: Guaranteeing that an operation cannot be denied
- Authentication: Ensuring that only authorized individuals have access to the resources
Security Best Practices
Security Awareness
Security Officers
Securing IT resources within ND state government requires collaboration among stakeholders. In accordance with the Incident Prevention/Response/Notification Standard, each customer of NDIT shall designate an agency contact. That person, known as the agency's Security Officer, becomes part of a proactive group that communicates and corrects security incidents and vulnerabilities.
The primary communication channels used is the Security Officer's ListServ. For confidentiality reasons, membership to the list is managed by NDIT. Customers may join the Security Officer's Listserv by sending an enrollment request along with their name, agency name, phone number, and email address to itdsecur@nd.gov.
Password Changes
NDIT uses a challenge-question process to verify the identity of anyone requesting a password change. Individuals are required to complete an Online Password Information Form or provide the Service Desk with a Password Change Information Form (SFN52378) before NDIT can reset their password.
References