1. Home
  2. Services
  3. Professional Services
  4. IT Security

IT Security

IT Security ensures that an organization's material and software resources are used only for their intended purposes. At ITD, security is a part of everything we do.

Security Goals

  1. Integrity: Guaranteeing that data is what it is believed to be
  2. Confidentiality: Ensuring that only authorized individuals have access to the resources being exchanged
  3. Availability: Guaranteeing the proper operation of information systems
  4. Non-repudiation: Guaranteeing that an operation cannot be denied
  5. Authentication: Ensuring that only authorized individuals have access to the resources

Security Best Practices

Security Awareness

Security Officers

Securing IT resources within ND state government requires collaboration among stakeholders. In accordance with the Incident Prevention/Response/Notification Standard, each customer of ITD shall designate an agency contact. That person, known as the agency's Security Officer, becomes part of a proactive group that communicates and corrects security incidents and vulnerabilities.

The primary communication channels used is the Security Officer's ListServ. For confidentiality reasons, membership to the list is managed by ITD. Customers may join the Security Officer's Listserv by sending an enrollment request along with their name, agency name, phone number, and email address to itdsecur@nd.gov.

Password Changes

ITD uses a challenge-question process to verify the identity of anyone requesting a password change. Individuals are required to complete an Online Password Information Form or provide the Service Desk with a Password Change Information Form (SFN52378) before ITD can reset their password.

References

Associated Rates

Title Current Rate Current One Time Fee
Technology Fee

Network access charge is assessed for each state FTE for statewide area network access and other network services.

 66.25/FTE

Related Standards and Guidelines

Access Control Standard

Login and password policy and procedures.

Active Directory Standard

Policies and responsibilities for the installation and coordination of Active Directory in the state of North Dakota

Anti-Malware Standard

Policies and responsibilities for the use of Anti-Virus and Anti-Malware tools

Auditing Standard

Ensures basic auditing requirements are in place

E-Services Security Standard

Ensures that customer information resulting from online activities or electronic commerce is secured.

Employee Security Awareness Standard

Ensures employees are informed of current security best practices recommended for technologies being utilized by the state.

Encryption Standard

Ensures that sensitive information is encrypted.

Incident Prevention, Response, and Notification Standard

Ensures that any vulnerabilities or incidents are communicated to the necessary individuals.

Mobile Device Access Control Standard

Establishes security procedures for access to mobile devices.

Physical Access Standard

Establishes physical security policies to minimize the risk of unauthorized access to the state government network.

Public Workstation Access Standard

Establishes a public workstation security policy to minimize the risk of unauthorized access to the state government network.

Remote User Access Standard

Establishes policies to provide remote access capability without compromising the network.

News

National Cyber Security Awareness Month 2017Posted: Sep 27, 2017News

Celebrated every October, National Cyber Security Awareness Month (NCSAM) – #CyberAware – was created as a collaborative effort between government and industry to ensure that all Americans have the information they need to stay safer and more secure online.

2016 Cyber Security ConferencePosted: Jan 23, 2016News

The North Dakota Cyber Security Conference brings together community members from academia, government and industry to share strategies, best practices and innovative solutions to address today’s challenges in cyber security.

National Cyber Security Awareness Month 2015Posted: Oct 1, 2015News

National Cyber Security Awareness Month (NCSAM) – celebrated every October - was created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online.

Microsoft Ending Support for Older Versions of IEPosted: Sep 29, 2015News

As of January 12,2016, Internet Explorer 11 will be the only supported version of Internet Explorer on Windows 7, Windows 8.1 and Windows 10.

State Cybersecurity Task Force CreatedPosted: Sep 28, 2015News

On September 28th, Governor Jack Dalrymple announced he is forming a Cybersecurity Task Force to help address the rapidly evolving and expanding cyber threats facing the nation and the potential impact on North Dakota’s state government.

Events

North Dakota Cyber Security ConferenceEvent occurs on: Thursday, March 14, 2019 - 7:30amEvent

The North Dakota Cyber Security Conference brings together community members from academia, government and industry to share strategies, best practices and innovative solutions to address today - registration is now open!

ManTech Security Audit DebriefingEvent occurs on: Thursday, October 13, 2016 - 2:00pmEvent

Every two years, the North Dakota Legislature authorizes the State Auditor’s Office to coordinate a security assessment of the state’s IT infrastructure. Join the ManTech Security Audit Debriefing as they present the results, offer advice, and answer questions regarding IT security best practices.