Skip to main content
NC State Home
Cybersecurity at NC State

Cybersecurity Baseline

The Office of Information Technology (OIT), with input from many campus stakeholders, has developed the Cybersecurity Baseline. This forthcoming rule sets campuswide baseline controls that must be met to protect university data and IT resources. The controls cover 14 areas, including access control, configuration management, cybersecurity awareness and network security.

The rule also pushes NC State one step closer to meeting the NIST 800-171 framework as well as research obligations, such as CMMC Level 1 and the FAR Basic Safeguarding clause.

Timeline

The rule is being finalized and will be issued soon.

What You Need to Know

  • The Cybersecurity Baseline applies to all students, faculty, staff, and any other individuals with access to university IT resources and any technology, including personal devices, used to access IT resources.
  • This is a minimum baseline. Additional cybersecurity or compliance requirements may need to be met depending on individual situations.
  • Exception requests require approval and must be submitted through the IT Exception Request Form.

IT Staff

You should review the baseline and supplemental guidance, identify and amend any technical gaps in your area, and communicate changes and expectations with your leadership and affected community.

Students

You should understand basic cyber hygiene, such as password and security update best practices, as well as how to physically protect devices and report potential cybersecurity incidents.

Faculty, Staff and Others

You share the same responsibilities as students, with additions like understanding data lifecycles and access control and completing data security training. Opting for university-owned and managed devices over personal ones can help you comply with the rule.

Next Steps

  • This page will be updated once the rule has been issued. Links to the rule and supplemental guidance will be added at that time. Stay tuned for more information.
  • IT Community Event Session: March 2, Talley Student Union
  • Have concerns about meeting these requirements? Let us know so we can help you prepare.
    • IT staff should contact OIT Security and Compliance via the NC State IT Service Portal or call 919.515.HELP (4357).
    • Students, faculty, staff and others should contact their local IT. If you aren’t sure who to contact, reach out to the Help Desk. 

Resources