This is a drafted timeline that is subject to change. Campus CIO's will work with their communities to develop a timeline for each campus.
December 31, 2022
- All new university-owned endpoints are enrolled in management where made available by NU ITS
January 3, 2023
- Auto (UNL) email account provisioning for existing employees
- Auto (UNL) email account provisioning for new employees
- Email forwarding no longer permitted
- Begin inventory of systems/services
- Security Awareness Training requirements for new employees implemented (All new employees have 30 days from hire/start date to complete)
March 1, 2023
- All university-owned endpoints are enrolled in management where made available by NU ITS. Essential Security services will be applied to all managed endpoints (Cortex XDR, Vulnerability and Patch Management).
August 1, 2023
- University faculty and staff must use university email accounts for university business
- Enforce security requirements on Medium-Risk Network (Level 3) and VPN. BYOD will require OnGuard to access Medium-Risk (Level 3) University systems while on campus. This includes using a modern and patched OS, Cortex XDR, disk encryption, and a firewall.
- Security awareness training requirements for current employees
- Removal of shared accounts for accessing university Information Systems
- Enforce security requirements for university endpoints on Low-Risk Network (Level 2). Will require individual accounts to authenticate university endpoints to Low-Risk Network (Level 2).
March 1, 2024
- Inventory duplicate systems and services
- All university-owned endpoints will comply with Baseline Endpoint configuration controls. Will be enforced on university networks.
July 1, 2025
- Duplicate systems and services are deprovisioned
- University information systems shall be used for university business and university data and records shall not be stored outside of university information systems