Skip to main content
IT Service Status
IT Service Status

Available Options for Regulated Research

Northwestern IT remains committed to enabling the University’s researchers to meet computing, data processing, analysis, and storage, and security compliance requirements when working with Controlled Unclassified Information (CUI) and other regulated or sensitive information.

In collaboration with Northwestern IT, external partners, and the broader research community, the University has developed a flexible and responsive set of secure capabilities that align with federal data protection requirements, including NIST SP 800-171 and related standards.

These scalable solutions are designed to support projects funded or regulated by federal agencies such as the National Institutes of Health (NIH), Department of Defense (DoD), Department of Energy (DOE), and others. They are appropriate for data classified up to and including CUI or other non-classified Level 3 data under Northwestern’s Data Classification Policy.  Classified data, whether defined by regulation, law, or contract, is not currently in scope.

Use of these services is contingent upon review and approval from the Office of Research, the Export Controls and International Compliance Office, and/or Institutional Review Board.

NOTE: These approaches avoid the disruption and burden of transforming Quest into a CUI-compliant environment, which would affect many existing research workflows.

Basic Computing

Secure Research Data Enclave – Google Cloud

This model is ideal for research workflows that do not need high-performance computing but still have moderate computational needs and require a secure, compliant computing environment. Users process and analyze their data by connecting to a cloud-based virtual machine (VM) from an endpoint managed by Northwestern with built-in security protections.

Services Provided by Northwestern IT

  • Compliant cloud-based environments, pre-defined workflows, and pre-installed software, libraries and packages. Environments are typically deployed within days to a week, depending on complexity (software requirements, number of users, environment setup)
  • Cost calculators to assist in budgeting for resource use
  • Endpoint support and management for secure, network-capable devices (e.g. laptops, desktops, servers) according to Northwestern’s Endpoint Security Standard (including threat protection, patching, and encryption)
  • Support for compliant data management practices, including secure data transfers, downloads, and policy compliance guidance
  • Confirmation and management of most IT-based CUI controls
  • Templates and procedures for PIs to document and demonstrate periodic auditing of PI- and team-owned controls
For more information on the features, eligibility requirements, cost, and how to request this service, see: Research Secure Data Enclave–Google Cloud.

High-Performance Computing

Research Secure Data Enclave for HPC – NU@Nightingale

For projects requiring large-scale computing power, research involving large datasets, simulations, AI/LLM development, and other compute-intensive workflows, secure high-performance computing (HPC) resources are available through Northwestern’s partnerships and investments. 

NU@Nightingale is a HIPAA and NIST SP 800-171 compliant HPC cluster hosted at the NSF-funded National Center for Supercomputing Applications (NCSA) at the University of Illinois Urbana-Champaign. Northwestern has negotiated discounted rates for use and retains the option to add Northwestern-owned hardware if needed for future projects.

NU@Nightingale is expected to be available in Winter 2026.

Services Provided by Northwestern IT

Consultation with Research Computing and Data Services (RCDS) to confirm whether Nightingale is a good fit for the project and to estimate costs associated with using this resource.

Services Provided by NCSA

  • Access to HIPAA and CUI compliant HPC computing, data storage, GPU-enabled, and AI-enabled resources, as well as standard HPC software packages
  • Support for compliant data management practices, including secure transfers, downloads, and policy compliance guidance
  • Confirmation and management of most IT-based CUI controls
  • Templates and procedures for PIs to document and demonstrate periodic auditing of PI- and team-owned controls

For more information on the features, eligibility requirements, cost, and how to request this service, see: Research Secure Data Enclave for HPC – NU@Nightingale.