The purpose of Duke’s endpoint security program is to secure laptops and desktops purchased by Duke and used by faculty and staff. The applications used to support this efforts may only be used to: (a) report on missing software updates; or (b) apply missing software updates if the machine is fully managed by departmental or central IT staff. It will also be used to report and automatically address security issues on the machine such as the presence of viruses or malware.
Any IT administrators with access to the endpoint security tools, including the IT Security Office, are required to adhere to the Duke Acceptable Use Policy, particularly those statements regarding the expectation of privacy for the Duke community:
Duke cherishes freedom of expression, the diversity of values and perspectives inherent in an academic institution, the right to acknowledgment, and the value of privacy for all members of the Duke community. At the same time, Duke may be required by law to access and disclose information from computer and network users' accounts or may find it necessary do so in order to protect Duke's legal interests, uphold contractual obligations, or comply with other applicable Duke policies. Duke may also be required to access information to diagnose and correct technical problems.
IT administrators may not use their access to look at content on the systems they maintain, except for the conditions outlined above. Any additional access must be approved by the President or Executive Vice President of Duke University. Use of the security management tools is audited for this reason. Any concerns regarding inappropriate access should be directed to the school’s IT Director or campus IT Security Office.
In addition the departmental IT groups, IT administrators for the endpoint security software, and IT Security Office are bound by confidentialty agreements to keep any system information reported by the tools private. A copy of the confidentiality agreement may be found on Duke's HR website: https://hr.duke.edu/forms/confidentiality-agreement.
Document Type: Procedure